We use cookies to ensure you get the best experience on our website
Inicio Explorar Axuda
Rexistro Iniciar sesión
0ct0pu5
/
tutorials
1
0
Fork 0
Ficheiros Incidencias 0 Pull Requests 0 Wiki
Rama: main
Ramas Etiquetas
tutorials
/
0853.html

0853.html 13 KB
Permalink Histórico Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241 
  1.     <!DOCTYPE html>
    2. 

  2.     <html lang="en" xmlns="http://www.w3.org/1999/xhtml">
    3. 

  3.       <head>
    4. 

  4.         <title>Run Mastodon - A Federated Twitter Alternative - in Docker</title>
    5. 

  5.         <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
    6. 

  6.         <meta charset="UTF-8">
    7. 

  7.         <meta name="keywords" content="Browser Based,Docker Made Easy,Home Lab,Home Lab Ideas,Install Guide,Self-Hosted,Web Based,Web Based Tools,Alternative,Homelab,Linux,Micro Blogging,Microblogging,Social Media,Social Network,Twitter,Twitter Alternative,Mastodon,Federated,Container,Containerization,Docker,Docker How To,Docker Installation Tutorial,Docker Simplified,Docker Tutorial,Ubuntu,How To,Tutorial,i12bretro">
    8. 

  8.         <meta name="author" content="i12bretro">
    9. 

  9.         <meta name="description" content="Run Mastodon - A Federated Twitter Alternative - in Docker">
    10. 

  10.         <meta name="viewport" content="width=device-width, initial-scale=1.0">
    11. 

  11.         <meta name="revised" content="02/10/2023 02:00:52 PM" />
    12. 

  12. 				          <link rel="icon" type="image/x-icon" href="includes/favicon.ico">
    13. 

  13. 				  <script type="text/javascript" src="https://code.jquery.com/jquery-3.5.1.min.js"></script>
    14. 

  14. 				        <script type="text/javascript" src="includes/js/steps.js"></script>
    15. 

  15.         <link href="css/steps.css" rel="stylesheet" type="text/css" />
    16. 

  16.       </head>
    17. 

  17.       <body>
    18. 

  18.         <div id="gridContainer">
    19. 

  19.           <div class="topMargin"></div>
    20. 

  20.           <div id="listName" class="topMargin">
    21. 

  21.             <h1>Run Mastodon - A Federated Twitter Alternative - in Docker</h1>
    22. 

  22.           </div>
    23. 

  23.           <div></div>
    24. 

  24.           <div id="content">
    25. 

  25.           <h2>What is Mastodon?</h2>
    26. 

  26. 

  27. <blockquote><em>Mastodon is a free, open-source social network server based on ActivityPub where users can follow friends and discover new ones. On Mastodon, users can publish anything they want: links, pictures, text, video. All Mastodon servers are interoperable as a federated network (users on one server can seamlessly communicate with users from another one, including non-Mastodon software that implements ActivityPub)! -<a href="https://github.com/mastodon/mastodon" target="_blank">https://github.com/mastodon/mastodon</a></em></blockquote>
    28. 

  28. 

  29. <h2>Installing Docker</h2>
    30. 

  30. 

  31. <ol>
    32. 

  32. 	<li>Log into the Linux based device</li>
    33. 

  33. 	<li>Run the following commands in the terminal
    34. 

  34. 	<div class="codeBlock"># install prerequisites<br />
    35. 

  35. 	sudo apt install apt-transport-https ca-certificates curl software-properties-common gnupg-agent -y<br />
    36. 

  36. 	# add docker gpg key<br />
    37. 

  37. 	curl -fsSL https://download.docker.com/linux/$(awk -F&#39;=&#39; &#39;/^ID=/{ print $NF }&#39; /etc/os-release)/gpg | sudo apt-key add -<br />
    38. 

  38. 	# add docker software repository<br />
    39. 

  39. 	sudo add-apt-repository &quot;deb [arch=$(dpkg --print-architecture)] https://download.docker.com/linux/$(awk -F&#39;=&#39; &#39;/^ID=/{ print $NF }&#39; /etc/os-release) $(lsb_release -cs) stable&quot;<br />
    40. 

