Home / How To / How to install Mastodon Social Network with Docker on Ubuntu 18.04 LTS

How to install Mastodon Social Network with Docker on Ubuntu 18.04 LTS



Mastodon is a free, decentralized and open source network. It was created as an alternative to Twitter. Like Twitter, people can follow each other, send messages, photos and videos. But unlike Twitter, there is no central store or authority for the content.

Instead, Mastodon operates over thousands of different servers, each running different members of society. Users who are registered on one server can easily connect to users on the other network and follow each other across different instances.

Anyone can install their own instance of a Mastodon server. This tutorial will teach you how to set up your instance of Mastodon on a server with Ubuntu 18.04 using Docker.

Prerequisites

  • An Ubuntu 1

    8.04-based server with a non-root sudo user.

  • Make sure your system is up to date.

      $ sudo apt update
    Upgrade of $ sudo apt
    
  • Mastodon sends emails to users. One option to make it work is to set up your own email server. You can do this on the same server that you install mastodon or on another server. To do so is beyond this guide.

    We recommend using a third-party Transactionional mail service such as Mailgun, Sendgrid, Amazon SES or Sparkpost. The instructions in the wizard will use Mailgun as your SMTP provider.

  • Make sure you have a domain name pointing to the server. For this tutorial we will use example.com as the domain.

Step 1 – Install Dependencies

Before we install Mastodon, we need to make sure that our server has some software that it will need to install properly. Run the following commands to install dependencies.

  $ sudo apt update
$ sudo apt install ca-certificate curl ufw apt-transport-https software properties-common git -y

Some of the software above may be pre-installed for you.

Since we installed Git, we should configure it before proceeding.

  $ git config - global user.name "Your Name"
$ git config - global user.email "[email protected]"

Step 2 – Configure Firewall

In our previous step, we installed, ufw (Uncomplicated Firewall) . Before we can continue to install Mastodon, we must configure it.

Enable SSH and the port we just created so we don't get locked.

  $ sudo ufw allow OpenSSH

Activate the ufw firewall.

  $ sudo ufw enable

We also need to enable http and https for Mastodon to work.

  $ sudo ufw allow http
$ sudo ufw allow https

Check the status of the firewall.

  $ sudo ufw status

You should see an output as follows.

  Status: active

For action from
- ------ ----
OpenSSH ALLOW Anywhere
80 / tcp ALLOW Anywhere
443 / tcp ALLOW Anywhere
OpenSSH (v6) ALLOW Anywhere (v6)
80 / tcp (v6) ALLOW Anywhere (v6)
443 / tcp (v6) ALLOW Anywhere (v6)

Step 3 – Install Docker

Add Docker's GPG key to your system.

  $ curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

Verify the fingerprint of the downloaded key.

  $ sudo apt-key fingerprint 0EBFCD88

You should see an output as follows.

  pub rsa4096 2017-02-22 [SCEA]
9DC8 5822 9FC7 DD38 854A E2D8 8D81 803C 0EBF CD88
uid [ unknown] Docker Release (CE deb) <[email protected]>
sub rsa4096 2017-02-22 [S]

Add the Docker layer.

  $ sudo add-apt-repository "deb [arch=amd64] stable https://download.docker.com/linux/ubuntu $ (lsb_release -cs)"

Update your package database.

  $ sudo apt update

Install Docker CE. CE is the Community Edition of Docker.

  $ sudo apt install docker-ce -y

Docker should be installed now. Make sure it is running.

  $ sudo systemctl status docker
The output should be similar to the following. 

? docker.service - Docker Application Container Engine
Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor setting: enabled)
Active: active (active) since Tuesday 2019-10-22 18:26:29 UTC; 25 minutes ago
Document: https://docs.docker.com
Main PID: 3574 (docked)
Tasks: 8
CGroup: /system.slice/docker.service
?? 3574 / usr / bin / dockerd -H fd: // --containerd = / run / containererd / containererd.sock

Press q to exit.

Add your limited Linux user account to the docking group so you can run dockers without sudo.

  sudo usermod -aG docker $ USER

$ USER variable will select and add the currently logged in user to the docking group. Replace $ USER with the actual username if you are not currently logged in with that user.

