Installation d’une instance Mastodon.
Avec l’aide de Valère : https://hostux.social/about
Serveur Gandi
Localisation : Bissen, Luxembourg Coeurs : 2 Ram : 2 Go Disque système : 10 Go Système d'exploitation : Debian 8 64 bits (HVM) Nom du disque système : sysdisk01mas Nom (Hostname) : server01mas Identifiant administrateur : admin
Sommaire
1/ Connexion au serveur Gandi
2/ Mise-à-jour du système
3/ Installation des paquets de base
4/ Création de l’utilisateur ‘mastodon‘
5/ Installation des dépendances
6/ Installation de Redis
7/ Installation de PostgreSql
8/ Installation de Rbenv
9/ Installation de Mastodon
10/ Installation du serveur Nginx
11/ Gestion des tâches planifiées
12/ Administration
13/ Liens
Procédure
1/ Connexion au serveur Gandi.
[~] ➔ ssh admin@185.26.166.73 ... admin@185.26.166.73's password: ... [-----------------------------------------] Gandi - Welcome to your new OS image. ... [-----------------------------------------] admin@server01mas:~$
2/ Mise-à-jour du système.
– Connexion en root :
admin@server01mas:~$ su Password: root@server01mas:/home/admin#
– Mise-à-jour des dépôts et mise-à-jour des paquets :
root@server01mas:/home/admin# apt-get update && apt-get upgrade
3/ Installation des paquets de base.
root@server01mas:/home/admin# apt-get install mc screen htop wget links vim curl git-core
4/ Création de l’utilisateur ‘mastodon‘.
root@server01mas:/home/admin# adduser mastodon
5/ Installation des dépendances.
– Installation de Nodejs :
root@server01mas:/home/admin# curl -sL https://deb.nodesource.com/setup_4.x | bash - root@server01mas:/home/admin# apt-get install nodejs
– Installation des dépendances :
root@server01mas:/home/admin# apt-get install imagemagick ffmpeg libpq-dev libxml2-dev libxslt1-dev
– Installation de module Nodejs :
root@server01mas:/home/admin# npm install -g yarn
6/ Installation de Redis.
root@server01mas:/home/admin# apt-get install redis-server redis-tools
7/ Installation de PostgreSql.
– Installation des paquets :
root@server01mas:/home/admin# apt-get install postgresql postgresql-contrib
– Configuration de la base de données et de l’utilisateur :
root@server01mas:/home/admin# su - postgres postgres@server01mas:~$ psql psql (9.4.10) ... postgres=# CREATE USER mastodon CREATEDB; CREATE ROLE postgres=# \q postgres@server01mas:~$ exit logout root@server01mas:/home/admin#
8/ Installation de Rbenv.
– Installation des prérequis :
root@server01mas:/home/admin# apt-get install autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm3 libgdbm-dev
Lien :
https://github.com/rbenv/ruby-build/wiki#suggested-build-environment
– Utilisateur ‘mastodon‘ :
root@server01mas:/home/admin# su mastodon mastodon@server01mas:/home/admin$ cd mastodon@server01mas:~$
– Installation de rbenv :
mastodon@server01mas:~$ git clone https://github.com/rbenv/rbenv.git ~/.rbenv mastodon@server01mas:~$ echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> ~/.bash_profile mastodon@server01mas:~$ echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> ~/.bashrc mastodon@server01mas:~$ echo 'eval "$(rbenv init -)"' >> ~/.bashrc mastodon@server01mas:~$ ~/.rbenv/bin/rbenv init
– Vérification :
mastodon@server01mas:~$ source ~/.bash_profile mastodon@server01mas:~$ type rbenv rbenv is /home/mastodon/.rbenv/bin/rbenv mastodon@server01mas:~$ source ~/.bashrc mastodon@server01mas:~$ type rbenv rbenv is a function rbenv () { local command; command="$1"; if [ "$#" -gt 0 ]; then shift; fi; case "$command" in rehash | shell) eval "$(rbenv "sh-$command" "$@")" ;; *) command rbenv "$command" "$@" ;; esac }
Liens :
https://github.com/rbenv/rbenv#installation
https://www.digitalocean.com/community/tutorials/how-to-install-ruby-on-rails-with-rbenv-on-debian-8
– Installation de rbenv-build :
mastodon@server01mas:~$ git clone https://github.com/rbenv/ruby-build.git ~/.rbenv/plugins/ruby-build
– Installation de Ruby :
mastodon@server01mas:~$ rbenv install 2.3.1 mastodon@server01mas:~$ rbenv global 2.3.1 mastodon@server01mas:~$ ruby -v ruby 2.3.1p112 (2016-04-26 revision 54768) [x86_64-linux]
9/ Installation de Mastodon.
