Mastodon: Difference between revisions

From NixOS Wiki
imported>Sefidel
Since https://github.com/NixOS/nixpkgs/pull/203825, mastodon-env has been replaced with mastodon-tootctl.
Onny (talk | contribs)
→‎Usage: Add more usage examples
 
(16 intermediate revisions by 6 users not shown)
Line 1: Line 1:
== Setup your own personal Mastodon instance on a dedicated server ==
[https://joinmastodon.org Mastodon] is a decentralized social media platform that allows users to create accounts, post content, and interact with others. It is an alternative to centralized social media platforms like Twitter and Facebook.


The <service>services.mastodon</service> service can be used to setup a Mastodon instance in [https://docs.joinmastodon.org/admin/config/#single_user_mode single user mode].
== Setup ==


It will setup all the necessary services (PostgreSQL, Redis, Nginx...) and setup a valid certificate to be used for the HTTPS connection:
The <code>services.mastodon</code> service can be used to setup a Mastodon instance in [https://docs.joinmastodon.org/admin/config/#single_user_mode single user mode]. It will setup all the necessary services (PostgreSQL, Redis, Nginx...) and setup a valid certificate to be used for the HTTPS connection:


<syntaxHighlight lang=nix>
<syntaxhighlight lang="nix">
   security.acme = {
   security.acme = {
     acceptTerms = true;
     acceptTerms = true;
Line 15: Line 15:
     configureNginx = true;
     configureNginx = true;
     smtp.fromAddress = "noreply@social.example.com"; # Email address used by Mastodon to send emails, replace with your own
     smtp.fromAddress = "noreply@social.example.com"; # Email address used by Mastodon to send emails, replace with your own
    streamingProcesses = 3; # Number of processes used. It is recommended to set to the number of CPU cores minus one
     extraConfig.SINGLE_USER_MODE = "true";
     extraConfig.SINGLE_USER_MODE = "true";
   };
   };
   networking.firewall.allowedTCPPorts = [ 80 443 ];
   networking.firewall.allowedTCPPorts = [ 80 443 ];
</syntaxHighlight>
</syntaxhighlight>
 
You can then create your account using the package <code>mastodon</code>:
Ignore any warnings about the ruby version, it should work anyways
 
<syntaxhighlight lang="console">
# sudo -u mastodon mastodon-tootctl accounts create USERNAME --email=YOUR_EMAIL --confirmed --role=Owner
</syntaxhighlight>
 
and approve your new account
<syntaxhighlight lang="console">
# sudo -u mastodon mastodon-tootctl accounts approve USERNAME
</syntaxhighlight>
 
Then you're ready to head to the domain you set up and start tooting away!
 
== Usage ==
 
Create user
 
<syntaxhighlight lang="console">
# sudo -u mastodon mastodon-tootctl accounts create my_user --email myuser@example.org
</syntaxhighlight>
 
Confirm user mail manually
 
<syntaxhighlight lang="console">
# sudo -u mastodon mastodon-tootctl accounts modify my_user --email myuser@example.org --confirm
</syntaxhighlight>


You can then create your account using <code>tootctl</code>: <code>mastodon-tootctl accounts create USERNAME --email=YOUR_EMAIL --confirmed --role=Owner'</code>
Change password for user <code>my_user</code>


== Automatic backups ==
<syntaxhighlight lang="console">
# sudo -u mastodon mastodon-tootctl accounts modify --reset-password my_user
</syntaxhighlight>


Mastodon uses postgreSQL as database. Luckily, Nixpkgs offers a useful service, [https://search.nixos.org/options?channel=unstable&show=services.postgresqlBackup.enable&from=0&size=50&sort=relevance&type=packages&query=postgresql <code>services.postgresqlBackup.enable</code>].
== Tips and tricks ==


Example settings, assuming you have the default database settings:
=== Enabling full text search ===
<syntaxHighlight lang=nix>
Using OpenSearch as alternative to ElasticSearch after the license change. First set the following options and rebuild the config:<syntaxhighlight lang="nix">
  services.postgresqlBackup = {
services.opensearch.enable = true;
    enable = true;
services.mastodon.elasticsearch.host = "127.0.0.1";
    databases = [ "mastodon" ];
</syntaxhighlight>Then on the server run the following command to fill the search index:<syntaxhighlight lang="console">
  };
$ sudo -u mastodon mastodon-tootctl search deploy
</syntaxHighlight>
</syntaxhighlight>


== Using Caddy as a server  ==
=== Using Caddy as a server  ===


Use the following template:
Use the following template:
Line 88: Line 119:
users.users.caddy.extraGroups = [ "mastodon" ];
users.users.caddy.extraGroups = [ "mastodon" ];


# Caddy systemd unit needs readwrite permissions to /run/mastodon-web
systemd.services.caddy.serviceConfig.ReadWriteDirectories = lib.mkForce [ "/var/lib/caddy" "/run/mastodon-web" ];
</syntaxHighlight>
=== Automatic backups ===
Mastodon uses postgreSQL as database. Luckily, Nixpkgs offers a useful service, [https://search.nixos.org/options?channel=unstable&show=services.postgresqlBackup.enable&from=0&size=50&sort=relevance&type=packages&query=postgresql <code>services.postgresqlBackup.enable</code>].
Example settings, assuming you have the default database settings:
<syntaxHighlight lang=nix>
  services.postgresqlBackup = {
    enable = true;
    databases = [ "mastodon" ];
  };
</syntaxHighlight>
</syntaxHighlight>


