Skip to content

Releases: MbinOrg/mbin

v1.9.0

14 Dec 15:58
@melroy89 melroy89
v1.9.0
4fb5fb7
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.9.0 Latest
Latest

This is our v1.9.0 stable release of Mbin. This release includes security patches of upstream dependencies, documentation improvements, various performance improvements, new features, bug fixes, design improvements, Docker improvements and so much more...

Comparison to previous stable version v1.8.4 (ignoring the previous RC releases):

DB migrations New ENV vars Renamed ENV vars Admin guide changes Suggest cache clearing New dependencies
☑️ ☑️ ☑️ ☑️ ☑️ ☑️

We have 3 different summaries below. One for end-users, one for server admins, and finally a summary for Mbin developers.

Below the summaries you will find the upgrade instructions. Please read the instructions very carefully, since we did introduce backwards incomparable changes.

Summary for Users

This release contains numerous improvements and changes that we can't list everything here, so we'll stick to the highlights (in random order).

We enhanced security so that after a user changes their password or 2FA, all the current sessions of that user will be invalid and the user will need to log in again.

A new combined front page. You could make the combined front page the default in your profile settings. Which means you see both threads and microblogs combined on the homepage.

We also introduced a new feature under general settings, where you can select "Who can send you a direct message" (defaults to everybody).

We added support for magazine banners in Mbin (which is also compatible with Lemmy Communities).

Mbin combines the thread form into just one form (instead of having article, link, and photo having a separate form). Mbin now also federates bans correctly (both incoming and outgoing bans).

Global mods can now manage (view, approve and/or deny) account signups. Global mods can now also receive signup notifications, which will also come with a new menu item in the drop-down menu.

Plus various other bug fixes and CSS layout improvements, ban notification fixes, and too many other fixes to mention here.

Summary for Server Admins

Multiple Docker setup enhancements, we upgraded to Debian Trixie images. We also upgraded to use Node v24 (current LTS release) within our Mbin Docker images. Plus we added a new amqproxy service to the docker compose file. See upgrade instructions for Docker below for more info.

We now added two different server settings:

  • Restrict "Random Threads/Posts" sidebar sections to local only
  • Restrict "Active people" sidebar section to local only

The first option has been known to cause SQL performance issues (we recommended NOT enabling this first option), hence we gave you the two options. The second option shows local only active users, which does NOT impact performance (so feel free to enable that option if you wish).

Mbin now comes with new moderation log filter capabilities.

We also documented Anubis setup for Mbin, setup is optional. However, Anubis could protect your server from DDoS attacks or other unwanted traffic towards your server.

Mbin now also has a command to rotate the private keys for one user or all the local users.

We renamed an existing environment variable: MAX_IMAGE_BYTES to: MBIN_MAX_IMAGE_BYTES, please rename the variable if you have set it. On top of that we also added a new environment variable: MBIN_USE_FEDERATION_ALLOW_LIST (default value: false) for in the .env file. We also added MBIN_NEW_USERS_NEED_APPROVAL (also default value: false) several months ago, in case you didn't added that variable yet. Although both variables are optional to add. See the latest .env.example file.

Finally, we upgraded several Composer dependency packages plus Symfony recipe updates as well as NPM package updates. So like always be sure to run: ./bin/post-upgrade to install all the updated Composer packages (on bare metal). Which should fix security vulnerabilities in our composer & npm depedency packages. And clear all caches.

Summary for developers

We extended and improved the getting started guide, documenting how to leverage dev containers to get started. Please follow the full "Docker as a dev server" guide if you wish to help with development.

We also created a new Fediverse developer page that lists all our ActivityPub messages.

Upgrade Instructions

For Docker

Changes to Docker compose.yaml file (ATTENTION!)

Take a look at the latest compose.yaml file and compare it with your local version:

  1. We added a new amqproxy service, do not forget to add depends_on amqproxy. AMQProxy will improve performance and reduce TCP overhead of the AMQ protocol, used by RabbitMQ.
  2. After that, you will need to update your .env file to use the host amqproxy:5673 (instead of rabbitmq:5672) in your MESSENGER_TRANSPORT_DSN variable.
  3. We upgraded the Debian version used in the Docker images from bookworm to trixie.
  4. We renamed MAX_IMAGE_BYTES to MBIN_MAX_IMAGE_BYTES in the .env file. Please change this variable in case you are using it.

Docker Instructions

  1. Get the official image or check out the code and build it locally
  2. Stop all containers docker compose down
  3. Start all containers docker compose up -d
  4. Since the Debian version of the PostgreSQL Docker image was upgraded, you will need to run the commands below to get rid of the "collation version mismatch" warning. Note that re-indexing your entire database could take a very long time, depending on the size of your database.
docker compose exec -it postgres psql mbin mbin -c 'REINDEX DATABASE mbin;'
docker compose exec -it postgres psql mbin mbin -c 'ALTER DATABASE mbin REFRESH COLLATION VERSION;'

For Bare Metal

Admin guide changes (ATTENTION!)