– Configuration :
mastodon@server01mas:~$ echo "gem: --no-document" > ~/.gemrc
– Téléchargement de Mastodon :
mastodon@server01mas:~$ git clone https://github.com/Gargron/mastodon.git live mastodon@server01mas:~$ cd live/
– Installation de bundler :
mastodon@server01mas:~/live$ gem install bundler Fetching: bundler-1.14.6.gem (100%) Successfully installed bundler-1.14.6 1 gem installed
– Installation des dépendences gem :
mastodon@server01mas:~/live$ bundle install --deployment --without development test mastodon@server01mas:~/live$ yarn install
– Configuration du serveur :
mastodon@server01mas:~/live$ cp .env.production.sample .env.production
Ouvrir :
.env.production
Chercher :
# Service dependencies REDIS_HOST=redis REDIS_PORT=6379 DB_HOST=db DB_USER=postgres DB_NAME=postgres DB_PASS= DB_PORT=5432 # Federation LOCAL_DOMAIN=example.com LOCAL_HTTPS=true
Remplacer par :
# Service dependencies REDIS_HOST=localhost REDIS_PORT=6379 DB_HOST=/var/run/postgresql DB_USER=mastodon DB_NAME=mastodon_production DB_PASS= DB_PORT=5432 # Federation LOCAL_DOMAIN=minimes.hacklab.science LOCAL_HTTPS=true
– Configuration du serveur de mail Gandi :
Chercher :
# E-mail configuration SMTP_SERVER= SMTP_PORT= SMTP_LOGIN= SMTP_PASSWORD= SMTP_FROM_ADDRESS=
Remplacer par :
SMTP_SERVER=mail.gandi.net SMTP_PORT=587 SMTP_LOGIN=contact@hacklab-bidouilleur.fr SMTP_PASSWORD=Mot2P@$$e SMTP_FROM_ADDRESS=contact@hacklab-bidouilleur.fr
– Génération du secret :
mastodon@server01mas:~/live$ bundle exec rake secret fe814ad09733f3d25acc0b43bb93bdb9d45e1f2a41754432af3d193576f54740c8d88418ea8d8FAKE3ab281844747fc2f7c8d585059ef82dd1f7d84bff51e8
mastodon@server01mas:~/live$ bundle exec rake secret 01a02a0ca068f65455f7dfd86de0f768cc8524c474e8278c865a45cd48cda19a48f73e7ee2f4FAKE4ea04d90496e745069bf0fcde399d8dc864910057496fb52
mastodon@server01mas:~/live$ bundle exec rake secret fff3bf9df413c3c7d4c63c5d2969c39e099c4d4e91f3bc681e565c3457f90c8a6389a92ce1c7f9FAKE0a6dd2d72d4f1638b9b1004fd331a887559cb82893ac
Ouvrir :
.env.production
Chercher :
PAPERCLIP_SECRET= SECRET_KEY_BASE= OTP_SECRET=
Remplacer par :
PAPERCLIP_SECRET=fe814ad09733f3d25acc0b43bb93bdb9d45e1f2a41754432af3d193576f54740c8d88418ea8d8FAKE3ab281844747fc2f7c8d585059ef82dd1f7d84bff51e8 SECRET_KEY_BASE=01a02a0ca068f65455f7dfd86de0f768cc8524c474e8278c865a45cd48cda19a48f73e7ee2f4FAKE4ea04d90496e745069bf0fcde399d8dc864910057496fb52 OTP_SECRET=fff3bf9df413c3c7d4c63c5d2969c39e099c4d4e91f3bc681e565c3457f90c8a6389a92ce1c7f9FAKE0a6dd2d72d4f1638b9b1004fd331a887559cb82893ac
– Installation :
mastodon@server01mas:~/live$ RAILS_ENV=production bundle exec rails db:setup
– Pré-compilation des CSS et des JS :
mastodon@server01mas:~/live$ RAILS_ENV=production bundle exec rails assets:precompile
– Configuration de systemd :
mastodon@server01mas:~/live$ exit exit root@server01mas:/home/admin#
Ouvrir :
/etc/systemd/system/mastodon-web.service
Ajouter :