  40. 	# install docker<br />
    41. 

  41. 	sudo apt install docker-ce docker-compose containerd.io -y<br />
    42. 

  42. 	# enable and start docker service<br />
    43. 

  43. 	sudo systemctl enable docker &amp;&amp; sudo systemctl start docker<br />
    44. 

  44. 	# add the current user to the docker group<br />
    45. 

  45. 	sudo usermod -aG docker $USER<br />
    46. 

  46. 	# reauthenticate for the new group membership to take effect<br />
    47. 

  47. 	su - $USER</div>
    48. 

  48. 	</li>
    49. 

  49. </ol>
    50. 

  50. 

  51. <h2>Generating SSL Certificate with Let&#39;s Encrypt</h2>
    52. 

  52. 

  53. <p><em>NOTE: In order for Let&#39;s Encrypt to verify ownership of the DNS name, the host certbot is running from must be accessible via port 80 (http) or port 443 (https). For homelab users, this will normally involve port forwarding from the router to the certbot host, which is beyond the scope of this tutorial. Just note, I have forwarded port 80 on my router to the host running certbot for this handshake to complete successfully.</em></p>
    54. 

  54. 

  55. <ol>
    56. 

  56. 	<li>Continue with the following commands in a terminal window
    57. 

  57. 	<div class="codeBlock"># remove apt version of certbot if installed<br />
    58. 

  58. 	sudo apt remove certbot -y<br />
    59. 

  59. 	# install snapd<br />
    60. 

  60. 	sudo apt install snapd -y<br />
    61. 

  61. 	# install snap core and update<br />
    62. 

  62. 	sudo snap install core; sudo snap refresh core<br />
    63. 

  63. 	# install certbot snap<br />
    64. 

  64. 	sudo snap install --classic certbot<br />
    65. 

  65. 	# create certbot symbolic link<br />
    66. 

  66. 	sudo ln -s /snap/bin/certbot /usr/bin/certbot<br />
    67. 

  67. 	# if a web server process is currently using port 80, stop it before proceeding<br />
    68. 

  68. 	# generate a certificate<br />
    69. 

  69. 	sudo certbot certonly --standalone --preferred-challenges http -d &lt;%DNS NAME%&gt;</div>
    70. 

  70. 	</li>
    71. 

  71. 	<li>When prompted, enter an email address and agree to the terms of service</li>
    72. 

  72. 	<li>Choose whether to share your email and receive emails from certbot</li>
    73. 

  73. 	<li>Certbot will output information regarding the location of the certificate files</li>
    74. 

  74. 	<li>Continue with the following commands in a terminal window
    75. 

  75. 	<div class="codeBlock"># create ssl-certs group<br />
    76. 

  76. 	sudo groupadd ssl-certs<br />
    77. 

  77. 	# add $USER and root users to group<br />
    78. 

  78. 	sudo usermod -aG ssl-certs $USER<br />
    79. 

  79. 	sudo usermod -aG ssl-certs root<br />
    80. 

  80. 	# verify the members of ssl-cert<br />
    81. 

  81. 	getent group ssl-certs<br />
    82. 

  82. 	# set owner group of /etc/letsencrypt<br />
    83. 

  83. 	sudo chgrp -R ssl-certs /etc/letsencrypt<br />
    84. 

  84. 	# set permissions on /etc/letsencrypt<br />
    85. 

  85. 	sudo chmod -R g=rX /etc/letsencrypt</div>
    86. 

  86. 	</li>
    87. 

  87. </ol>
    88. 

  88. 

  89. <h2>Running the Mastodon Container Stack</h2>
    90. 

  90. 

  91. <ol>
    92. 

  92. 	<li>Now that Docker is installed, run the following commands to setup the Mastodon Docker containers
    93. 

  93. 	<div class="codeBlock"># create working directories<br />
    94. 

  94. 	mkdir ~/docker/postgres -p &amp;&amp; mkdir ~/docker/redis -p &amp;&amp; mkdir ~/docker/mastodon/public/system -p &amp;&amp; mkdir ~/docker/nginx/conf -p<br />
    95. 

