Towards "Hit By a Bus" #FediAdmin Best Practices
by nev
Over the past several months, numerous large servers run by single individuals have shut down abruptly or made irreversible moderation decisions. A few have been widely defederated after it became apparent the admin went AWOL and stopped updating the software and moderating.
In my opinion, a major factor in these events is servers growing too fast for the existing mod/admin team to manage, and it's important for admins to set some ground rules for themselves ahead of time about when to pause registrations or recruit more moderators. But that's a pretty complex matter and it will be different for everybody.
However, at the bare minimum, more than one person should have the "keys" to a server, so to speak—even if it is a very small server where admin and moderation work can be done by one person. It's even part of the Mastodon covenant—the standards required for a server to appear in the list at joinmastodon.org.
I haven't seen anyone lay out what exactly this should look like. So here's my list of things that a backup admin should be able to access:
Admin & moderation powers: On Mastodon/Hometown, this is as easy as changing a user's role. Open the user's profile in the administration interface, click "Change role", and select the desired role.
Domain name registrar: If the domain expires, people will be unable to access the site. I registered my domain through nearlyfreespeech.net, which allows you to add an alternate emergency contact to an account. If I am unreachable, the contact has the authority to add funds to the account, renew expiring domains, and other tasks necessary to preserve what's already there, but they cannot close the account or delete anything. Other domain registrars will work differently, but should allow for adding an emergency contact or giving access to another user.
The external site this is posted on, out.flipping.rocks, is also hosted on NFSN, and this ensures it won't go down for lack of funds either. Optionally, I can have someone sign up on NFSN and give them access to the site as well so they can update it if necessary.
Hosting provider: I use the shared host fedi.monster, so it was quite simple and informal—I emailed the person who runs it to say "If you can't get a hold of me, please contact this person instead and give them access." Large hosting providers will typically offer options to let another user access and manage the account as well; check their documentation or contact support.
Funding platform & financials: The server is set up as an organization on Open Collective to track expenses and allow people to donate. To add another admin, you visit the "Team" page in admin settings. You can add an existing OpenCollective user or invite someone to make an account. I know other servers use platforms like PayPal and Patreon; I'm not sure how granting another account access works on there. Very large servers will probably want to do things by the book with a business account at a bank.
In my opinion these are the most basic "hit by a bus" precautions; it ensures that if you quit or disappear, the server can keep running for at least the three-month grace period required by the Mastodon covenant, or long enough to find new admins. However, I also wanted a backup admin to consult about major decisions and veto if need be.
Obviously this is non-binding; there isn't a way to force an admin to do anything, and anyone can make impulsive decisions. However, at this stage in my life, I am confident that if I'm seriously thinking about making a drastic change like shutting down the server, I have the presence of mind to talk to another person about it first.
Of course, if I thought I didn't, I would not have started a server other people can use. But no one thinks it'll happen to them. That's why it's so important to have someone who can take away the keys if necessary.
Did I miss anything? How does it work on your server? Let me know by @'ing me at @nev@flipping.rocks
.