[Unit] Description=mastodon-web After=network.target [Service] Type=simple User=mastodon WorkingDirectory=/home/mastodon/live Environment="RAILS_ENV=production" Environment="PORT=3000" ExecStart=/home/mastodon/.rbenv/shims/bundle exec puma -C config/puma.rb TimeoutSec=15 Restart=always [Install] WantedBy=multi-user.target
Ouvrir :
/etc/systemd/system/mastodon-sidekiq.service
Ajouter :
[Unit] Description=mastodon-sidekiq After=network.target [Service] Type=simple User=mastodon WorkingDirectory=/home/mastodon/live Environment="RAILS_ENV=production" Environment="DB_POOL=5" ExecStart=/home/mastodon/.rbenv/shims/bundle exec sidekiq -c 5 -q default -q mailers -q pull -q push TimeoutSec=15 Restart=always [Install] WantedBy=multi-user.target
Ouvrir :
/etc/systemd/system/mastodon-streaming.service
Ajouter :
[Unit] Description=mastodon-streaming After=network.target [Service] Type=simple User=mastodon WorkingDirectory=/home/mastodon/live Environment="NODE_ENV=production" Environment="PORT=4000" ExecStart=/usr/bin/npm run start TimeoutSec=15 Restart=always [Install] WantedBy=multi-user.target
– Activation des services :
root@server01mas:/home/admin# screen root@server01mas:/home/admin# systemctl enable /etc/systemd/system/mastodon-*.service Created symlink from /etc/systemd/system/multi-user.target.wants/mastodon-sidekiq.service to /etc/systemd/system/mastodon-sidekiq.service. Created symlink from /etc/systemd/system/multi-user.target.wants/mastodon-streaming.service to /etc/systemd/system/mastodon-streaming.service. Created symlink from /etc/systemd/system/multi-user.target.wants/mastodon-web.service to /etc/systemd/system/mastodon-web.service.
– Lancement des services :
root@server01mas:/home/admin# systemctl start mastodon-web.service mastodon-sidekiq.service mastodon-streaming.service
– Rédemarrage des services après modification du fichier de configuration :
root@server01mas:/home/admin# systemctl restart mastodon-web.service mastodon-sidekiq.service mastodon-streaming.service
– Status des services :
root@server01mas:/home/admin# systemctl status mastodon-web.service mastodon-sidekiq.service mastodon-streaming.service ● mastodon-web.service - mastodon-web Loaded: loaded (/etc/systemd/system/mastodon-web.service; enabled) Active: active (running) since Tue 2017-04-04 20:20:43 CEST; 15h ago ... ● mastodon-sidekiq.service - mastodon-sidekiq ... Apr 04 20:20:43 server01mas systemd[1]: Started mastodon-sidekiq. Apr 04 20:20:48 server01mas bundle[779]: 2017-04-04T18:20:48.057Z 779 TID-ovnjsa58w INFO: Booting Sidekiq 4.2.7 with...=>nil} ... ● mastodon-streaming.service - mastodon-streaming ... Main PID: 738 (npm) CGroup: /system.slice/mastodon-streaming.service ├─738 npm ├─806 sh -c babel-node ./streaming/index.js --presets es2015,stage-2 ├─808 node /home/mastodon/live/node_modules/.bin/babel-node ./streaming/index.js --presets es2015,stage-2 └─815 /usr/bin/nodejs /home/mastodon/live/node_modules/babel-cli/lib/_babel-node ./streaming/index.js --presets... ... Apr 04 20:20:46 server01mas npm[738]: info Starting streaming API server on port 4000 Hint: Some lines were ellipsized, use -l to show in full.
10/ Installation du serveur Nginx.