  95. 	# pull the mastodon web container<br />
    96. 

  96. 	docker pull tootsuite/mastodon<br />
    97. 

  97. 	# generate secrets, run this 2 times<br />
    98. 

  98. 	docker run --rm -it tootsuite/mastodon bundle exec rake secret<br />
    99. 

  99. 	# generate VAPID keys<br />
    100. 

  100. 	docker run --rm -it tootsuite/mastodon bundle exec rake mastodon:webpush:generate_vapid_key<br />
    101. 

  101. 	# create a mastodon .env file<br />
    102. 

  102. 	# copy the generated secrets and keys into the .env file<br />
    103. 

  103. 	# make sure to set the LOCAL_DOMAIN as this cannot be changed later<br />
    104. 

  104. 	nano ~/docker/mastodon/.env</div>
    105. 

  105. 	</li>
    106. 

  106. 	<li>Paste the following into the .env file, then edit the LOCAL_DOMAIN, WEB_DOMAIN, PostgreSQL, Secrets, Web Push and SMTP settings<br />
    107. 

  107. 	<span style="font-size:12px;">NOTE: A full example .env file can be find at <a href="https://github.com/mastodon/mastodon/blob/main/.env.production.sample" style="font-size:12px;" target="_blank">https://github.com/mastodon/mastodon/blob/main/.env.production.sample</a></span>
    108. 

  108. 	<p># This is a sample configuration file. You can generate your configuration<br />
    109. 

  109. 	# with the `rake mastodon:setup` interactive setup wizard, but to customize<br />
    110. 

  110. 	# your setup even further, you&#39;ll need to edit it manually. This sample does<br />
    111. 

  111. 	# not demonstrate all available configuration options. Please look at<br />
    112. 

  112. 	# https://docs.joinmastodon.org/admin/config/ for the full documentation.</p>
    113. 

  113. 

  114. 	<p># Note that this file accepts slightly different syntax depending on whether<br />
    115. 

  115. 	# you are using `docker-compose` or not. In particular, if you use<br />
    116. 

  116. 	# `docker-compose`, the value of each declared variable will be taken verbatim,<br />
    117. 

  117. 	# including surrounding quotes.<br />
    118. 

  118. 	# See: https://github.com/mastodon/mastodon/issues/16895</p>
    119. 

  119. 

  120. 	<p># Federation<br />
    121. 

  121. 	# ----------<br />
    122. 

  122. 	# This identifies your server and cannot be changed safely later<br />
    123. 

  123. 	# ----------<br />
    124. 

  124. 	LOCAL_DOMAIN=i12bretro.local</p>
    125. 

  125. 

  126. 	<p># ----------<br />
    127. 

  127. 	# Optional, if different than LOCAL_DOMAIN<br />
    128. 

  128. 	# ----------<br />
    129. 

  129. 	#WEB_DOMAIN=toots.webredirect.org</p>
    130. 

  130. 

  131. 	<p># Redis<br />
    132. 

  132. 	# -----<br />
    133. 

  133. 	REDIS_HOST=redis<br />
    134. 

  134. 	REDIS_PORT=6379</p>
    135. 

  135. 

  136. 	<p># PostgreSQL<br />
    137. 

  137. 	# ----------<br />
    138. 

  138. 	DB_HOST=postgres<br />
    139. 

  139. 	DB_USER=mastodon_rw<br />
    140. 

  140. 	DB_NAME=mastodon<br />
    141. 

  141. 	DB_PASS=Ma5toD0n!<br />
    142. 

  142. 	DB_PORT=5432</p>
    143. 

  143. 

  144. 	<p># Secrets<br />
    145. 

  145. 	# -------<br />
    146. 

  146. 	# Make sure to use `rake secret` to generate secrets<br />
    147. 

  147. 	# -------<br />
    148. 

  148. 	SECRET_KEY_BASE=<br />
    149. 

  149. 	OTP_SECRET=</p>
    150. 

  150. 

  151. 	<p># Web Push<br />
    152. 

  152. 	# --------<br />
    153. 