  1. For Bare Metal admins, we advise you to look into the RabbitMQ APT sources, since the RabbitMQ team changed their APT repositories recently. Be sure to update your rabbitmq.list file accordingly.
    If you applied the latest change by running the commands mentioned in the guide, be sure to run the APT update command as well as the APT install/upgrade command for the rabbitmq-server package.
    In case of an upgrade, you will need to enable all feature flags after the rabbitmq-server upgrade by executing the following command: sudo rabbitmqctl enable_feature_flag all.
  2. We now documented AMQProxy (in case you are not yet using AMQProxy). We strongly advise to install & run AMQProxy (follow this guide) after that you will also need to update the .env file by changing the MESSENGER_TRANSPORT_DSN.
    You will need to update the default RabbitMQ port (5672) to the AMQProxy port of 5673 (keep the rest of the MESSENGER_TRANSPORT_DSN the same, only change the port number).
    In case you have AMQProxy configured and made your changes to the .env file, always remember to run: ./bin/post-upgrade command (which will also execute composer dump-env prod for you).
  3. The set_permission command was not correctly documented, please run the following command: sudo rabbitmqctl set_permissions -p / mbin ".*" ".*" ".*" (change mbin to kbin user in case you your rabbitmq user is called kbin).
    Then monitor your messenger logs and if you still experience "channel error: 404" or "message: NOT_FOUND" errors on one or more queues (you will see errors messages if that is the case every ~10 minutes), we recommend removing that queue manually (eg. via the RabbitMQ Web interface). Mbin will then automatically recreate the missing queue with the correct permissions again.
  4. We also changed some php.ini configurations, by mainly increasing the memory_limit to 512MB. If you have sufficient RAM available, you can decide to increase the memory limit if you wish (this limit is per child). Again, this is optional but can be part of better fine-tuning of your server, which heavily depends on your server resources.
  5. We also updated the Setup Supervisor section of the documentation. You can save storage and reduce disk I/O by adding stdout_logfile=NONE and redirect_stderr=true to your supervisor messenger-worker.conf file. Because most of the messages will be logged to the Mbin production log as well.
  6. Finally, we renamed MAX_IMAGE_BYTES to MBIN_MAX_IMAGE_BYTES in the .env configuration. Please rename the variable as well in case you use it.

Bare metal Instructions

  1. Login as the mbin/kbin user: su mbin
  2. Go to your repo cd /var/www/mbin
  3. Get the new release: git fetch && git checkout v1.9.0
  4. Run the update script: bash bin/post-upgrade.
  5. Run exit so we are back at the root user (or put a sudo in front of every command)
  6. Clear your opcache by reloading php fpm systemctl restart php8.4-fpm (or for PHP 8.3: systemctl restart php8.3-fpm)
  7. Restart the messengers: `supervisorctl restar...
Read more

Contributors

melroy89, weblate, and 4 other contributors
Assets 2
Loading

v1.9.0 Release Candidate 3

07 Dec 22:34
@melroy89 melroy89
v1.9.0-rc3
769ce19
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.9.0 Release Candidate 3 Pre-release
Pre-release

This is our v1.9.0 Release Candidate 3 (also known as a pre-release) of Mbin. This release includes security patches of upstream dependencies, documentation improvements, various performance improvements, new features, bug fixes, design improvements, Docker improvements and so much more...

Comparison to previous stable version v1.8.4 (ignoring the previous RC1 and RC2 releases):

DB migrations New ENV vars Renamed ENV vars Admin guide changes Suggest cache clearing New dependencies
☑️ ☑️ ☑️ ☑️ ☑️ ☑️

We have 3 different summaries below. One for end-users, one for server admins, and finally a summary for Mbin developers.

Below the summaries you will find the upgrade instructions. Please read the instructions very carefully, since we did introduce backwards incomparable changes.

Summary for Users

This release contains numerous improvements and changes that we can't list everything here, so we'll stick to the highlights (in random order).

We enhanced security so that after a user changes their password or 2FA, all the current sessions of that user will be invalid and the user will need to log in again.

A new combined front page. You could make the combined front page the default in your profile settings. Which means you see both threads and microblogs combined on the homepage.

We also introduced a new feature under general settings, where you can select "Who can send you a direct message" (defaults to everybody).

We added support for magazine banners in Mbin (which is also compatible with Lemmy Communities).

Mbin combines the thread form into just one form (instead of having article, link, and photo having a separate form). Mbin now also federates bans correctly (both incoming and outgoing bans).

Global mods can now manage (view, approve and/or deny) account signups. Global mods can now also receive signup notifications, which will also come with a new menu item in the drop-down menu.

Plus various other bug fixes and CSS layout improvements, ban notification fixes, and too many other fixes to mention here.

Summary for Server Admins

Multiple Docker setup enhancements, we upgraded to Debian Trixie images. We also upgraded to use Node v24 (current LTS release) within our Mbin Docker images. Plus we added a new amqproxy service to the docker compose file. See upgrade instructions for Docker below for more info.

We now added two different server settings:

  • Restrict "Random Threads/Posts" sidebar sections to local only
  • Restrict "Active people" sidebar section to local only

The first option has been known to cause SQL performance issues (we recommended NOT enabling this first option), hence we gave you the two options. The second option shows local only active users, which does NOT impact performance (so feel free to enable that option if you wish).

Mbin now comes with new moderation log filter capabilities.

We also documented Anubis setup for Mbin, setup is optional. However, Anubis could protect your server from DDoS attacks or other unwanted traffic towards your server.

Mbin now also has a command to rotate the private keys for one user or all the local users.

We renamed an existing environment variable: MAX_IMAGE_BYTES to: MBIN_MAX_IMAGE_BYTES, please rename the variable if you have set it. On top of that we also added a new environment variable: MBIN_USE_FEDERATION_ALLOW_LIST (default value: false) for in the .env file. We also added MBIN_NEW_USERS_NEED_APPROVAL (also default value: false) several months ago, in case you didn't added that variable yet. Although both variables are optional to add. See the latest .env.example file.

Finally, we upgraded several Composer dependency packages plus Symfony recipe updates as well as NPM package updates. So like always be sure to run: ./bin/post-upgrade to install all the updated Composer packages (on bare metal). Which should fix security vulnerabilities in our composer & npm depedency packages. And clear all caches.

Summary for developers

We extended and improved the getting started guide, documenting how to leverage dev containers to get started. Please follow the full "Docker as a dev server" guide if you wish to help with development.