– Installation de Nginx :
Ouvrir :
/etc/apt/sources.list.d/nginx.list
Ajouter à la fin :
deb http://nginx.org/packages/debian/ jessie nginx
Action :
# apt-get update # apt-get install nginx
– Installation du reverse proxy Nginx :
Ouvrir :
/etc/nginx/conf.d/minimes.hacklab.science.conf
Ajouter :
map $http_upgrade $connection_upgrade { default upgrade; '' close; } server { listen 80; #listen [::]:80; server_name minimes.hacklab.science; return 301 https://minimes.hacklab.science$request_uri; } server { listen 443 ssl http2; #listen [::]:443 ssl http2; server_name minimes.hacklab.science; ssl on; ssl_certificate /etc/letsencrypt/live/minimes.hacklab.science/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/minimes.hacklab.science/privkey.pem; ssl_dhparam /etc/ssl/certs/dhparam.pem; ssl_session_timeout 1d; ssl_session_cache shared:SSL:50m; ssl_session_tickets off; ssl_protocols TLSv1.2; ssl_ciphers EECDH+AESGCM:EECDH+AES; ssl_prefer_server_ciphers on; resolver 8.8.4.4 8.8.8.8 valid=300s; resolver_timeout 10s; ssl_stapling on; ssl_stapling_verify on; add_header Strict-Transport-Security "max-age=15552000; includeSubdomains; preload"; add_header X-Content-Type-Options nosniff; add_header X-XSS-Protection "1; mode=block"; add_header X-Frame-Options SAMEORIGIN; keepalive_timeout 70; sendfile on; client_max_body_size 0; gzip on; gzip_disable "msie6"; gzip_vary on; gzip_proxied any; gzip_comp_level 6; gzip_buffers 16 8k; gzip_http_version 1.1; gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; root /home/mastodon/live/public; location / { try_files $uri @proxy; } location @proxy { proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto https; proxy_pass_header Server; proxy_pass http://127.0.0.1:3000; proxy_buffering off; proxy_redirect off; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; tcp_nodelay on; } location /api/v1/streaming { proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto https; proxy_pass http://127.0.0.1:4000; proxy_buffering off; proxy_redirect off; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; tcp_nodelay on; } error_page 500 501 502 503 504 /500.html; }
– Installation de Let’s Encrypt :
Ouvrir :
/etc/apt/sources.list
Ajouter à la fin :
deb http://httpredir.debian.org/debian jessie-backports main
Action :
# apt-get update # apt-get install -t jessie-backports letsencrypt
– Arrêter le serveur Nginx :
root@server01mas:/home/admin# service nginx stop
– Génération du certificat Let’s Encrypt :
root@server01mas:/home/admin# letsencrypt certonly -d minimes.hacklab.science --agree-tos -m lesanglierdesardennes@gmail.com --rsa-key-size 4096 --standalone
– Génération de dhparam :
root@server01mas:/home/admin# openssl dhparam -out /etc/ssl/certs/dhparam.pem 4096
– Démarrage de Nginx :
root@server01mas:/home/admin# service nginx start
– Test :
https://minimes.hacklab.science/
– Après l’enregistrement, page d’accueil :
11/ Gestion des tâches planifiées.
root@server01mas:/home/admin# crontab -e -u mastodon
Ajouter à la fin :
@hourly cd /home/mastodon/live && RAILS_ENV=production /home/mastodon/.rbenv/shims/bundle exec rake mastodon:media:clear @hourly cd /home/mastodon/live && RAILS_ENV=production /home/mastodon/.rbenv/shims/bundle exec rake mastodon:push:refresh @hourly cd /home/mastodon/live && RAILS_ENV=production /home/mastodon/.rbenv/shims/bundle exec rake mastodon:feeds:clear
12/ Administration.
– Activation d’un administrateur :
mastodon@server01mas:~/live$ RAILS_ENV=production bundle exec rake mastodon:make_admin USERNAME=Satanik666 ... Congrats! Satanik666 is now an admin. \o/ Navigate to https://minimes.hacklab.science/admin/settings to get started
– Test :
Page d’administration :
https://minimes.hacklab.science/admin/settings
– Lien :
https://github.com/tootsuite/mastodon/blob/master/docs/Running-Mastodon/Administration-guide.md
13/ Liens.
https://github.com/tootsuite/mastodon/blob/master/docs/Running-Mastodon/Production-guide.md
https://angristan.fr/installer-instance-mastodon-debian-8/
Comments are closed, but trackbacks and pingbacks are open.