Systeminformationen
Operating System: Ubuntu 20.04
Domain: https://mastodon.partners
Mastodon Version: 4.0.2
Verwendete Software:
Ruby, PostgreSQL, Certbot, Yarn, NodeJS, Fail2Ban
Server Preperation to install Mastodon
// 1. Set Hostname mastodon.partners
hostnamectl set-hostname mastodon.partners
echo "mastodon.partners" > /etc/hostname
echo "127.0.0.1 mastodon.partners" >> /etc/hosts
// Install curl, wget, gnupg, apt-transport-https, lsb-release and ca-certificates:
apt install -y curl wget gnupg apt-transport-https lsb-release ca-certificates
Install YARN Package Manager
Ab Node.js 16.10 muss yarn nicht einzeln installiert werden, da es bereits enthalten ist. Dazu muss das corepack aktiviert werden, nachdem Node.js installiert wurde.
corepack enable
// First add the yarn repo to sources list
echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list
apt-get update && apt-get dist-upgrade && apt-get install -y yarn
Install NodeJS and set Yarn version to classic
curl -sL https://deb.nodesource.com/setup_16.x | bash -
## Installing the NodeSource Node.js 16.x repo...
## Populating apt-get cache...
apt-get update
// OK:1 http://ftp.stratoserver.net/pub/linux/ubuntu focal InRelease
// OK:2 https://deb.nodesource.com/node_16.x focal InRelease
// Holen:3 https://dl.yarnpkg.com/debian stable InRelease [17,1 kB]
// Fehl:3 https://dl.yarnpkg.com/debian stable InRelease
// Die folgenden Signaturen konnten nicht überprüft werden, weil ihr öffentlicher Schlüssel nicht verfügbar ist: NO_PUBKEY 23E7166788BXXXXX
// Add missing PUBKEY
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 23E7166788BXXXXX
// Tray again to installing the NodeSource Node.js 16.x repo...
curl -sL https://deb.nodesource.com/setup_16.x | bash -
// Enable NodeJS corepack feature and set Yarn version to classic:
corepack enable
yarn set version classic
Install some System packages
apt install -y \
imagemagick ffmpeg libpq-dev libxml2-dev libxslt1-dev file git-core \
g++ libprotobuf-dev npm protobuf-compiler pkg-config nodejs gcc autoconf \
bison build-essential libssl-dev libyaml-dev libreadline6-dev \
zlib1g-dev libncurses5-dev libffi-dev libgdbm-dev \
nginx redis-server redis-tools postgresql postgresql-contrib \
certbot python3-certbot-nginx libnode-dev libidn11-dev libicu-dev libjemalloc-dev
add user mastodon
// add user mastodon
adduser --disabled-login mastodon
// Den Benutzer "mastodon" der Sudo Group hinzufügen um administrative Berechtigungen zu übergeben
usermod -aG sudo mastodon
// substitude the user
su mastodon
Die Mastodon Software geht davon aus, dass der Server von dem Systembenutzer”mastodon” verwaltet wird.
Dabei fungiert der Systembenutzer “mastodon” zur Verwaltung auf Systemebene, sowie auch als Rolle in PostgreSQL.
install rbenv and rbenv-build
git clone https://github.com/rbenv/rbenv.git ~/.rbenv
cd ~/.rbenv && src/configure && make -C src
echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> ~/.bashrc
echo 'eval "$(rbenv init -)"' >> ~/.bashrc
exec bash
git clone https://github.com/rbenv/ruby-build.git ~/.rbenv/plugins/ruby-build
// install newer ruby version
RUBY_CONFIGURE_OPTS=--with-jemalloc rbenv install 3.0.4
rbenv global 3.0.4
install bundler
// install bundler
gem install bundler --no-document
//Fetching bundler-2.4.0.gem
//Successfully installed bundler-2.4.0
//1 gem installed
exit
// switch to root user
exit
ProstgreSQL Installation for Mastodon
// Install
apt-get install postgresql postgresql-contrib -y
// switch to user
su - postgres psql
// create a dbuser for Mastodon
CREATE USER mastodon CREATEDB;
\q
Load the latest stable relase of Mastodon from Git
su - mastodon
git clone https://github.com/mastodon/mastodon.git live && cd live
git checkout $(git tag -l | grep -v 'rc[0-9]*$' | sort -V | tail -n 1)
install Ruby and JavaScript dependencies:
// install Ruby and JavaScript dependencies:
bundle config deployment 'true'
bundle config without 'development test'
bundle install -j$(getconf _NPROCESSORS_ONLN)
yarn install --pure-lockfile
Mastodon setup wizard
RAILS_ENV=production bundle exec rake mastodon:setup
edit /etc/nginx/sites-available/mastodon
server {
listen 80;
listen [::]:80;
server_name mastodon.partners;
root /home/mastodon/live/public;
location /.well-known/acme-challenge/ { allow all; }
location / { return 301 https://$host$request_uri; }
}
server {
listen 443 ssl http2;
# listen [::]:443 ssl http2;
# server_name mastodon.partners;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!MEDIUM:!LOW:!aNULL:!NULL:!SHA;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
# Uncomment these lines once you acquire a certificate:
ssl_certificate /etc/letsencrypt/live/mastodon.partners/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mastodon.partners/privkey.pem;
create certificates for secure SSL/TLS access for Mastodon-Domain
sudo certbot certonly --nginx -d mastodone.partners
Setup Mastodon Services
// Kopiert folgende Dateien: mastodon-sidekiq.service, mastodon-streaming.service, mastodon-web.service
sudo cp /home/mastodon/live/dist/mastodon-*.service /etc/systemd/system/
systemctl daemon-reload
// Neue Dienste aktivieren
systemctl enable --now mastodon-web mastodon-sidekiq mastodon-streaming
// Symlinks erstellen
Created symlink /etc/systemd/system/multi-user.target.wants/mastodon-web.service → /etc/systemd/system/mastodon-web.service.
Created symlink /etc/systemd/system/multi-user.target.wants/mastodon-sidekiq.service → /etc/systemd/system/mastodon-sidekiq.service.
Created symlink /etc/systemd/system/multi-user.target.wants/mastodon-streaming.service → /etc/systemd/system/mastodon-streaming.service.