We also created a new Fediverse developer page that lists all our ActivityPub messages.

Upgrade Instructions

For Docker

Changes to Docker compose.yaml file (ATTENTION!)

Take a look at the latest compose.yaml file and compare it with your local version:

  1. We added a new amqproxy service, do not forget to add depends_on amqproxy. AMQProxy will improve performance and reduce TCP overhead of the AMQ protocol, used by RabbitMQ.
  2. After that, you will need to update your .env file to use the host amqproxy:5673 (instead of rabbitmq:5672) in your MESSENGER_TRANSPORT_DSN variable.
  3. We upgraded the Debian version used in the Docker images from bookworm to trixie.
  4. We renamed MAX_IMAGE_BYTES to MBIN_MAX_IMAGE_BYTES in the .env file. Please change this variable in case you are using it.

Docker Instructions

  1. Get the official image or check out the code and build it locally
  2. Stop all containers docker compose down
  3. Start all containers docker compose up -d
  4. Since the Debian version of the PostgreSQL Docker image was upgraded, you will need to run the command below to get rid of the "collation version mismatch" warning. Note that re-indexing your entire database could take a very long time, depending on the size of your database.
docker compose exec -it postgres psql mbin mbin -c \
'REINDEX DATABASE mbin; ALTER DATABASE mbin REFRESH COLLATION VERSION;'

For Bare Metal

Admin guide changes (ATTENTION!)

  1. For Bare Metal admins, we advise you to look into the RabbitMQ APT sources, since the RabbitMQ team changed their APT repositories recently. Be sure to update your rabbitmq.list file accordingly.
    If you applied the latest change by running the commands mentioned in the guide, be sure to run the APT update command as well as the APT install/upgrade command for the rabbitmq-server package.
    In case of an upgrade, you will need to enable all feature flags after the rabbitmq-server upgrade by executing the following command: sudo rabbitmqctl enable_feature_flag all.
  2. We now documented AMQProxy (in case you are not yet using AMQProxy). We strongly advise to install & run AMQProxy (follow this guide) after that you will also need to update the .env file by changing the MESSENGER_TRANSPORT_DSN.
    You will need to update the default RabbitMQ port (5672) to the AMQProxy port of 5673 (keep the rest of the MESSENGER_TRANSPORT_DSN the same, only change the port number).
    In case you have AMQProxy configured and made your changes to the .env file, always remember to run: ./bin/post-upgrade command (which will also execute composer dump-env prod for you).
  3. The set_permission command was not correctly documented, please run the following command: sudo rabbitmqctl set_permissions -p / mbin ".*" ".*" ".*" (change mbin to kbin user in case you your rabbitmq user is called kbin).
    Then monitor your messenger logs and if you still experience "channel error: 404" or "message: NOT_FOUND" errors on one or more queues (you will see errors messages if that is the case every ~10 minutes), we recommend removing that queue manually (eg. via the RabbitMQ Web interface). Mbin will then automatically recreate the missing queue with the correct permissions again.
  4. We also changed some php.ini configurations, by mainly increasing the memory_limit to 512MB. If you have sufficient RAM available, you can decide to increase the memory limit if you wish (this limit is per child). Again, this is optional but can be part of better fine-tuning of your server, which heavily depends on your server resources.
  5. We also updated the Setup Supervisor section of the documentation. You can save storage and reduce disk I/O by adding stdout_logfile=NONE and redirect_stderr=true to your supervisor messenger-worker.conf file. Because most of the messages will be logged to the Mbin production log as well.
  6. Finally, we renamed MAX_IMAGE_BYTES to MBIN_MAX_IMAGE_BYTES in the .env configuration. Please rename the variable as well in case you use it.

Bare metal Instructions

  1. Login as the mbin/kbin user: su mbin
  2. Go to your repo cd /var/www/mbin
  3. Get the new release: git fetch && git checkout v1.9.0-rc3
  4. Run the update script: bash bin/post-upgrade.
  5. Run exit so we are back at the root user (or put a sudo in front of every command)
  6. Clear your opcache by reloading php fpm systemctl restart php8.4-fpm (or for PHP 8.3: systemctl restart php8.3-fpm)
  7. Restart the messengers: `supervisorctl res...
Read more

Contributors

melroy89, weblate, and 3 other contributors
Loading

v1.9.0 Release Candidate 2

30 Nov 15:31
@melroy89 melroy89
v1.9.0-rc2
c9bdbfa
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.9.0 Release Candidate 2 Pre-release
Pre-release

This is our v1.9.0 Release Candidate 2 (also known as a pre-release) of Mbin. This release includes security patches of upstream dependencies, documentation improvements, various performance improvements, new features, bug fixes, design improvements, Docker improvements and so much more...

Comparison to previous stable version v1.8.4 (ignoring the previous RC1):

DB migrations New ENV vars Admin guide changes Suggest cache clearing New dependencies
☑️ ☑️ ☑️ ☑️ ☑️

We have 3 different summaries below. One for end-users, one for server admins, and finally a summary for Mbin developers.

Below the summaries you will find the upgrade instructions. Please read the instructions very carefully, since we did introduce backwards incomparable changes.

Summary for Users

This release contains numerous improvements and changes that we can't list everything here, so we'll stick to the highlights (in random order).

We enhanced security so that after a user changes their password or 2FA, all the current sessions of that user will be invalid and the user will need to log in again.

A new combined front page. You could make the combined front page the default in your profile settings. Which means you see both threads and microblogs combined on the homepage.

We also introduced a new feature under general settings, where you can select "Who can send you a direct message" (defaults to everybody).

We added support for magazine banners in Mbin (which is also compatible with Lemmy Communities).

Mbin combines the thread form into just one form (instead of having article, link, and photo having a separate form). Mbin now also federates bans correctly (both incoming and outgoing bans).

Global mods can now manage (view, approve and/or deny) account signups. Global mods can now also receive signup notifications, which will also come with a new menu item in the drop-down menu.

Plus various other bug fixes and CSS layout improvements, ban notification fixes, and too many other fixes to mention here.

Summary for Admins

Multiple Docker setup enhancements, we upgraded to Debian Trixie images. We also upgraded to use Node v24 (current LTS release) within our Mbin Docker images. Plus we added a new amqproxy service to the docker compose file. See upgrade instructions for Docker below for more info.

We now added two different server settings:

  • Restrict "Random Threads/Posts" sidebar sections to local only
  • Restrict "Active people" sidebar section to local only

The first option has been known to cause SQL performance issues (we recommended NOT enabling this first option), hence we gave you the two options. The second option shows local only active users, which does NOT impact performance (so feel free to enable that option if you wish).

Mbin now comes with new moderation log filter capabilities.

We also documented Anubis setup for Mbin, setup is optional. However, Anubis could protect your server from DDoS attacks or other unwanted traffic towards your server.

Mbin now also has a command to rotate the private keys for one user or all the local users.

We renamed an existing environment variable: MAX_IMAGE_BYTES to: MBIN_MAX_IMAGE_BYTES, please rename the variable if you have set it. On top of that we also added a new environment variable: MBIN_USE_FEDERATION_ALLOW_LIST (default value: false) for in the .env file. We also added MBIN_NEW_USERS_NEED_APPROVAL (also default value: false) several months ago, in case you didn't added that variable yet. Although both variables are optional to add. See the latest .env.example file.

Finally, we upgraded several Composer dependency packages plus Symfony recipe updates as well as NPM package updates. So like always be sure to run: ./bin/post-upgrade to install all the updated Composer packages (on bare metal). Which should fix security vulnerabilities in our composer & npm depedency packages. And clear all caches.

Summary for developers

We extended and improved the getting started guide, documenting how to leverage dev containers to get started. Please follow the full "Docker as a dev server" guide if you wish to help with development.

We also created a new Fediverse developer page that lists all our ActivityPub messages.

Upgrade Instructions

For Docker

Changes to Docker compose.yaml file (ATTENTION!)

Take a look at the latest compose.yaml file and compare it with your local version:

  1. We added a new amqproxy service, do not forget to add depends_on amqproxy. AMQProxy will improve performance and reduce TCP overhead of the AMQ protocol, used by RabbitMQ.
  2. After that, you will need to update your .env file to use the host amqproxy:5673 (instead of rabbitmq:5672) in your MESSENGER_TRANSPORT_DSN variable.
  3. We upgraded the Debian version used in the Docker images from bookworm to trixie.
  4. We renamed MAX_IMAGE_BYTES to MBIN_MAX_IMAGE_BYTES in the .env file. Please change this variable in case you are using it.

Docker Instructions

  1. Get the official image or check out the code and build it locally
  2. Stop all containers docker compose down
  3. Start all containers docker compose up -d
  4. Since the Debian version of the PostgreSQL Docker image was upgraded, you will need to run the command below to get rid of the "collation version mismatch" warning. Note that re-indexing your entire database could take a very long time, depending on the size of your database.
docker compose exec -it postgres psql mbin mbin -c \
'REINDEX DATABASE mbin; ALTER DATABASE mbin REFRESH COLLATION VERSION;'

For Bare Metal

Admin guide changes (ATTENTION!)

  1. For Bare Metal admins, we advise you to look into the RabbitMQ APT sources, since the RabbitMQ team changed their APT repositories recently. Be sure to update your rabbitmq.list file accordingly.
    If you applied the latest change by running the commands mentioned in the guide, be sure to run the APT update command as well as the APT install/upgrade command for the rabbitmq-server package.
    In case of an upgrade, you will need to enable all feature flags after the rabbitmq-server upgrade by executing the following command: sudo rabbitmqctl enable_feature_flag all.
  2. We now documented AMQProxy (in case you are not yet using AMQProxy). We strongly advise to install & run AMQProxy (follow this guide) after that you will also need to update the .env file by changing the MESSENGER_TRANSPORT_DSN.
    You will need to update the default RabbitMQ port (5672) to the AMQProxy port of 5673 (keep the rest of the MESSENGER_TRANSPORT_DSN the same, only change the port number).
    In case you have AMQProxy configured and made your changes to the .env file, always remember to run: ./bin/post-upgrade command (which will also execute composer dump-env prod for you).
  3. The set_permission command was not correctly documented, please run the following command: sudo rabbitmqctl set_permissions -p / mbin ".*" ".*" ".*" (change mbin to kbin user in case you your rabbitmq user is called kbin).
    Then monitor your messenger logs and if you still experience "channel error: 404" or "message: NOT_FOUND" errors on one or more queues (you will see errors messages if that is the case every ~10 minutes), we recommend removing that queue manually (eg. via the RabbitMQ Web interface). Mbin will then automatically recreate the missing queue with the correct permissions again.
  4. We also changed some php.ini configurations, by mainly increasing the memory_limit to 512MB. If you have sufficient RAM available, you can decide to increase the memory limit if you wish (this limit is per child). Again, this is optional but can be part of better fine-tuning of your server, which heavily depends on your server resources.
  5. We also updated the Setup Supervisor section of the documentation. You can save storage and reduce disk I/O by adding stdout_logfile=NONE and redirect_stderr=true to your supervisor messenger-worker.conf file. Because most of the messages will be logged to the Mbin production log as well.
  6. Finally, we renamed MAX_IMAGE_BYTES to MBIN_MAX_IMAGE_BYTES in the .env configuration. Please rename the variable as well in case you use it.