== Hints for running in your local network for testing ==
== Troubleshooting ==
 
=== Hints for running in your local network for testing ===


If you get a <code>Mastodon::HostValidationError</code> when trying to federate with another ActivityPub instance in your local network you need to allow Mastodon to access local ip addresses in outgoing http (federation) requests. To do this set the following environment variable:
If you get a <code>Mastodon::HostValidationError</code> when trying to federate with another ActivityPub instance in your local network you need to allow Mastodon to access local ip addresses in outgoing http (federation) requests. To do this set the following environment variable:
Line 96: Line 144:
This is also documented in the Mastodon admin guide[https://docs.joinmastodon.org/admin/config/].
This is also documented in the Mastodon admin guide[https://docs.joinmastodon.org/admin/config/].


[[Category:ActivityPub]]
[[Category:Applications]]
[[Category:Applications]]
[[Category:Web Applications]]
[[Category:Server]]

Latest revision as of 09:01, 12 November 2024

Mastodon is a decentralized social media platform that allows users to create accounts, post content, and interact with others. It is an alternative to centralized social media platforms like Twitter and Facebook.

Setup

The services.mastodon service can be used to setup a Mastodon instance in single user mode. It will setup all the necessary services (PostgreSQL, Redis, Nginx...) and setup a valid certificate to be used for the HTTPS connection:

  security.acme = {
    acceptTerms = true;
    defaults.email = "<EMAIL TO USE FOR CORRESPONDENCE WITH Let's Encrypt>";
  };
  services.mastodon = {
    enable = true;
    localDomain = "social.example.com"; # Replace with your own domain
    configureNginx = true;
    smtp.fromAddress = "noreply@social.example.com"; # Email address used by Mastodon to send emails, replace with your own
    streamingProcesses = 3; # Number of processes used. It is recommended to set to the number of CPU cores minus one
    extraConfig.SINGLE_USER_MODE = "true";
  };
  networking.firewall.allowedTCPPorts = [ 80 443 ];

You can then create your account using the package mastodon: Ignore any warnings about the ruby version, it should work anyways

# sudo -u mastodon mastodon-tootctl accounts create USERNAME --email=YOUR_EMAIL --confirmed --role=Owner

and approve your new account

# sudo -u mastodon mastodon-tootctl accounts approve USERNAME

Then you're ready to head to the domain you set up and start tooting away!

Usage

Create user

# sudo -u mastodon mastodon-tootctl accounts create my_user --email myuser@example.org

Confirm user mail manually

# sudo -u mastodon mastodon-tootctl accounts modify my_user --email myuser@example.org --confirm

Change password for user my_user

# sudo -u mastodon mastodon-tootctl accounts modify --reset-password my_user

Tips and tricks

Enabling full text search

Using OpenSearch as alternative to ElasticSearch after the license change. First set the following options and rebuild the config:

services.opensearch.enable = true;
services.mastodon.elasticsearch.host = "127.0.0.1";

Then on the server run the following command to fill the search index:

$ sudo -u mastodon mastodon-tootctl search deploy

Using Caddy as a server

Use the following template:

services = {
  caddy = {
    enable = true;
    virtualHosts = {
    
      # Don't forget to change the host!
      "<your-server-host>" = {
        extraConfig = ''
          handle_path /system/* {
              file_server * {
                  root /var/lib/mastodon/public-system
              }
          }

          handle /api/v1/streaming/* {
              reverse_proxy  unix//run/mastodon-streaming/streaming.socket
          }

          route * {
              file_server * {
              root ${pkgs.mastodon}/public
              pass_thru
              }
              reverse_proxy * unix//run/mastodon-web/web.socket
          }

          handle_errors {
              root * ${pkgs.mastodon}/public
              rewrite 500.html
              file_server
          }

          encode gzip

          header /* {
              Strict-Transport-Security "max-age=31536000;"
          }
          header /emoji/* Cache-Control "public, max-age=31536000, immutable"
          header /packs/* Cache-Control "public, max-age=31536000, immutable"
          header /system/accounts/avatars/* Cache-Control "public, max-age=31536000, immutable"
          header /system/media_attachments/files/* Cache-Control "public, max-age=31536000, immutable"
        '';
    };
  };
};

# Caddy requires file and socket access
users.users.caddy.extraGroups = [ "mastodon" ];

# Caddy systemd unit needs readwrite permissions to /run/mastodon-web
systemd.services.caddy.serviceConfig.ReadWriteDirectories = lib.mkForce [ "/var/lib/caddy" "/run/mastodon-web" ];

Automatic backups

Mastodon uses postgreSQL as database. Luckily, Nixpkgs offers a useful service, services.postgresqlBackup.enable.

Example settings, assuming you have the default database settings:

  services.postgresqlBackup = {
    enable = true;
    databases = [ "mastodon" ];
  };

Troubleshooting

Hints for running in your local network for testing

If you get a Mastodon::HostValidationError when trying to federate with another ActivityPub instance in your local network you need to allow Mastodon to access local ip addresses in outgoing http (federation) requests. To do this set the following environment variable: ALLOWED_PRIVATE_ADDRESSES to a comma-separated list of allowed ip addresses with the format specified in https://ruby-doc.org/stdlib-2.5.1/libdoc/ipaddr/rdoc/IPAddr.html. This is also documented in the Mastodon admin guide[1].