记Mastodon(长毛象)的搭建

前言

今天使用docker进行安装,为了简化安装,使用了宝塔面板。

1.Mastodon比较吃的的是内存,所以建议使用1H2G及以上配置的机器,我这里使用的是2核4G的Debian 11.1 64bit
2.装好宝塔面板
3.安装NGINX
4.一个邮箱
5.一个域名以及SSL证书

安装docker和docker-compose

docker的安装比较简单,进入宝塔的应用商店中搜索docker,安装这个Docker管理器就可以了。

Docker Compose的话,宝塔并不能一并安装,还是需要手动安装的,安装使用官网的方法进行。

安装完成,通过docker-compose versiondocker -v进行检测是否安装成功。

1_记Mastodon(长毛象)的搭建_image-165338.webp

记Mastodon(长毛象)的搭建_image-165338.webp

拉取Mastodon镜像

拉取镜像及下载docker-compose.yml文件

mkdir -p /home/mastodon/mastodon
cd /home/mastodon/mastodon
docker pull mashirozx/mastodon
wget https://raw.githubusercontent.com/d1258zzz/mastodon/master/docker-compose.yml

4_记Mastodon(长毛象)的搭建_image-165338.webp

对于docker pull mashirozx/mastodon,也可以通过docker管理器=》镜像管理=》获取镜像的对话框中填入 mashirozx/mastodon进行拉取,效果一样……

2_记Mastodon(长毛象)的搭建_image-165338.webp

配置Mastodon

在/home/mastodon/mastodon文件夹中创建空白.env.production文件

touch .env.production

在当前目录下用root权限运行以下语句

docker-compose run --rm web bundle exec rake mastodon:setup

3_记Mastodon(长毛象)的搭建_image-165338.webp

然后会有一长串的配置需要输入

Your instance is identified by its domain name. Changing it afterward will break things.
Domain name:
这里输入您准备给mastodon的域名。
Do you want to enable single user mode? (y/N)
一般来说都是N,除非你只是用作仅供自己使用的站点,(这样显然少了很多乐趣
Are you using Docker to run Mastodon? (Y/n)
你在用DOCKER运行Mastodon嘛? Of course!
然后下面关于pgsql和redis的设置直接默认,一路回车就好
PostgreSQL host: db
PostgreSQL port: 5432
Name of PostgreSQL database: postgres
Name of PostgreSQL user: postgres
Password of PostgreSQL user:
Database configuration works! 

Redis host: redis
Redis port: 6379
Redis password:
Redis configuration works! 

Do you want to store uploaded files on the cloud? (y/N)
如果您需要将文件存储在您的对象中,可以Y
Do you want to send e-mails from localhost? (y/N)
默认N,应该也没几个机器能够SMTP发件吧

这里需要准备一个邮箱,支持stmp发件,并还不能有ssl加密/非常迷惑
我这里用的是126邮箱。

Do you want to send e-mails from localhost? No
SMTP server: smtp.126.com
SMTP port: 25
SMTP username: @126.com
SMTP password:
SMTP authentication: plain
SMTP OpenSSL verify mode: none
E-mail address to send e-mails "from": @126.com
Send a test e-mail with this configuration right now? Yes
Send test e-mail to: @qq.com

This configuration will be written to .env.production
Save configuration? Yes
Below is your configuration, save it to an .env.production file outside Docker:

然后再下面你就会看到一段很长的内容,是的,他将被写入.env.production,这里有你的配置信息,将他复制下来备用!!!

Now that configuration is saved, the database schema must be loaded.
If the database already exists, this will erase its contents.
Prepare the database now? Yes
Running RAILS_ENV=production rails db:setup ...

Database 'postgres' already exists
Error connecting to Redis on localhost:6379 (Errno::ECONNREFUSED)
Error connecting to Redis on localhost:6379 (Errno::ECONNREFUSED)
Switching object-storage-safely from green to red because Redis::CannotConnectError Error connecting to Redis on localhost:6379 (Errno::ECONNREFUSED)
Error connecting to Redis on localhost:6379 (Errno::ECONNREFUSED)
Done!

All done! You can now power on the Mastodon server ?

连不上redis正常,因为这时候redis没有运行……

Do you want to create an admin user straight away? (Y/n)
配置管理员账号
Username:
E-mail:
Error connecting to Redis on localhost:6379 (Errno::ECONNREFUSED)
Error connecting to Redis on localhost:6379 (Errno::ECONNREFUSED)
Switching object-storage-safely from green to red because Redis::CannotConnectError Error connecting to Redis on localhost:6379 (Errno::ECONNREFUSED)
Error connecting to Redis on localhost:6379 (Errno::ECONNREFUSED)
You can login with the password: xxxxxxxxxxxxxxx
You can change your password once you login.

