@wakest@app.wafrn.net @gabboman@gabboman.xyz @liaizon@wake.st the FQN is @fabio@manganiello.blog in my case, not @fabio@blog.fabiomanganiello.com (I made a split-domain configuration).

The actor URL is https://manganiello.blog/ap/actor

will investigate, thanks

@julian@fietkau.social @liaizon@wake.st I got the quote https://blog.fabiomanganiello.com/article/Madblog-federated-blogging-from-markdown

@shellsharks@shellsharks.social this is still WIP https://git.platypush.tech/blacklight/madblog/issues/20

It requires properly implementing the movedTo notifications both on the receiving and sending side, but the implementation details (especially for the asynchronous migration jobs) require me to dig a bit deeper in Mastodon's implementation.

@fabio Right, and my server seems to have gotten the corresponding `Accept`. But if you look at https://social.wake.st/@liaizon/116205306320048221 and scroll down, you see that @liaizon can't see the quote in my reply (and neither can people on any other server looking at this thread). This is because the `QuoteAuthorization` needs to be publicly resolvable: https://fediverse.codeberg.page/fep/fep/044f/#verifying-third-party-quote-posts

@silverpill@mitra.social @fabio@manganiello.blog good catch! https://git.platypush.tech/blacklight/madblog/commit/9024ba9c2dd1b4ad77e50892189c6a155eb199ce

@julian@fietkau.social @liaizon@wake.st good catch, that was actually a bug in the quote_authorizations URL routing on Pubby's side - I've just pushed a fix for it https://git.platypush.tech/blacklight/pubby/commit/2b37e604defb8dbd9580af890c5854c2f9cd9dfd

@fabio @liaizon Oh excellent! Please let me know when the new version is live on your blog and I'll test again.

@julian@activitypub.space @general@activitypub.space that would be very cool, but from my understanding Person vs. Group actor are mutually exclusive, so I can't have both on the same handle right?

If that's the case I may have to rethink a bit of the current single-user approach - I guess that I'll need a @user@example.com Person actor (or optionally multiple of them) and a @blog@example.com Group actor. Which AFAIK is similar to what #WriteFreely does, but it requires me to rethink a bit of the general design.

I've braindumped my thoughts here for now https://git.platypush.tech/blacklight/madblog/issues/21, thanks for the feedback!

@fabio@manganiello.eu

> from my understanding Person vs. Group actor are mutually exclusive, so I can't have both on the same handle right?

Correct, while you can have webfinger resolve both a group actor and person actor from a single handle, that gets messy quickly because how the receiving end handles this is not specified. Mastodon for example only takes the first entry, which crucially means if a community and user have the same handle, then one of the actors is inaccessible to Mastodon.

I don't think you need to introduce breaking changes (I hope!), the threadiverse component can be bolted on to existing functionality. In fact, I'd recommend maintaining the existing Person actor so that microblog compatibility is not impacted. It's not an either-or approach, NodeBB does handle both types effectively.

Here are some quick answers to the open questions:

Should the Person actor have its own inbox?
Yes, the Person actor and the Group actor are two separate identities (as far as anybody outside of your instance is concerned.)

Outbox representation — Should the Group's outbox contain the Announce
activities, the inner Create activities, or both?

This is optional (at least for NodeBB). If you investigate NodeBB's actors, all of their outboxes return an empty OrderedCollection because I simply haven't gotten around to it yet, and I don't know many implementations that read it. Federation works fine without it, but it would make sense to follow Lemmy or Piefed's lead here.

Backwards compatibility — Should Madblog support a "hybrid" mode that sends both Create (for Mastodon) and Announce (for threadiverse)?

Mastodon will correctly de-duplicate the object so sending both Create(Note/Article) and Announce(Create(Note/Article)) is fine. The former serves non-threadiverse followers, and the latter ensures threadiverse syncronization capability.

NodeBB actually sends three : Create(Note/Article), Announce(Create(Note/Article)), and Announce(Note/Article). That last one is not needed.