Bare metal Instructions

  1. Login as the mbin/kbin user: su mbin
  2. Go to your repo cd /var/www/mbin
  3. Get the new release: git fetch && git checkout v1.9.0-rc2
  4. Run the update script: bash bin/post-upgrade.
  5. Run exit so we are back at the root user (or put a sudo in front of every command)
  6. Clear your opcache by reloading php fpm systemctl restart php8.4-fpm (or for PHP 8.3: systemctl restart php8.3-fpm)
  7. Restart the messengers: supervisorctl restart messenger:*

What's Changed

  • Fix A logged in user is required to resolve the authorization requ...
Read more

Contributors

melroy89, weblate, and 2 other contributors
Loading

v1.9.0 Release Candidate 1

16 Nov 17:14
@melroy89 melroy89
v1.9.0-rc1
9d7434e
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.9.0 Release Candidate 1 Pre-release
Pre-release

This is our v1.9.0 Release Candidate 1 (also known as a pre-release) of Mbin. This release includes security patches of upstream dependencies, documentation improvements, new features, bug fixes, design improvements, Docker improvements and so much more...

Comparison to previous stable version v1.8.4:

DB migrations New ENV vars Admin guide changes Suggest cache clearing New dependencies
☑️ ☑️ ☑️ ☑️ ☑️

I have 3 different summaries below. One for end-users, one for server admins, and finally a summary for Mbin developers.

Below the summaries you will find the upgrade instructions.

Summary for Users

This release contains numerous improvements and changes that we can't list everything here, so we'll stick to the highlights (in random order).

We enhanced security so that after a user changes their password or 2FA, all the current sessions of that user will be invalid and the user will need to log in again.

New combined frontpage, which means you see both microblogs and threads combined on the homepage.

We also introduced a new feature under general settings, where you can select "Who can send you a direct message" (defaults to everybody).

We added support for magazine banners in Mbin (which is also compatible with Lemmy Communities).

Mbin combines the thread form into just one form (instead of having article, link, and photo having a separate form). Mbin now also federates bans correctly (both incoming and outgoing bans).

Global mods can now manage (view, approve and/or deny) account signups. Global mods can now also receive signup notifications, which will also come with a new menu item in the drop-down menu.

Plus various other bug fixes and CSS layout improvements, too many to mention here.

Summary for Admins

Multiple Docker setup enhancements, we upgraded to Debian Trixie images. We also upgraded to use Node v24 (current LTS release) within our Mbin Docker images. Plus we added a new amqproxy service to the docker compose file. See upgrade instructions for Docker below for more info.

Mbin now comes with new moderation log filter capabilities.

We also documented Anubis setup for Mbin, setup is optional. However, Anubis could protect your server from DDoS attacks or other unwanted traffic towards your server.

Mbin now also has a command to rotate the private keys for one user or all the local users.

New environment variable is added: MBIN_USE_FEDERATION_ALLOW_LIST (default value: false) for in the .env file. We also added MBIN_NEW_USERS_NEED_APPROVAL (also default value: false) several months ago, in case you didn't added that variable yet. Although both variables are optional to add.

Finally, we upgraded several Composer dependency packages plus Symfony recipe updates as well as NPM package updates. So like always be sure to run: ./bin/post-upgrade to install all the updated Composer packages (on bare metal). Which should fix security vulnerabilities in our composer & npm depedency packages. And clear all caches.

Summary for developers

We extended and improved the getting started guide, documenting how to leverage dev containers to get started. Please follow the full "Docker as a dev server" guide if you wish to help with development.

We also created a new Fediverse developer page that lists all our ActivityPub messages.

Upgrade Instructions

For Docker

Changes to Docker compose.yaml file (ATTENTION!)

Take a look at the latest compose.yaml file and compare it with your local version:

  1. We added a new amqproxy service, do not forget to add depends_on amqproxy. AMQProxy will improve performance and reduce TCP overhead of the AMQ protocol, used by RabbitMQ.
  2. After that, you will need to update your .env file to use the host amqproxy:5673 (instead of rabbitmq:5672) in your MESSENGER_TRANSPORT_DSN variable.
  3. We upgraded the Debian version used in the Docker images from bookworm to trixie.

Docker Instructions

  1. Get the official image or check out the code and build it locally
  2. Stop all containers docker compose down
  3. Start all containers docker compose up -d
  4. Since the Debian version of the PostgreSQL Docker image was upgraded, you will need to run the command below to get rid of the "collation version mismatch" warning. Note that re-indexing your entire database could take a very long time, depending on the size of your database.
docker compose exec -it postgres psql mbin mbin -c \
'REINDEX DATABASE mbin; ALTER DATABASE mbin REFRESH COLLATION VERSION;'

For Bare Metal

Admin guide changes (ATTENTION!)

