Stephen Basile

Run Your Own Mastodon Server

Mastodon

Next we’ll install the mastodon package by changing accounts and downloading the repository.

su - mastodon
git clone https://github.com/tootsuite/mastodon.git ~/live
cd ~/live
git checkout $(git tag -l | grep -v 'rc[0-9]*$' | sort -V | tail -n 1)

Add dependencies

bundle config deployment 'true'
bundle config without 'development test'
bundle install -j$(getconf _NPROCESSORS_ONLN)
yarn install --pure-lockfile

Finally with everything installed, we can begin installation of Mastodon with the following command.

RAILS_ENV=production bundle exec rake mastodon:setup

We will now be asked a bunch of questions for installation. Please remember that some of these can not be changed once you’ve finalized them such as the domain name.

Setup Questions

Domain Name:

You’ll want to enter the domain name you’ll be using for the server. This may or may not be the top level domain and you might want to use a sub domain (example.com vs sub.example.com).

Do you want to enable single user mode?

If you plan to be the only user using this server (such as my personal mastodon node), then you'll want to type in yes, otherwise, if you plan to host this for anyone else, enter no.

Are you using Docker to run Mastodon?

Since we're installing directly to the OS, our answer should be no.

PostgreSQL host: /var/run/postgresql
PostgreSQL port: 5432
Name of PostgreSQL database: mastodon_production
Name of PostgreSQL user: mastodon
Password of PostgreSQL user: 
Database configuration works! ????

Redis host: localhost
Redis port: 6379
Redis password: 
Redis configuration works! ????

Do you want to store uploaded files on the cloud?

Unless you plan to use a third party service like AWS, enter no.

Do you want to send e-mails from localhost?

So if you use the blogging CMS WordPress, you'll already be familiar with this next part but unless you have an email server built into the server already, sending emails from the localhost is not an option.

You might want to use a relay or third party source for sending emails, be aware using a service like Gmail to send a bulk amount of emails will most likely not work and reach email limits.

I personally selected no and then edited the email configuration section later to use my private email service but I also am the only one receiving those emails since my mastodon node is only used by me.

Enter yes if the server running is setup for sending emails (again, with the additional security and authority configs for doing so) or no if you plan to use a third party for handling emails.

You'll also need to make sure the email address being used to send emails has authority from the email server to do so. You'll need DMARC, DKIM, SPF setup for this on your DNS records, etc.

Now that configuration is saved, the database schema must be loaded.
If the database already exists, this will erase its contents.
Prepare the database now? Yes
Prepare the database now? Yes
Do you want to create an admin user straight away? Yes

You will then be asked about the admin username or your choosing, the email address associated with it and a randomly generated password for your first login. Save this password for later login. We still need to create the front end (web server) before we can access the Mastodon instance.

We can now type in exit to exit the Mastodon account and return to root for installing Nginx, the web server.
exit

Nginx and Certbot (LetsEncrypt)

If you plan to install your own certificate from a third party provider, you can skip the certbot installation. You’ll still need to install the cert and tell Nginx the location.

add-apt-repository ppa:certbot/certbot
apt-get update -y
apt-get install nginx certbot -y

This will now install both Nginx and certbot for obtaining an SSL cert from Let’s Encrypt, a free certificate service. Please keep in mind you’ll need to renew this certificate very couple months and you should input a valid email address to receive reminders about such expiration.

We’ll now copy the default nginx config file from Mastodon to Nginx.

cp /home/mastodon/live/dist/nginx.conf /etc/nginx/sites-available/mastodon.conf

Next, enable virtual host configuration:

ln -s /etc/nginx/sites-available/mastodon.conf /etc/nginx/sites-enabled/

We will need to replace the default filler domain name Mastodon supplies from the configuration with the domain name you have selected for this instance by entering the following below. Make sure to replace the mastodon.example.com domain with your domain.

We can now stop the nginx service and begin the certbot process. If you restart nginx before having a valid certificate the service will crash. Enter the following:

service nginx stop

Get your SSL cert from certbot:

certbot certonly -d example.com

This will launch the certbot and will only authorize and download the certificate and will not modify the web server.

Select option to spin a temporary server and authorize domain. Make sure at this point the server’s DNS record is pointing to this domain name or the process will fail.

If this is the first time you’ll be asked to enter an email address for reminders and another option about receiving emails from the Electronic Frontier Foundation. This is optional.

You certificate should now be installed to the /etc/letsencrypt/live/example.com location. These samples are also setup in the default Nginx configuration file that we will now edit and enable.

Use you favorite text editor to edit the Nginx config file and uncomment and replace the domain name with yours. See example below. I like to use Nano for editing such a small file.

nano /etc/nginx/sites-enabled/mastodon.conf

Find the location for the SSL certificate location. This will be under the SSL server listening into port 443, you’ll find something similar like below:

# Uncomment these lines once you acquire a certificate:
#ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
#ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;

Remove the # from both lines and replace example.com with the domain you have chosen and certificate installed. We’ll now save the file and start Nginx. If your using nano, Crtl+X will close the file and save.

service nginx start

As long as you haven’t made any other modifications and had previously successfully installed the certificate, the web server should start with no errors. (There should be no text displayed)

Create Mastodon to Run as a Service

We’ll want Mastodon to run as soon as the server boots or reboots without having to manually restart and of the services. To do that we need to copy some services and enable some settings. Enter the following into the console:

cp /home/mastodon/live/dist/mastodon-web.service /etc/systemd/system/
cp /home/mastodon/live/dist/mastodon-sidekiq.service /etc/systemd/system/
cp /home/mastodon/live/dist/mastodon-streaming.service /etc/systemd/system/

We have now copied the three services needed to run during system boot, now let’s enable them:

systemctl start mastodon-web
systemctl start mastodon-sidekiq
systemctl start mastodon-streaming
systemctl enable mastodon-web
systemctl enable mastodon-sidekiq
systemctl enable mastodon-streaming

If everything has gone well at this point, we should be good to go and Mastodon has been installed. We can check to make sure the above services are running by entering:

systemctl status mastodon-web mastodon-sidekiq mastodon-streaming

You will see a bunch of text printed out giving you the status for these services, you’ll want to look for

Active: active (running)

to give you a sense the service is correctly running. If you see “failure”, something has gone wrong. You can check Nginx as well with similar results if you want to see if it running correctly

service nginx status

Web Access

You should now be able to point your browser to the domain name you have used for Mastodon to login for the first time. Remember to use your Admin account you setup previously as well as the admin password randomly supplied to you.

Pages: 1 2

Posted

in

by

Stephen

Tags: