Oddbean new post about | logout
 My experience was different. I tried the installation on Ubuntu (accepting all default value) and it was up and running without issues. I didn't test fully and just wanted to get to the first screen.

On @Ditto I created an account and then when I finally got around to follow account, I couldn't. No error message or anything. I reached out to developr and was told to go to another client and follow accounts then come back which I thought was very strange but will try that next. 
 Thanks for sharing your experience. Nostr clients offer different features and are on different development levels. It will be interesting to see how communities grow over time. 
 Hey @elidy I've been on vacation this past week, back at work now. I'll be responding to your questions in a couple of follow-up notes. Sorry for the delay! 
 > if changing the access port for the server makes it more secure, could the database port be customized too? would it improve security or could it block some connections?

Well, changing the port does improve security, but only marginally in my opinion. It's better to do the other things you did, like disabling root and password login (in the case of ssh) or setting up a firewall.

> Since the program, the user, and the database are all named ditto, I had a hard time distinguishing them to learn more about the commands in this process.

Yeah, it does get super confusing. I like to call the db `postgres` (if it's a server only being used for one thing) or `dittodb` to help a tiny bit.

Moving on to your notes on `deno task setup`:

> Is the 4036 an independent port, like the database port, or should it be the custom port used to access the server?

The 4036 is the default port Ditto listens on. You can configure it by setting the PORT environment variable in the .env file.

> Should the IP be left as is, or exchanged for the server's IP?

It shouldn't be an IP at all -- it should be the _external_-facing address from which you want to access your instance. For example, if you were hosting it on ditto.freedomweaver.tech then you should enter `https://ditto.freedomweaver.tech`. The port number should be left out unless you are listening on some nonstandard port.

> I left it as localhost, but since it is a VPS I don't know if I need to try * or something else , nor where to modify it after leaving it as is.

This is fine.

>  If I enter a real password here, it shows in plain text, so I don't know if that's what it's requesting. I am guessing it is the name of the user that we need to enter (ditto). Is it? 

That was an oversight in our setup code, thanks for pointing it out! It'll be fixed in the next release of Ditto.

> I'm guessing there should only be one database listed above, and that ditto should point to it in a database config file somewhere. 

It doesn't matter if there are multiple, Ditto only uses the one you enter when it asks you "Postgres database [ditto]:" during setup.

> I entered the existing ditto user password, should it have been a password for a second ditto user?

`createuser` handles _Postgres_ user creation -- different from the `UNIX` user ditto you created earlier. You can use the same or different passwords, it does not matter. Just be sure to use this same password when Ditto asks you for the postgres password in `deno task setup`.

> Unsure on this one, as the docs point out to use a previously entered password, so it could be the one for the second ditto user, or maybe it is to fill in the database password where I just left the word ditto previously. Or perhaps the second ditto user and the database password are the same. I added what I'd like the database password to be. 

The `ALTER USER WITH PASSWORD` statement updates the password the db will accept when you try to connect as the ditto user. If you make this change you have to update the DATABASE_URL string in your ditto .env file.

>  chose to redirect all traffic to https, not sure if all traffic to ditto arrives so

This is the correct thing to do.

Hope this clears up your doubts! 
 Feeling very grateful for all the answers. Thank you for your time. I will test soon. Hope you had a good vacation. 
 https://gitlab.com/soapbox-pub/ditto/-/merge_requests/492
password issue fixed, btw, thanks again 
 Excellent. Thank you. 
 As for the final error you are getting where Ditto is refusing to start, the error message seems to be truncated to the right. Could you pipe the result of `systemctl status ditto.service` on your VPS into `curl -i -F 'file=@-' https://0x0.st` and paste the link here?

The final command you would run is:

```
sudo systemctl status ditto.service | curl -i -F 'file=@-' https://0x0.st
```
It should spit out a link in response. 
 I’ve jotted down some notes and linked to the file you’ve requested here.

https://freedomweaver.tech/diy/nostr/ditto/index.html#3-getting-online

Thanks so much for your help. 
 Hi! 502 Bad Gateway is actually a good sign regarding your nginx conf, your original nginx conf with 127.0.0.1:4036 looks correct to me. It seems that the ditto process is unable to start - could you cd to /opt/ditto and then run ditto there directly with `deno task start` and let me know what happens? 

Also, if you wouldn't mind we can get on a Jitsi Meet or something at some point to figure this out, it would be much faster. Please let me know your availability (you can email me at me@shantaram.xyz) if that is acceptable. 
 Thank you. I’ll reach out to you soon.