  1. For Bare Metal admins, we advise you to look into the RabbitMQ APT sources, since the RabbitMQ team changed their APT repositories recently. Be sure to update your rabbitmq.list file accordingly.
    If you applied the latest change by running the commands mentioned in the guide, be sure to run the APT update command as well as the APT install/upgrade command for the rabbitmq-server package.
    In case of an upgrade, you will need to enable all feature flags after the rabbitmq-server upgrade by executing the following command: sudo rabbitmqctl enable_feature_flag all.
  2. We now documented AMQProxy (in case you are not yet using AMQProxy). We strongly advise to install & run AMQProxy (follow this guide) after that you will also need to update the .env file by changing the MESSENGER_TRANSPORT_DSN.
    You will need to update the default RabbitMQ port (5672) to the AMQProxy port of 5673 (keep the rest of the MESSENGER_TRANSPORT_DSN the same, only change the port number).
    In case you have AMQProxy configured and made your changes to the .env file, always remember to run: ./bin/post-upgrade command (which will also execute composer dump-env prod for you).
  3. The set_permission command was not correctly documented, please run the following command: sudo rabbitmqctl set_permissions -p / mbin ".*" ".*" ".*" (change mbin to kbin user in case you your rabbitmq user is called kbin).
    Then monitor your messenger logs and if you still experience "channel error: 404" or "message: NOT_FOUND" errors on one or more queues (you will see errors messages if that is the case every ~10 minutes), we recommend removing that queue manually (eg. via the RabbitMQ Web interface). Mbin will then automatically recreate the missing queue with the correct permissions again.
  4. Finally, we also changed some php.ini configurations, by mainly increasing the memory_limit to 512MB. If you have sufficient RAM available, you can decide to increase the memory limit if you wish (this limit is per child). Again, this is optional but can be part of better fine-tuning of your server, which heavily depends on your server resources.

Bare metal Instructions

  1. Login as the mbin/kbin user: su mbin
  2. Go to your repo cd /var/www/mbin
  3. Get the new release: git fetch && git checkout v1.9.0-rc1
  4. Run the update script: bash bin/post-upgrade.
  5. Run exit so we are back at the root user (or put a sudo in front of every command)
  6. Clear your opcache by reloading php fpm systemctl restart php8.4-fpm (or for PHP 8.3: systemctl restart php8.3-fpm)
  7. Restart the messengers: supervisorctl restart messenger:*

What's Changed

Read more

Contributors

melroy89, weblate, and 3 other contributors
Loading

v1.8.4

07 Sep 12:55
@BentiGorlich BentiGorlich
v1.8.4
d6f8a74
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.8.4

This is our v1.8.4 release of Mbin. It includes one very important security patch and some improvements to the API and the handling of dead instances.

Comparison to previous stable version v1.8.3:

DB migrations New ENV vars Admin guide changes Suggest cache clearing New dependencies
☑️ ☑️

Upgrade Instructions

For Docker

  1. Get the official image or checkout the code and build it locally
  2. Stop all containers docker compose down
  3. Start all containers docker compose up -d

For Bare Metal

  1. Login as the mbin/kbin user: su mbin
  2. Go to your repo cd /var/www/mbin
  3. Get the new release: git fetch && git checkout v1.8.4
  4. Run the update script: bash bin/post-upgrade.
  5. Run exit so we are back at the root user (or put a sudo in front of every command)
  6. clear your opcache by reloading php fpm systemctl restart php8.4-fpm (or for PHP 8.3: systemctl restart php8.3-fpm)
  7. Restart the messengers: supervisorctl restart messenger:*

What's Changed

Full Changelog: v1.8.3...v1.8.4

Contributors

weblate and BentiGorlich
Loading

v1.8.3

28 Jul 12:19
@BentiGorlich BentiGorlich
v1.8.3
aab5bb6
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.8.3

This is our release v1.8.3. We did a lot of changes to our activity pub code and started to add testing of it. We did a lot of improvements on the UI and added more options for the user. Finally, we also improved the search and added an emoji picker. But we did even more, which you can check out down below.

Comparison to previous stable version v1.8.2:

DB migrations New ENV vars Admin guide changes Suggest cache clearing New dependencies
☑️ ☑️ ☑️

Upgrade Instructions

For Docker

  1. Get the official image or checkout the code and build it locally
  2. Stop all containers docker compose down
  3. Start all containers docker compose up -d

For Bare Metal

  1. Login as the mbin/kbin user: su mbin
  2. Go to your repo cd /var/www/mbin
  3. Get the new release: git fetch && git checkout v1.8.3
  4. Run the update script: bash bin/post-upgrade.
  5. Run exit so we are back at the root user (or put a sudo in front of every command)
  6. flush your redis db by running redis-cli, type in AUTH [YOUR PASSWORD] and then FLUSHDB
  7. clear your opcache by reloading php fpm systemctl restart php8.4-fpm (or for PHP 8.3: systemctl restart php8.3-fpm)
  8. Restart the messengers: supervisorctl restart messenger:*

What's Changed

Read more

Contributors

melroy89, robertolopezlopez, and 6 other contributors
Loading

v1.8.3-rc1

19 Jul 13:34
@melroy89 melroy89
v1.8.3-rc1
d9dcef6
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.8.3-rc1 Pre-release
Pre-release

This is a release candidate for the upcoming version v1.8.3. It might not yet be production ready, hence it's a RC.

Comparison to previous stable version v1.8.2:

DB migrations New ENV vars Admin guide changes Suggest cache clearing New dependencies
☑️ ☑️ ☑️

Upgrade Instructions

For Docker

  1. Get the official image or checkout the code and build it locally
  2. Stop all containers docker compose down
  3. Start all containers docker compose up -d

For Bare Metal

  1. Login as the mbin/kbin user: su mbin
  2. Go to your repo cd /var/www/mbin
  3. Get the new release: git fetch && git checkout v1.8.3-rc1
  4. Run the update script: bash bin/post-upgrade.
  5. Run exit so we are back at the root user (or put a sudo in front of every command)
  6. flush your redis db by running redis-cli, type in AUTH [YOUR PASSWORD] and then FLUSHDB
  7. clear your opcache by reloading php fpm systemctl restart php8.4-fpm (or for PHP 8.3: systemctl restart php8.3-fpm)
  8. Restart the messengers: supervisorctl restart messenger:*
  9. Login as the mbin/kbin user: su mbin again
  10. Run the command to remove the default domain from entries that are not local: php bin/console mbin:update:local-domain

What's Changed

Read more

Contributors

melroy89, robertolopezlopez, and 6 other contributors
Loading

v1.8.2 🚢

17 Apr 20:32
@melroy89 melroy89
v1.8.2
2a1c23c
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.8.2 🚢

This release is a bit earlier than usual, but we created this new release because of our new Docker setup 🚢.

