请注意,本文编写于 924 天前,最后修改于 91 天前,其中某些信息可能已经过时。
记Mastodon(长毛象)的搭建
前言
今天使用docker进行安装,为了简化安装,使用了宝塔面板。
1.Mastodon比较吃的的是内存,所以建议使用1H2G及以上配置的机器,我这里使用的是2核4G的Debian 11.1 64bit
2.装好宝塔面板
3.安装NGINX
4.一个邮箱
5.一个域名以及SSL证书
安装docker和docker-compose
docker的安装比较简单,进入宝塔的应用商店中搜索docker,安装这个Docker管理器就可以了。
Docker Compose的话,宝塔并不能一并安装,还是需要手动安装的,安装使用官网的方法进行。
安装完成,通过docker-compose version
和docker -v
进行检测是否安装成功。
拉取Mastodon镜像
拉取镜像及下载docker-compose.yml文件
mkdir -p /home/mastodon/mastodon
cd /home/mastodon/mastodon
docker pull mashirozx/mastodon
wget https://raw.githubusercontent.com/d1258zzz/mastodon/master/docker-compose.yml
对于docker pull mashirozx/mastodon
,也可以通过docker管理器=》镜像管理=》获取镜像的对话框中填入 mashirozx/mastodon进行拉取,效果一样……
配置Mastodon
在/home/mastodon/mastodon文件夹中创建空白.env.production文件
touch .env.production
在当前目录下用root权限运行以下语句
docker-compose run --rm web bundle exec rake mastodon:setup
然后会有一长串的配置需要输入
Your instance is identified by its domain name. Changing it afterward will break things.
Domain name:
这里输入您准备给mastodon的域名。
Do you want to enable single user mode? (y/N)
一般来说都是N,除非你只是用作仅供自己使用的站点,(这样显然少了很多乐趣
Are you using Docker to run Mastodon? (Y/n)
你在用DOCKER运行Mastodon嘛? Of course!
然后下面关于pgsql和redis的设置直接默认,一路回车就好
PostgreSQL host: db
PostgreSQL port: 5432
Name of PostgreSQL database: postgres
Name of PostgreSQL user: postgres
Password of PostgreSQL user:
Database configuration works!
Redis host: redis
Redis port: 6379
Redis password:
Redis configuration works!
Do you want to store uploaded files on the cloud? (y/N)
如果您需要将文件存储在您的对象中,可以Y
Do you want to send e-mails from localhost? (y/N)
默认N,应该也没几个机器能够SMTP发件吧
这里需要准备一个邮箱,支持stmp发件,并还不能有ssl加密/非常迷惑
我这里用的是126邮箱。
Do you want to send e-mails from localhost? No
SMTP server: smtp.126.com
SMTP port: 25
SMTP username: @126.com
SMTP password:
SMTP authentication: plain
SMTP OpenSSL verify mode: none
E-mail address to send e-mails "from": @126.com
Send a test e-mail with this configuration right now? Yes
Send test e-mail to: @qq.com
This configuration will be written to .env.production
Save configuration? Yes
Below is your configuration, save it to an .env.production file outside Docker:
然后再下面你就会看到一段很长的内容,是的,他将被写入.env.production,这里有你的配置信息,将他复制下来备用!!!
Now that configuration is saved, the database schema must be loaded.
If the database already exists, this will erase its contents.
Prepare the database now? Yes
Running RAILS_ENV=production rails db:setup ...
Database 'postgres' already exists
Error connecting to Redis on localhost:6379 (Errno::ECONNREFUSED)
Error connecting to Redis on localhost:6379 (Errno::ECONNREFUSED)
Switching object-storage-safely from green to red because Redis::CannotConnectError Error connecting to Redis on localhost:6379 (Errno::ECONNREFUSED)
Error connecting to Redis on localhost:6379 (Errno::ECONNREFUSED)
Done!
All done! You can now power on the Mastodon server ?
连不上redis正常,因为这时候redis没有运行……
Do you want to create an admin user straight away? (Y/n)
配置管理员账号
Username:
E-mail:
Error connecting to Redis on localhost:6379 (Errno::ECONNREFUSED)
Error connecting to Redis on localhost:6379 (Errno::ECONNREFUSED)
Switching object-storage-safely from green to red because Redis::CannotConnectError Error connecting to Redis on localhost:6379 (Errno::ECONNREFUSED)
Error connecting to Redis on localhost:6379 (Errno::ECONNREFUSED)
You can login with the password: xxxxxxxxxxxxxxx
You can change your password once you login.
这里也要记得将管理员密码复制下来。
然后马上创建.env.production
nano .env.production
将复制下来的内容粘贴进去
启动Mastodon
启动Mastodon
docker-compose up -d
为相应文件夹赋权
chown 991:991 -R ./public
docker-compose down
docker-compose up -d
配置NGINX
在宝塔中创建新网站,前面准备的域名填给mastodon。
关于这个配置可以参考这里
这里贴一下我自己的配置
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
upstream backend {
server 127.0.0.1:3000 fail_timeout=0;
}
upstream streaming {
server 127.0.0.1:4000 fail_timeout=0;
}
proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=CACHE:10m inactive=7d max_size=1g;
server {
listen 80;
listen [::]:80;
server_name vue.gjcloak.xyz;
root /home/mastodon/mastodon/public;
location /.well-known/acme-challenge/ { allow all; }
location / { return 301 https://$host$request_uri; }
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name vue.gjcloak.xyz;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!MEDIUM:!LOW:!aNULL:!NULL:!SHA;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
# Uncomment these lines once you acquire a certificate:
ssl_certificate /www/server/panel/vhost/cert/vue.gjcloak.xyz/fullchain.pem;
ssl_certificate_key /www/server/panel/vhost/cert/vue.gjcloak.xyz/privkey.pem;
keepalive_timeout 70;
sendfile on;
client_max_body_size 80m;
root /home/mastodon/mastodon/public;
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml image/x-icon;
add_header Strict-Transport-Security "max-age=31536000" always;
location / {
try_files $uri @proxy;
}
location ~ ^/(emojipackssystem/accounts/avatarssystem/media_attachments/files) {
add_header Cache-Control "public, max-age=31536000, immutable";
add_header Strict-Transport-Security "max-age=31536000" always;
try_files $uri @proxy;
}
location /sw.js {
add_header Cache-Control "public, max-age=0";
add_header Strict-Transport-Security "max-age=31536000" always;
try_files $uri @proxy;
}
location @proxy {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Proxy "";
proxy_pass_header Server;
proxy_pass http://backend;
proxy_buffering on;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_cache CACHE;
proxy_cache_valid 200 7d;
proxy_cache_valid 410 24h;
proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
add_header X-Cached $upstream_cache_status;
add_header Strict-Transport-Security "max-age=31536000" always;
tcp_nodelay on;
}
location /api/v1/streaming {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Proxy "";
proxy_pass http://streaming;
proxy_buffering off;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
tcp_nodelay on;
}
error_page 500 501 502 503 504 /500.html;
}
其中19行改成自己的域名,20行和44行改成源码地址/home/mastodon/mastodon/public,去掉ssl证书部分内容的注释 #,路径填上证书或密钥所在的绝对路径
ssl_certificate /www/server/panel/vhost/cert/vue.gjcloak.xyz/fullchain.pem;
ssl_certificate_key /www/server/panel/vhost/cert/vue.gjcloak.xyz/privkey.pem;
至此,较为基本的安装步骤大致就完成了
完事……