  153. 	# Generate with `rake mastodon:webpush:generate_vapid_key`<br />
    154. 

  154. 	# --------<br />
    155. 

  155. 	VAPID_PRIVATE_KEY=<br />
    156. 

  156. 	VAPID_PUBLIC_KEY=</p>
    157. 

  157. 

  158. 	<p># Sending mail<br />
    159. 

  159. 	# ------------<br />
    160. 

  160. 	SMTP_SERVER=smtp.example.com<br />
    161. 

  161. 	SMTP_PORT=25<br />
    162. 

  162. 	SMTP_LOGIN=<br />
    163. 

  163. 	SMTP_PASSWORD=<br />
    164. 

  164. 	SMTP_FROM_ADDRESS=mastodon@example.com</p>
    165. 

  165. 

  166. 	<p><br />
    167. 

  167. 	# IP and session retention<br />
    168. 

  168. 	# -----------------------<br />
    169. 

  169. 	# Make sure to modify the scheduling of ip_cleanup_scheduler in config/sidekiq.yml<br />
    170. 

  170. 	# to be less than daily if you lower IP_RETENTION_PERIOD below two days (172800).<br />
    171. 

  171. 	# -----------------------<br />
    172. 

  172. 	IP_RETENTION_PERIOD=31556952<br />
    173. 

  173. 	SESSION_RETENTION_PERIOD=31556952</p>
    174. 

  174. 	</li>
    175. 

  175. 	<li>Press CTRL+O, Enter, CTRL+X to write the changes to .env</li>
    176. 

  176. 	<li>Continue with the following steps in the terminal
    177. 

  177. 	<div class="codeBlock"># set owner of docker directory<br />
    178. 

  178. 	sudo chown &quot;$USER&quot;:&quot;$USER&quot; ~/docker -R<br />
    179. 

  179. 	# create containers<br />
    180. 

  180. 	docker network create containers<br />
    181. 

  181. 	# run the postgesql container<br />
    182. 

  182. 	docker run -d --name postgres -e POSTGRES_USER=mastodon_rw -e POSTGRES_PASSWORD=Ma5toD0n! -e POSTGRES_DB=mastodon -v ~/docker/postgres:/var/lib/postgresql/data --network containers --restart=unless-stopped postgres:latest<br />
    183. 

  183. 	# run the redis container<br />
    184. 

  184. 	docker run -d --name redis -v ~/docker/redis:/data --network containers --restart=unless-stopped redis<br />
    185. 

  185. 	# initialize the mastodon database<br />
    186. 

  186. 	docker run --rm -it --network containers --env-file ~/docker/mastodon/.env tootsuite/mastodon rails db:migrate<br />
    187. 

  187. 	# run the mastodon frontend container<br />
    188. 

  188. 	docker run -d --name mastodon --env-file ~/docker/mastodon/.env -p 3000:3000 -v ~/docker/mastodon/public/system:/mastodon/public/system --network containers --restart=unless-stopped tootsuite/mastodon bash -c &quot;rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p 3000&quot;<br />
    189. 

  189. 	# connect to shell inside mastodon container<br />
    190. 

  190. 	docker exec -it mastodon /bin/bash<br />
    191. 

  191. 	# set the RAILS_ENV variable<br />
    192. 

  192. 	RAILS_ENV=production<br />
    193. 

  193. 	# create an owner/admin account<br />
    194. 

  194. 	# copy the password output for later<br />
    195. 

  195. 	bin/tootctl accounts create &lt;%username%&gt; --email &lt;%email address%&gt; --confirmed --role Owner<br />
    196. 

  196. 	# exit the container<br />
    197. 

  197. 	exit<br />
    198. 

  198. 	# run the mastodon streaming container<br />
    199. 

  199. 	docker run -d --name mastodon-stream --env-file ~/docker/mastodon/.env -p 4000:4000 --network containers --restart=unless-stopped tootsuite/mastodon node ./streaming<br />
    200. 

  200. 	# run the mastodon sidekiq container<br />
    201. 

