Hi all,
I stood up a single user Lemmy instance today and found out the hard way that you can’t have a private instance that can also federate. It was a pain but I had to manually go into the database to fix it.
Now that federation is working and the instance is no longer private, I’ve noticed that unauthenticated users can see all remote communities I’ve subscribed to. This wouldn’t be a big deal on a larger instance but it feels like a privacy issue since I’m the only user, so everyone can see everything I’m subscribed to.
My question is, is this actually a technical requirement for the federation protocol to work? I’ve considered trying to configure nginx to serve 403s on certain pages listing communities but I’m not sure if it would break the federation protocol.
Thanks!