One of the useful yet resource-intensive features of platforms like Mastodon is that they reprocess (and store locally) all multimedia files from other instances.
This behavior is implemented for three valid reasons:
- To ensure files do not contain malicious code by reprocessing them locally.
- To prevent all users from all instances from overloading the original instance hosting the media by requesting it repeatedly.
- To hide the individual IP addresses of users from the original instance.
While this approach has benefits, it also requires significant disk space - often many gigabytes per day.
snac, on the other hand, does not locally process or cache media by default. Instead, media URLs remain unchanged, meaning users will fetch content directly from its original source. This behavior is perfectly fine for many setups (such as mobile devices), but it may not be suitable for everyone.
I suggested a small improvement to snac’s developer, who immediately recognized the benefit for users and implemented an interesting new feature: media proxying via the instance itself.
Enabling Media Proxying in snac
To enable this feature, simply add the following line to your server.json configuration file:
"proxy_media": true
Once enabled, snac will rewrite all media URLs to pass through its own instance. This ensures that original instances will no longer see the IP addresses of individual users, as they will only see the IP of the snac instance itself.
However, this also increases the load and bandwidth consumption of the instance since it must download and forward media every time a user accesses it.
Caching Proxied Media with nginx
To optimize performance, we can configure nginx to cache these proxied files transparently. This way, if multiple users from the snac instance (or the same user at different times) request the same media file, nginx will serve it from the local cache instead of fetching it again. This setup has two key advantages:
- Reduces traffic to the original instances.
- Lowers the load on the snac instance, as it won’t need to download the same file repeatedly.
To achieve this, create a cache storage area in nginx by adding the following to the http section:
proxy_cache_path /var/cache/nginx/snac_media levels=1:2 keys_zone=snac_media:10m max_size=1g
inactive=1d use_temp_path=off;
This defines a cache directory at /var/cache/nginx/snac_media, with 10 MB allocated for metadata and a maximum cache size of 1 GB. Cached content will be invalidated and removed after one day, ensuring frequently accessed content (like profile avatars) remains cached while rarely used files get replaced over time.
Next, add the following rule to your snac instance's virtual host configuration:
location ~ ^/.+/(x|y)/ {
proxy_cache snac_media;
proxy_pass http://snac-ip:8001;
proxy_set_header Host $host;
proxy_cache_valid 200 1d;
proxy_cache_valid 404 1h;
proxy_ignore_headers "Cache-Control" "Expires";
proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
proxy_cache_lock on;
add_header X-Proxy-Cache $upstream_cache_status;
}
After reloading nginx, the cache will start populating as users request media files. Unrequested content will never enter the cache, ensuring efficient storage usage without unnecessary clutter.
By combining snac’s new media proxying feature with nginx caching, we can achieve a more balanced setup—reducing load on both our instance and external ones, improving privacy, and enhancing performance.