  201. 	docker run -d --name mastodon-sidekiq --env-file ~/docker/mastodon/.env --network containers -v ~/docker/mastodon/public/system:/mastodon/public/system --restart=unless-stopped tootsuite/mastodon bundle exec sidekiq</div>
    202. 

  202. 	</li>
    203. 

  203. </ol>
    204. 

  204. 

  205. <h2>Setting Up the Nginx Proxy Server</h2>
    206. 

  206. 

  207. <ol>
    208. 

  208. 	<li>Now that all the pieces of Mastodon are running, we&#39;ll configure an nginx proxy server
    209. 

  209. 	<div class="codeBlock"># download the default mastodon nginx configuration<br />
    210. 

  210. 	wget -O ~/docker/nginx/conf/mastodon.conf https://raw.githubusercontent.com/mastodon/mastodon/main/dist/nginx.conf<br />
    211. 

  211. 	# replace some options to work running in docker containers<br />
    212. 

  212. 	sed -i &quot;s/try_files \$uri =404;/try_files \$uri @proxy;/&quot; ~/docker/nginx/conf/mastodon.conf<br />
    213. 

  213. 	# update the server_name with the URL being used to reach mastodon<br />
    214. 

  214. 	# make sure to replace WEB_DOMAIN<br />
    215. 

  215. 	sed -i &quot;s/server_name example.com;/\server_name &lt;%WEB_DOMAIN%&gt;;/&quot; ~/docker/nginx/conf/mastodon.conf<br />
    216. 

  216. 	# update mastodon frontend server<br />
    217. 

  217. 	sed -i &#39;s/server 127.0.0.1:3000/server mastodon:3000/&#39; ~/docker/nginx/conf/mastodon.conf<br />
    218. 

  218. 	# update mastodon stream server<br />
    219. 

  219. 	sed -i &#39;s/server 127.0.0.1:4000/server mastodon-stream:4000/&#39; ~/docker/nginx/conf/mastodon.conf<br />
    220. 

  220. 	# update the ssl certificate path<br />
    221. 

  221. 	# make sure to replace DNS NAME<br />
    222. 

  222. 	sed -i &#39;s/# ssl_certificate\s*\/etc\/letsencrypt\/live\/example.com\/fullchain.pem;/ssl_certificate\t\/etc\/letsencrypt\/live\/&lt;%DNS NAME%&gt;\/fullchain.pem;/&#39; ~/docker/nginx/conf/mastodon.conf<br />
    223. 

  223. 	# update the ssl key path<br />
    224. 

  224. 	# make sure to replace DNS NAME<br />
    225. 

  225. 	sed -i &#39;s/# ssl_certificate_key\s*\/etc\/letsencrypt\/live\/example.com\/privkey.pem;/ssl_certificate_key\t\/etc\/letsencrypt\/live\/&lt;%DNS NAME%&gt;\/privkey.pem;/&#39; ~/docker/nginx/conf/mastodon.conf<br />
    226. 

  226. 	# create nginx proxy container<br />
    227. 

  227. 	docker run --name nginx -p 80:80 -p 443:443 --network containers -v ~/docker/nginx/conf:/etc/nginx/conf.d:ro -v /etc/letsencrypt:/etc/letsencrypt:ro -d nginx</div>
    228. 

  228. 	</li>
    229. 

  229. 	<li>Open a web browser and navigate to https://&lt;%WEB_DOMAIN%&gt;</li>
    230. 

  230. 	<li>Click Sign in then login using the owner email and generated password from earlier</li>
    231. 

  231. 	<li>Select Preferences from the lower right of the user interface</li>
    232. 

  232. 	<li>Select Account from the left navigation menu</li>
    233. 

  233. 	<li>Enter the generated password in the Current password field, then enter and confirm a new password for the current user &gt; Click Save Changes</li>
    234. 

  234. 	<li>Select Logout from the left navigation menu</li>
    235. 

  235. 	<li>Log back in using the owner account email address and updated password</li>
    236. 

  236. 	<li>Welcome to Mastodon</li>
    237. 

  237. </ol>          </div>
    238. 

  238.         </div>
    239. 

  239.       </body>
    240. 

  240.     </html>
    241. 

  241.   
    242.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5