Switch to the user we just added. Even if you were already logged in, you will still need to switch to it again to reload the permissions.

  $ su - $ {USER}

Check that everything is going well by running the built-in program "Hello World" .

  $ docker run hello-world

You should see the following output that says Docker is installed and working correctly.

  The image "hello-world: latest" could not be found locally
latest: Drag from the library / hello world
1b930d010525: Wire complete
Digest: sha256: c3b4ada4687bbaa170745b3e4dd8ac3f194ca95b2d0518b417fb47e5879d9b5f
Status: Downloaded newer image for hello-world: latest

Hello from Docker!
This message indicates that your installation seems to be working properly.

Step 4 - Installing Docker Compose

It is possible to skip this step and continue but with Docker Compose installed it will make Mastodon much easier, especially if you want to do it on more than one server.

  $ sudo curl -L "https://github.com/docker/compose/releases/download/1.24.1/docker-compose-$(uname -s) - $ (uname -m)" -o / usr / local / bin / docker-compose

At the time of writing this manual, 1.24.1 is the current stable version of Docker Compose. You can check for the latest version from their Github page.

Apply executable permissions for the docker composing binary.

  $ sudo chmod + x / usr / local / bin / docker-compose

Add the completion command to Docker Compose.

  $ sudo curl -L https://raw.githubusercontent.com/docker/compose/1.24.1/contrib/completion/bash/docker-compose -o/etc/bash_completion.d / docker-compose

Verify if your installation was successful.

  $ docker-compose --version

It will print the following output.

  docker-compose version 1.24.1, build 4667896b

Step 5 - Install Mastodon

Clone Mastodon archive for your server.

  $ git clone https://github.com/tootsuite/mastodon

Navigate to the directory to which we just copied files.

  $ cd mastodon

Mastodon comes with a sample configuration file. We need to rename it for Mastodon to work.

  $ cp .env.production.sample .env.production

We need to generate secret keys for our configuration file. But before that, we have to build the Docker image.

  $ docker-compose build

Now that the image has been successfully built, you need to create multiple keys that are required to configure the Mastodon.

Generate SECRET_KEY_BASE first.

  $ SECRET_KEY_BASE = $ (docker-compose run - -rm web bundle exec rake secret)

Insert the above key into the configuration file.

  $ sed -i -e "s / SECRET_KEY_BASE = / & $ {SECRET_KEY_BASE} /" .env.production

Generate and insert OTP_SECRET into the configuration file.

  $ OTP_SECRET = $ (docker-compose run - rm web bundle exec rake secret)
$ sed -i -e "s / OTP_SECRET = / & $ {OTP_SECRET} /" .env.production

Generate and insert PAPERCLIP_SECRET into the configuration file.

  $ PAPERCLIP_SECRET = $ (docker-compose run --rm web bundle exec rake secret)
$ sed -i -e "s / PAPERCLIP_SECRET = / & $ {PAPERCLIP_SECRET} /" .env.production

Generate values ​​for VAPID_PRIVATE_KEY and VAPID_PUBLIC_KEY .

  $ docker-compose run --rm web bundle exec rake mastodon: webpush: generate_vapid_key

Open file .env.production .

  $ sudo nano ./.env.production

Search for VAPID_PRIVATE_KEY and VAPID_PUBLIC_KEY in the file and copy the output of the previous command.

Find the LOCAL_DOMAIN variable and change its value example.com to the domain name you have chosen for your Mastodon installation.

Enter values ​​you received from your SMTP provider.

  SMTP_SERVER = smtp.mailgun.org
SMTP_PORT = 587
SMTP_LOGIN = username
SMTP_PASSWORD = password
SMTP_FROM_ADDRESS = [email protected]

Press Ctrl + X and save the file when done.

You must rebuild the Docker image to implement any changes made above.

  $ docker-compose build

Set the database.

  $ docker-compose run --rm web rails db: migrate

Precompile Mastodon's assets.

  $ docker-compose run --rm web rails assets: precompile

Run the following command to run the container.

  $ docker-compose up -d

Step 6 - Install and Configure Nginx

The next step in our guide is to install the Nginx server so that the Mastodon site works.

Run the following command to install the Nginx server.

  $ sudo apt install nginx -y

Nginx comes with a default page configured. Take it away.

