@silverpill@mitra.social @fabio@manganiello.blog you're right, I completely overlooked that. Also the Python HTTP machinery isn't as clever as I thought so I had to trim parameters manually, but it should work now https://git.fabiomanganiello.com/blacklight/madblog/commit/76e7b72337b1ab7406fb307eb163a9a4097fcc0e

❯ curl -I -H 'Accept: application/ld+json; profile="https://www.w3.org/ns/activitystreams"' https://manganiello.blog/article/Madblog-federated-blogging-from-markdown
HTTP/2 200
server: nginx
date: Tue, 10 Mar 2026 19:06:01 GMT
content-type: application/activity+json
content-length: 69389
last-modified: Tue, 10 Mar 2026 18:39:54 GMT
etag: "81d02d339405c0ec"
cache-control: public, max-age=0, must-revalidate
language: en-US

@silverpill@mitra.social I recall Mitra may be one of a select few

Do you use it to backfill a profile? How often do you query the outbox?

@fabio @fabio It's working, thanks!

@julian Yes, to backfill a profile. It is a manual action.

I don't know who else does that, but @jonny is working on a adding automatic profile backfill to Mastodon: https://github.com/mastodon/mastodon/pull/34597

@silverpill @julian@activitypub.space I believe @hollo does it as well.

@general

@fabio I really, really love it!! I wanted to do the same for quite a long time - but I didn't; and now maybe I can eventually steal your code and RIIR in glorious AGPL!

That said, unfortunately at the moment it's not working for me, I can't open it either in my client, or through my instance's search FWIW, through my instance I'm seeing some "503 Remote SSL certificate could not be verified", while the client just spins a throbber endlessly. No idea where the fault lies, but I do remember reading many times that Mastodon is a flustercluck and a fishy citizen in ActivityPub ...

Anyway, huge applause from me regardless, and hopefully one day I can get to fave the actual post on the blog!

@fabio@manganiello.eu @fabio@manganiello.blog @blog omg thank you for the python lib. i was getting ready to write one but extremely good to see i can draw from (credit/depend on/etc.) prior art. adding to the inspo docs!!!

@silverpill @julian @general Collections are one of the best parts of activitypub/streams and i have no idea why nobody uses them or works on them. like if we embraced the underlying graph structure of the data and used the canonicalization algos that have been developed in the meantime we get all the good parts of atproto (mostly efficient updating the pds system) basically for free

@silverpill @julian @general account backfilling is issue number THIRTY FOUR in mastodon and has >700 thumbs, >200 comments hemming and hawing about how possible it would be for TEN YEARS.

the solution is just "enumerate the outbox" and it's 200 lines.

like we already have a mechanism for reply controls: the reply collection.
for fine-grained post visibility: access control on the outbox collection.
broadcasting feeds and posts between instances: collections
migrations: collections
store and forward, offline-focused AP: collections

and so on.

@julian @silverpill ActivityPub API clients dont need their server to backfill thanks to proxyURL, but Actors will look like they haven’t posted

@django@social.coop sounds like I'll have to implement it sooner rather than later!

@jonny @julian

i have no idea why nobody uses them or works on them

There is a FEP in the works:

Cookie monster!

(codeberg.org)

@akavel@merveilles.town thanks for your response

Did you manage to get to the bottom of it? From the description of the error it sounds like your certificate may be broken? Can you access the blog index from a normal browser? Do you perhaps have a split-domain situation (link != activitypub_link) but the certificate only applies to one?

@julian@fietkau.social @liaizon@wake.st it's all live, let me know if it works

@fabio @liaizon New quote test, wooo!

Madblog: A Markdown Folder That Federates Everywhere

Fabio's Blog

Fabio Manganiello (blog.fabiomanganiello.com)

@fabio I didn't investigate further as I had no idea how.

Which link specifically do you mean by "blog index"?

As to domain/instance I mean this one I'm writing from - I don't control it, sorry I see I wrote it in a confusing way, I'm just a plain citizen here.

Seeing you mention certs I will try on a laptop then, not on phone, to compare. Or could it be that the instance I'm on has some certs problems internally?

@silverpill@mitra.social @django@social.coop @hongminhee@hollo.social Okay, I implemented user outboxes for posts, votes, and shares (post edits are a little harder )

https://activitypub.space/uid/1/outbox

Hopefully I did it ok, had to re-invent some collection logic because I couldn't re-use the helper I wrote before, as that relies on a pagination cursor, which, long story short, is not at all scalable when navigating through a user inbox.

Group outboxes to follow, but just hoping for a sanity check for now.

@julian I can read the outbox and activities

There is a minor problem with Like activities, which don't have a to field (this means nobody should be able to see them).

And while we're at it: when NodeBB sends a signed GET request, does it add a Digest header? I see warnings in my log due to invalid header value.

@django @hongminhee

@akavel@merveilles.town I mean if you open the home page of your blog from a normal browser (any browser, mobile or desktop) do you still see the certificate error? If that's not the case and you have a split domain configuration (so your blog is on a URL and your federated domain is on another) then double-check that both the certificates are valid.

@fabio Oh I didn't install your blog on my host yet! For now I wanted to comment/fave in _your_ blog and I couldn't do that - this is my problem...