For bare metal deployments have no backwards incompatible changes. So upgrading is easy for bare metal.

However, if you were running the Docker setup before, this release is important to you. Take note and follow the upgrade instructions carefully for Docker!

And.. we fixed some bugs as well :)

Comparison to previous stable version v1.8.1 (Docker related mainly):

DB migrations New ENV vars Admin guide changes Suggest cache clearing New dependencies
☑️ ☑️ ☑️ ☑️

Upgrade Instructions

For Docker

Changes to Docker setup

# Docker specific variables
MBIN_USER=1000:1000
# Possible values: debug, info, notice, warning, error, critical, alert, emergency
PHP_LOG_LEVEL=error
  • Dockerfile is completely overhauled
    • Meaning the published Docker image is now also changed!
  • Updated composer.yaml
  • Updated compose.override.yaml, see also: https://docs.joinmbin.org/admin/installation/docker#docker-image-preparation
  • docker/storage is moved to just: storage/ (including OAuth keys) on the root.
  • And the .env and compose.* files are also moved to the root directory.
  • There is no www service anymore
  • db container service is renamed to postgres service. So update your .env accordingly as well to use postgres has the name in DATABASE_URL
  • Moved from Redis to Valkey, so the new service name is now also called valkey instead of redis.
    • Include a Valkey config with recommended default.
  • The default PostgresSQL version has been bumped to 17.
  • The new Docker setup (with frankenphp and Caddy) can now be used directly as your main reverse proxy (including TLS certificate for HTTPS). NO need for Nginx anymore.
  • RabbitMQ now correctly persists data.
  • All containers are now set up to work with non-root users.
  • There's a new bash script (./docker/setup.sh) that automates the setup of the docker environment.
  • The default user for all services has changed from kbin to mbin.
  • Automatically enable the S3 FS adapter when an S3_KEY is provided.
  • Enable permanent image redirect responses (301 status code) by default.
  • Includes a development server, making contributing / development much easier.

Migration Guide

Use these steps to migrate from the old Docker setup to this one. The big thing to keep in mind is that all your server data is now in one of three locations: .env, compose.override.yaml, and storage/. So, all server data will be going under here from now on.

Additionally, this new setup does not require a reverse proxy (and actually recommends not using one), as the PHP server it's using comes with built-in HTTPS support via Let's Encrypt and Caddy. You will need to ensure ports 80 and 443 are directly exposed and available on your server in order for this migration guide to work.

  1. Keep your old Mbin directory for now; just create a new one by cloning Mbin again (git clone https://github.com/MbinOrg/mbin.git)! I'll reference old as your old Mbin directory and new as your new one.
  2. Run the auto setup script in new (with this docker branch of course): ./docker/setup.sh prod DOMAINHERE.
  3. Run docker compose down in old/docker if you haven't already.
  4. Copy your Postgres database from old/docker/storage/postgres to new/storage/postgres.
  5. Copy your media files from old/docker/storage/media to new/storage/media.
  6. Copy your OAuth keys from old/config/oauth2 to new/storage/oauth (both private.pem and public.pem).
  7. Open old/docker/.env and new/.env side by side so you can copy values from the old .env file to the new one as needed.
  8. You'll want to copy over most .env values, including KBIN_*, MBIN_*, MAX_IMAGE_BYTES, HCAPTCHA_*, S3_*, the SSO fields, EXIF_*, APP_SECRET, POSTGRES_*, MAILER_DSN, MERCURE_JWT_SECRET, OAUTH_PASSPHRASE, and OAUTH_ENCRYPTION_KEY. Everything else, you can leave alone; feel free to ask if you have any questions about this.
  9. Now that non-root containers are supported, you'll have to update the permissions of the files in new/storage/ to match MBIN_USER in .env. Run chown -R 1000:1000 new/storage/ if your MBIN_USER is 1000:1000. Running the new setup under root has not been tested yet, but you will likely not need to change any file permissions if you were running as root previously.
  10. In new/compose.override.yaml, uncomment the section that enables you to build the Docker image locally.
  11. In new, run docker compose up -d to build and start the Docker containers.
  12. If all goes well, then you should be able to access your Mbin instance from your domain!

And of course finally :

  1. Get the official image from ghrc.io (v1.8.2 is the first version that delivers this new docker setup) or checkout the code and build it locally by overriding the pull_policy
  2. Stop all containers docker compose down
  3. Start all containers docker compose up -d

Quick Start Guide

Use these steps to install Mbin on a new server. It is assumed that docker is already installed and set up.

  1. Clone Mbin and change directories: git clone https://github.com/MbinOrg/mbin.git && cd mbin (make sure to switch to this docker branch).
  2. Run the auto setup script: ./docker/setup.sh prod DOMAINHERE (use localhost for the domain if you want to test locally).
  3. Optionally configure SMTP, hCaptcha, S3, and/or SSO in .env.
  4. Use docker build -t mbin -f docker/Dockerfile . to build the Docker image.
  5. Run docker compose up -d to start the Docker containers.
  6. Assuming your DNS and firewall (ports 80 and 443 allowed) are correctly configured, then you should be able to access your new Mbin instance from your domain (or https://localhost_ if you used localhost)!
  7. Don't forget to follow the Mbin first setup instructions!