  $ sudo rm / etc / nginx / sites-available / default

Also remove the default page symlink.

  $ sudo rm / etc / nginx / sites-enabled / default

Create an Nginx configuration file for Mastodon.

  $ sudo touch / etc / nginx / sites-available / mastodon

Create a symlink for the Mastodon configuration.

  $ sudo ln -s / etc / nginx / sites-available / mastodon / etc / nginx / sites-enabled / mastodon

Open the Mastodon configuration in the Nano editor. (You can choose which editor you want)

  $ sudo nano / etc / nginx / sites-available / mastodon

Copy and paste the following text into it.

  map $ http_upgrade $ connection_upgrade {
standard upgrade;
& # 39; & # 39; close;
}

server {
listen 80;
listen [::]: 80;
server name example.com;
root / home / user / mastodon / public;
# Useful for Let's Encrypt
location /.well-known/acme-challenge/ {allow all; }
location / {return 301 https: // $ host $ request_uri; }
}

server {
listen 443 ssl http2;
listen [::]: 443 ssl http2;
server name example.com;

ssl_protocols TLSv1.2;
ssl_ciphers HIGH:! MEDIUM:! LOW :! aNULL :! NULL :! SHA;
ssl_prefer_server_ciphers on;
ssl_session_cache shared: SSL: 10m;

ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;

keepalive_timeout 70;
send file on;
client_max_body_size 80m;

root / home / user / mastodon / public;

gzip på;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffrar 16 8k;
gzip_http_version 1.1;
gzip_typer text / plain text / css application / json-application / javascript-text / xml-application / xml-application / xml + rss-text / javascript;

add_header Strict-Transport-Security "max-age = 31536000";

location / {
try_files $ uri @proxy;
}

location ~ ^ / (emoji | package | system / accounts / avatars | system / media_attachments / files) {
add_header Cache-Control "public, max-age = 31536000, immutable";
try_files $ uri @proxy;
}

location /sw.js {
add_header Cache-Control "public, max-age = 0";
try_files $ uri @proxy;
}

location @proxy {
proxy_set_header Host $ host;
proxy_set_header X-Real-IP $ remote_addr;
proxy_set_header X-Forwarded-For $ proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Proxy "";
proxy_pass_header server;

proxy_pass http://127.0.0.1:3000;
proxy_buffering of;
proxy_redirect av;
proxy_http_version 1.1;
proxy_set_header Upgrade $ http_upgrade;
proxy_set_header Connection $ connection_upgrade;

tcp_nodelay on;
}

location / api / v1 / streaming {
proxy_set_header Host $ host;
proxy_set_header X-Real-IP $ remote_addr;
proxy_set_header X-Forwarded-For $ proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Proxy "";

proxy_pass http://127.0.0.1:4000;
proxy_buffering of;
proxy_redirect av;
proxy_http_version 1.1;
proxy_set_header Upgrade $ http_upgrade;
proxy_set_header Connection $ connection_upgrade;

tcp_nodelay on;
}

error_page 500 501 502 503 504 /500.html;
}

The above configuration assumes that you use Let's Encrypt as your SSL provider. If you use another SSL service, you must edit the location of the keys and skip the next section in the tutorial.

Step 7 - Install and Configure Let's Encrypt

Make sure Nginx is stopped.

  $ sudo systemctl stop nginx

Add the Certbot archive.

  $ sudo add-apt-repository ppa: certbot / certbot

Update system packages.

  $ sudo apt update

Install the Certbot tool.

  $ sudo apt install certbot

You must create the certificate twice - once with the TLS SNI method and the second time with the webroot method.

  sudo certbot certonly - standalone -d example.com

Now create the certificate using the webroot method. This requires Nginx to run.

  sudo systemctl start nginx
sudo certbot certonly --webroot -d example.com -w / home / user / mastodon / public /

The tool asks you if you want to keep the certificate or renew it. Choose the option to renew.

Setting automatic renewal of SSL certificate

Let's encrypt the certificates have a validity of 90 days. After that, you need to renew them again. For that, you can create a cron job to do it automatically for you.

Create a cron job.

  $ sudo nano /etc/cron.daily/letsencrypt-renew

Copy and paste the following into the file.

