 |
Title: Pinafore: a light Mastodon web client |
|
Author: Solène |
|
Date: 18 November 2022 |
|
Tags: mastodon selfhosting |
|
Description: This articles presents the alternative mastodon front-end |
|
Pinafore |
|
|
|
# Intro |
|
|
|
This blog post is for Mastodon users who may not like the official |
|
Mastodon web interface. It has a lot of features, but it's using a lot |
|
of CPU and requires a large screen. |
|
|
|
Fortunately, there are alternatives front-ends to Mastodon, this is |
|
possible through calls between the front-end to then instance API. I |
|
would like to introduce you Pinafore. |
|
|
 |
Pinafore GitHub client |
|
Pinafore.social website |
|
|
|
# What's Pinafore? |
|
|
|
Pinafore is a "web application" consisting of a static website, this |
|
implies nothing is actually store on the server hosting Pinafore, think |
|
about it like a page loaded in your browser that stores data in your |
|
browser and make API calls from your browser. |
|
|
|
This design is elegant because it delegates everything to the browser |
|
and requires absolutely no processing on the Pinafore hosting server, |
|
it's just a web server there serving static files once. |
|
|
|
As I said previously, Pinafore is a Mastodon (but also extends to other |
|
Fediverse instances whenever possible) front-end with a bunch of |
|
features such as: |
|
|
|
- accessibility (for content warning content, greyscale mode, contrast, |
|
key bindings) |
|
- only one column, it's really compact |
|
- simple design, fast to load and doesn't eat much CPU (especially |
|
compared to official Mastodon interface) |
|
- read-only support if you visit your Pinafore host when not connected, |
|
I find this very useful (remember that cache is stored in your browser) |
|
- can handle multiple accounts at once |
|
|
|
This being said, Pinafore doesn't target minimalism either, it needs |
|
javascript and a modern web browser. |
|
|
|
# How to use Pinafore? |
|
|
|
There are two ways to use it, either by using the official hosted |
|
service, or by hosting it yourself. |
|
|
|
Whether you choose the official or self-hosted, the principle is the |
|
following: you enter your account instance address in it the first |
|
time, this will trigger an oauth authentication on your instance and |
|
will ask if you want pinafore to use your account through the API (this |
|
can be revoked later from your Mastodon account). Accept, and that's |
|
it! |
|
|
|
## Pinafore.social |
|
|
|
The official service is run by the developers and kept up to date. You |
|
can use it without installing anything, simply visit the address below |
|
and go through the login process. |
|
|
|
Pinafore.social website |
|
|
|
This is a very convenient way to use pinafore, but it comes with a |
|
tradeoff: it involves a third party between your social network account |
|
and your client. While pinafore.social is trustable, this doesn't mean |
|
it can't be compromised and act as a "Man In The Middle". As I |
|
mentionned earlier, no data are stored by Pinafore because everything |
|
is in your browser, but nothing prevent a malicious attacker to modify |
|
the hosted Pinafore code to redirect data from your browser to a remote |
|
server they control in order to steal information. |
|
|
|
## Self Hosting |
|
|
|
It's possible to create Pinafore static files from your system and host |
|
it on any web server. While it's more secure than pinafore.social (if |
|
your host is secure), it still involves extra code that could |
|
"potentially" be compromised through a rogue commit, but it's not |
|
realistic to encounter this case when using Pinafore releases versions. |
|
|
|
For this step, I'll link to the according documentation in the project: |
|
|
|
Exporting Pinafore |
|
|
|
# Trivia |
|
|
|
Pinafore is the recommended web front-end for the Mastodon server |
|
implementation GoToSocial which only provide a backend. |
|
|
|
GoToSocial GitHub project page |