这里也要记得将管理员密码复制下来。

然后马上创建.env.production

nano .env.production

将复制下来的内容粘贴进去

启动Mastodon

启动Mastodon

docker-compose up -d

为相应文件夹赋权

chown 991:991 -R ./public
docker-compose down
docker-compose up -d

配置NGINX

在宝塔中创建新网站,前面准备的域名填给mastodon。

5_记Mastodon(长毛象)的搭建_image-165338.webp

关于这个配置可以参考这里

这里贴一下我自己的配置

map $http_upgrade $connection_upgrade {
  default upgrade;
  ''      close;
}

upstream backend {
    server 127.0.0.1:3000 fail_timeout=0;
}

upstream streaming {
    server 127.0.0.1:4000 fail_timeout=0;
}

proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=CACHE:10m inactive=7d max_size=1g;

server {
  listen 80;
  listen [::]:80;
  server_name vue.gjcloak.xyz;
  root /home/mastodon/mastodon/public;
  location /.well-known/acme-challenge/ { allow all; }
  location / { return 301 https://$host$request_uri; }
}

server {
  listen 443 ssl http2;
  listen [::]:443 ssl http2;
  server_name vue.gjcloak.xyz;

  ssl_protocols TLSv1.2 TLSv1.3;
  ssl_ciphers HIGH:!MEDIUM:!LOW:!aNULL:!NULL:!SHA;
  ssl_prefer_server_ciphers on;
  ssl_session_cache shared:SSL:10m;
  ssl_session_tickets off;

  # Uncomment these lines once you acquire a certificate:
  ssl_certificate     /www/server/panel/vhost/cert/vue.gjcloak.xyz/fullchain.pem;
  ssl_certificate_key /www/server/panel/vhost/cert/vue.gjcloak.xyz/privkey.pem;

  keepalive_timeout    70;
  sendfile             on;
  client_max_body_size 80m;

  root /home/mastodon/mastodon/public;

  gzip on;
  gzip_disable "msie6";
  gzip_vary on;
  gzip_proxied any;
  gzip_comp_level 6;
  gzip_buffers 16 8k;
  gzip_http_version 1.1;
  gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml image/x-icon;

  add_header Strict-Transport-Security "max-age=31536000" always;

  location / {
    try_files $uri @proxy;
  }

  location ~ ^/(emojipackssystem/accounts/avatarssystem/media_attachments/files) {
    add_header Cache-Control "public, max-age=31536000, immutable";
    add_header Strict-Transport-Security "max-age=31536000" always;
    try_files $uri @proxy;
  }

  location /sw.js {
    add_header Cache-Control "public, max-age=0";
    add_header Strict-Transport-Security "max-age=31536000" always;
    try_files $uri @proxy;
  }

  location @proxy {
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header Proxy "";
    proxy_pass_header Server;

    proxy_pass http://backend;
    proxy_buffering on;
    proxy_redirect off;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $connection_upgrade;

    proxy_cache CACHE;
    proxy_cache_valid 200 7d;
    proxy_cache_valid 410 24h;
    proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
    add_header X-Cached $upstream_cache_status;
    add_header Strict-Transport-Security "max-age=31536000" always;

    tcp_nodelay on;
  }

  location /api/v1/streaming {
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header Proxy "";

    proxy_pass http://streaming;
    proxy_buffering off;
    proxy_redirect off;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $connection_upgrade;

    tcp_nodelay on;
  }

  error_page 500 501 502 503 504 /500.html;
}

其中19行改成自己的域名,20行和44行改成源码地址/home/mastodon/mastodon/public,去掉ssl证书部分内容的注释 #,路径填上证书或密钥所在的绝对路径

  ssl_certificate     /www/server/panel/vhost/cert/vue.gjcloak.xyz/fullchain.pem;
  ssl_certificate_key /www/server/panel/vhost/cert/vue.gjcloak.xyz/privkey.pem;

至此,较为基本的安装步骤大致就完成了

完事……

参考文档

官方文档

Mastodon 长毛象实例最简搭建法论

Mastodon搭建小记

如何利用Docker搭建Mastodon实例(一):基础搭建篇 - 技术小白搭建Mastodon站点指南

Mastodon丨CentOs7下搭建长毛象实例

最后修改:2024 年 09 月 04 日
如果觉得我的文章对你有用,请随意赞赏