  #! / Usr / bin / env bash
certbot renew
systemctl reload nginx

Save and exit the file by pressing Ctrl + X and enter Y when prompted.

Run the script executable and restart the cron demon so that our script runs daily.

  $ sudo chmod + x /etc/cron.daily/letsencrypt-renew
$ sudo systemctl restart cron

Step 8 - Create Your Mastodon User

Visit your mastodon site in a web browser. The following screen appears.

 Add Mastodon user

Enter the desired username, email address and password to create a new account on your Mastodon instance. Your full username that you need to connect to users of other Mastodon servers is howtoforge @ example.com.

Mastodon sends a confirmation email to verify the registration. [19659002] You can also manually confirm the registration. For that you need SSH to your Docker instance. List all current Docker instances.

  $ docker ps

You will see an output as below.

  CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
32f2c4cd2598 tootsuite / mastodon "/ tini - bash -c & # 39; r ..." 16 hours ago Up 16 hours (fresh) 127.0.0.1:3000->3000/tcp mastodon_web_1
76beca2b858d tootsuite / mastodon "/ tini - node ./str…" 16 hours ago Up 16 hours (fresh) 127.0.0.1:4000->4000/tcp mastodon_streaming_1
08f7a42b75ac tootsuite / mastodon "/ tini - bundle exe ..." 16 hours ago Up 16 hours mastodon_sidekiq_1
bacaa8c09a85 redis: 5.0-alpine "docker-entrypoint.s ..." 17 hours ago Up 17 hours (fresh) mastodon_redis_1
62e9b2175a53 postgres: 9.6-alpine "docker-entrypoint.s ..." 17 hours ago Up 17 hours (healthy) mastodon_db_1

To make the required changes, we must access the flow container. SSH into the mastodon_streaming_1 container.

  $ docker exec -it mastodon_streaming_1 / bin / bash

This will launch a Bash shell in your container.

Run the following command to approve your newly created username.

  [email protected]: ~ $ RAILS_ENV = production box / tootctl accounts change howtoforge - Confirm

Run the following command to make your newly created account an administrator.

  [email protected]: ~ $ RAILS_ENV = production box / tootctl accounts change howtoforge - role admin

Exit the container.

  [email protected]: ~ $ exit

Log in to your instance with your username and password and you are greeted with the following screen.

 Mastodon's first step

Click Let & # 39; s Go and you will continue to the following pages to inform you of some basics on how Mastodon works.

 How Mastodon works

 Answer - Boost - Favorite

Click Finish tutorial which is greeted with your Mastodon's website where you can start posting to the content of your heart.

 Mastodon Dashboard

You can access settings and the administration area from the Settings menu.

Step 9 - Maintenance

To see the performance and logs of your Mastodon instance, go to https://example.com/sidekiq/ Chapter19659002 This can see a list of various processes and scheduled tasks related to your Mastodon instance. You can also check for failed data in the Dead or Retries section. It will also tell the memory usage of your instance.

 Mastodon maintenance

You can check the health of your instance database from https://example.com/pghero/

 pghero

You can perform maintenance of your database, run SQL queries and remove unused indexes.

If your site is not loading at all for any reason, you can check logs generated by Docker.

19659002] Therefore, close your containers first.

  $ docker-compose down

Run Docker compose in the enclosed state so you can see logs generated by each container.

  $ docker-compose up

Step 10 Upgrading Your Mastodon

Switch to your mastodon directory.

  $ cd / home / user / mastdon

Download repository updates

  $ git download

If for some reason you have changed your docker-compose.yml file, you must run the following command first.

  $ git status

This will tell you all the changes made to it. If the file is modified, then stash your changes first.

  $ git stash

Check out the latest Mastodon version. Check out the latest version from the release page.

  $ git checkout 

If you ran git stash earlier, then run the following command to redo your changes to the docker-compose.yml file.

  $ git stash pop

Build up the docking image.

  $ docker-compose build

Perform database migrations.

  $ docker-compose run --rm web rails db: migrate

Precompile Mastodon's assets.

  $ docker-compose run --rm web rails assets: precompile

Run the following command to run the container.

  $ docker-compose up -d

That's all for this tutorial. Follow their documents to learn more about Mastodon.


Source link