Separate keypair for the Person actor? If the Person actor eventually needs to sign requests (e.g. for inbox delivery), it would need its own keypair.

I believe so. It was trivial for me to just generate keypairs for everybody, so I don't know off-hand whether things break if your Person actor doesn't have one. It might not resolve in some implementations?

@fabio @fabio Will it also work with profile parameter? We have specify profile because ActivityPub specification requires it:

ActivityPub

The ActivityPub protocol is a decentralized social networking protocol based upon the [ActivityStreams] 2.0 data format. It provides a client to server API for creating, updating and deleting content, as well as a federated server to server API for delivering notifications and content.

(www.w3.org)

@julian

If you investigate NodeBB's actors, all of their outboxes return an empty OrderedCollection because I simply haven't gotten around to it yet, and I don't know many implementations that read it.

I read from outboxes all the time. But I can't do that with NodeBB

Outbox doesn't have an `id` · Issue #13478 · NodeBB/NodeBB

NodeBB version v4.4.2 NodeBB git hash No response NodeJS version No response Installed NodeBB plugins No response Database type No response Database version No response Exact steps to cause this issue Retrieve outbox What you expected I ...

GitHub (github.com)

@silverpill@mitra.social @fabio@manganiello.blog yes, I've just realized that luckily requests is smart enough to split header parameters

❯ curl -I -H 'Accept: application/ld+json; profile="https://www.w3.org/ns/activitystreams' https://manganiello.blog/article/Madblog-federated-blogging-from-markdown
HTTP/2 200
server: nginx
date: Tue, 10 Mar 2026 18:43:44 GMT
content-type: application/activity+json
content-length: 69389
last-modified: Tue, 10 Mar 2026 18:39:54 GMT
etag: "81d02d339405c0ec"
cache-control: public, max-age=0, must-revalidate
language: en-US

@fabio @fabio In your curl command, the closing quote (") is missing after https://www.w3.org/ns/activitystreams. When I make a request with the full media type string, the server still returns text/html

@silverpill@mitra.social @fabio@manganiello.blog you're right, I completely overlooked that. Also the Python HTTP machinery isn't as clever as I thought so I had to trim parameters manually, but it should work now https://git.fabiomanganiello.com/blacklight/madblog/commit/76e7b72337b1ab7406fb307eb163a9a4097fcc0e

❯ curl -I -H 'Accept: application/ld+json; profile="https://www.w3.org/ns/activitystreams"' https://manganiello.blog/article/Madblog-federated-blogging-from-markdown
HTTP/2 200
server: nginx
date: Tue, 10 Mar 2026 19:06:01 GMT
content-type: application/activity+json
content-length: 69389
last-modified: Tue, 10 Mar 2026 18:39:54 GMT
etag: "81d02d339405c0ec"
cache-control: public, max-age=0, must-revalidate
language: en-US

@silverpill@mitra.social I recall Mitra may be one of a select few

Do you use it to backfill a profile? How often do you query the outbox?

@fabio @fabio It's working, thanks!

@julian Yes, to backfill a profile. It is a manual action.

I don't know who else does that, but @jonny is working on a adding automatic profile backfill to Mastodon: https://github.com/mastodon/mastodon/pull/34597

@silverpill @julian@activitypub.space I believe @hollo does it as well.

@general

@fabio I really, really love it!! I wanted to do the same for quite a long time - but I didn't; and now maybe I can eventually steal your code and RIIR in glorious AGPL!

That said, unfortunately at the moment it's not working for me, I can't open it either in my client, or through my instance's search FWIW, through my instance I'm seeing some "503 Remote SSL certificate could not be verified", while the client just spins a throbber endlessly. No idea where the fault lies, but I do remember reading many times that Mastodon is a flustercluck and a fishy citizen in ActivityPub ...

Anyway, huge applause from me regardless, and hopefully one day I can get to fave the actual post on the blog!