Table of Contents

Admin Tools

Friendica Tools

In Friendicas bin/ directory is a build in command called console, that provides the following commands:

addon Addon management

cache                  Manage node cache
config                 Edit site config
contact                Contact management
createdoxygen          Generate Doxygen headers
dbstructure            Do database updates
docbloxerrorchecker    Check the file tree for DocBlox errors
extract                Generate translation string file for the Friendica project (deprecated)
globalcommunityblock   Block remote profile from interacting with this node
globalcommunitysilence Silence a profile from the global community page
archivecontact         Archive a contact when you know that it isn't existing anymore
help                   Show help about a command, e.g (bin/console help config)
autoinstall            Starts automatic installation of friendica based on values from htconfig.php
lock                   Edit site locks
maintenance            Set maintenance mode for this node
movetoavatarcache      Move cached avatars to the file based avatar cache
mergecontacts          Merge duplicated contact entries
user                   User management
php2po                 Generate a messages.po file from a strings.php file
po2php                 Generate a strings.php file from a messages.po file
typo                   Checks for parse errors in Friendica files
postupdate             Execute pending post update scripts (can last days)
relocate               Update node base URL
serverblock            Manage blocked servers
storage                Manage storage backend
relay                  Manage ActivityPub relay servers

Please consult bin/console help on the command line interface of your server for details about the commands.

3rd Party Tools

In addition to the tools Friendica includes, some 3rd party tools can make your admin days easier.

Fail2ban

Fail2ban is an intrusion prevention framework ([see Wikipedia](https://en.wikipedia.org/wiki/Fail2ban)) that you can use to forbid access to a server under certain conditions, e.g. 3 failed attempts to log in, for a certain amount of time.

The following configuration was provided by Steffen K9 using Debian. You need to adjust the logpath in the jail.local file and the bantime (value is in seconds).

In /etc/fail2ban/jail.local create a section for Friendica:

[friendica]
enabled = true
findtime = 300
bantime  = 900
filter = friendica
port = http,https
logpath = /var/log/friend.log
logencoding = utf-8

And create a filter definition in /etc/fail2ban/filter.d/friendica.conf:

[Definition]
failregex = ^.*authenticate\: failed login attempt.*\"ip\"\:\"<HOST>\".*$
ignoreregex =

Additionally you have to define the number of failed logins before the ban should be activated. This is done either in the global configuration or for each jail separately. You should inform your users about the number of failed login attempts you grant them. Otherwise you'll get many reports about the server not functioning if the number is too low.

Log rotation

If you have activated the logs in Friendica, be aware that they can grow to a significant size. To keep them in control you should add them to the automatic log rotation, e.g. using the logrotate command.

In /etc/logrotate.d/ add a file called friendica that contains the configuration. The following will compress /var/log/friendica (assuming this is the location of the log file) on a daily basis and keep 2 days of back-log.

/var/log/friendica.log {
	compress
	daily
	rotate 2
}

Cleanup Script

Ingo has written a Friendica cleanup script admins can use to clean up dormant accounts.

Brew Server Blocklist

Friendica publishes the server wide blocklists for other servers in the Fediverse. This script will collect the blocklists of servers of your choice and create a merged blocklist from them that you can then import into your own Friendica server.

https://git.friendi.ca/tobias/brewserverblocklist