For Bare Metal

  1. Login as the mbin/kbin user: su mbin
  2. Go to your repo cd /var/www/mbin
  3. Get the new release: git fetch && git checkout v1.8.2
  4. Run the update script: bash bin/post-upgrade.
  5. Run exit so we are back at the root user (or put a sudo in front of every command)
  6. Clear your OPcache by reloading php fpm systemctl restart php8.4-fpm (or restart php8.2-fpm in case of PHP 8.2)
  7. Optional: Flush your Redis DB by running redis-cli, type in AUTH [YOUR PASSWORD] and then FLUSHDB
  8. Restart the messengers: supervisorctl restart messenger:*

What's Changed

  • Fix SendApplicationAnswerMailHandler not supplying enough parameters by @BentiGorlich in #1538
  • Docs: Update Docker nginx example with the existing nginx example by @melroy89 in #1540
  • Add cs2pr to our Dockerfile (phase 1) by @melroy89 in #1547
  • Use checkstyle GitHub actions (phase 2) by @melroy89 in #1546
  • Translations update from Hosted Weblate by @weblate in #1536
  • docs(contributor): contributors readme action update by @github-actions in #1549
  • Fix warnings in logging + Update php-cs-fixer by @melroy89 in #1543
  • Revert "sync file from server by hand" by @jwr1 in #1552
  • docs(contributor): contributors readme action update by @github-actions in #1553
  • Translations update from Hosted Weblate by @weblate in #1551
  • Add missing $logger in ApActivityRepository + init $apActivity with null by @melroy89 in #1560
  • Rework docker setup by @jwr1 in #1542
  • docs(contributor): contributors readme action update by @github-actions in #1562
  • Translations update from Hosted Weblate by @weblate in #1561
  • Move complex regexes to dedicated regpatterns util by @melroy89 in #1550
  • Pin docker images to version tags by @melroy89 in #1565
  • Change leftover Redis reference to Valkey in Docker install docs by @jwr1 in #1566
  • Left-over 'v' in front of our docker tags by @melroy89 in #1567
  • Dump version to 1.8.2 by @melroy89 in #1568

Full Changelog: v1.8.1...v1.8.2

Contributors

melroy89, weblate, and 2 other contributors
Loading

v1.8.1

30 Mar 18:32
@melroy89 melroy89
v1.8.1
b11ee8d
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.8.1

I know, it has been a while. However, we are happy to release v1.8.1!

Mainly a lot of bug fixes / improvements. Composer package dependency updates. Lot of documentation and language improvements (we also got Catalan now fully translated, thanks!).

Feel free to upgrade to PHP v8.4 as well.

A noticeable fronted difference to point out is that we now put thumbnails in a lightbox by default. Although this can be changed by the end-user at: ⚙ Settings -> Under "Threads" section -> "Thread thumbnails opens full screen" option.

Comparison to previous stable version v1.8.0:

DB migrations New ENV vars Admin guide changes Suggest cache clearing New dependencies
☑️ ☑️

Upgrade Instructions

For Docker

  1. Get the official image or checkout the code and build it locally
  2. Stop all containers docker compose down
  3. Start all containers docker compose up -d
  4. execute the command to remove the default domain from entries that are not local: docker compose exec php php bin/console mbin:update:local-domain

For Bare Metal

  1. Login as the mbin/kbin user: su mbin
  2. Go to your repo cd /var/www/mbin
  3. Get the new release: git fetch && git checkout v1.8.1
  4. Run the update script: bash bin/post-upgrade.
  5. Run exit so we are back at the root user (or put a sudo in front of every command)
  6. flush your redis db by running redis-cli, type in AUTH [YOUR PASSWORD] and then FLUSHDB
  7. clear your opcache by reloading php fpm systemctl restart php8.4-fpm (or for PHP 8.3: systemctl restart php8.3-fpm)
  8. Restart the messengers: supervisorctl restart messenger:*
  9. Login as the mbin/kbin user: su mbin again
  10. Run the command to remove the default domain from entries that are not local: php bin/console mbin:update:local-domain

What's Changed

Full Changelog: v1.8.0...v1.8.1

Contributors

melroy89, weblate, and 3 other contributors
Loading

v1.8.0

10 Feb 11:45
@BentiGorlich BentiGorlich
v1.8.0
95338ff
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.8.0

This is the v1.8.0 release of Mbin and it is a feature packed one. It brings an extensive bookmarking system, signup request support, signup notifications, extended markdown rendering, custom notification settings to set magazines, users, threads and microblogs to default, loud or muted, setting a default sort for the front page and comment lists, a new image delete command for admins and documentation changes. You also still might want to double check if you are using the latest Nginx configs (v1.8.0 has now additional regex improvements).

A total of 60* pull requests from 11 contributors** have been merged.

Comparison to previous stable version v1.7.4:

DB migrations New ENV vars Admin guide changes Suggest cache clearing New dependencies
☑️ ☑️ ☑️ ☑️

*: excluding dependabot and github actions
**: excluding dependabot, github actions and weblate

Upgrade Instructions

For Docker

  1. Get the official image or checkout the code and build it locally
  2. Stop all containers docker compose down
  3. Start all containers docker compose up -d

For Bare Metal

  1. Login as the mbin/kbin user: su mbin
  2. Go to your repo cd /var/www/mbin
  3. Get the new release: git fetch && git checkout v1.8.0
  4. Run the update script: bash bin/post-upgrade.
  5. Run exit so we are back at the root user (or put a sudo in front of every command)
  6. Clear your OPcache by reloading php fpm systemctl restart php8.3-fpm (or restart php8.2-fpm in case of PHP 8.2)
  7. Optional: Flush your Redis DB by running redis-cli, type in AUTH [YOUR PASSWORD] and then FLUSHDB
  8. Restart the messengers: supervisorctl restart messenger:*

What's Changed

New Contributors

Full Changelog: v1.7.4...v1.8.0

Contributors

garrettw, melroy89, and 5 other contributors
Loading