logo

pleroma

My custom branche(s) on git.pleroma.social/pleroma/pleroma git clone https://anongit.hacktivis.me/git/pleroma.git/

netbsd_en.md (9228B)

    

  1. # Installing on NetBSD
  3. {! backend/installation/generic_dependencies.include !}
  5. # Installation options
  7. Currently there are two options available for NetBSD: manual installation (from source) or using experimental package from [pkgsrc-wip](https://github.com/NetBSD/pkgsrc-wip/tree/master/pleroma).
  9. WIP package can be installed via pkgsrc and can be crosscompiled for easier binary distribution. Source installation most probably will be restricted to a single machine.
  11. ## pkgsrc installation
  13. WIP package creates Mix.Release (similar to how Docker images are built) but doesn't bundle Erlang runtime, listing it as a dependency instead. This allows for easier and more modular installations, especially on weaker machines. Currently this method also does not support all features of `pleroma_ctl` command (like changing installation type or managing frontends) as NetBSD is not yet a supported binary flavour of Pleroma's CI.
  15. In any case, you can install it the same way as any other `pkgsrc-wip` package:
  17. ```
  18. cd /usr/pkgsrc
  19. git clone --depth 1 git://wip.pkgsrc.org/pkgsrc-wip.git wip
  20. cp -rf wip/pleroma www
  21. cp -rf wip/libvips graphics
  22. cd /usr/pkgsrc/www/pleroma
  23. bmake && bmake install
  24. ```
  26. Use `bmake package` to create a binary package. This can come especially handy if you're targeting embedded or low-power systems and are crosscompiling on a more powerful machine.
  28. > Note: Elixir has [endianness bug](https://github.com/elixir-lang/elixir/issues/2785) which requires it to be compiled on a machine with the same endianness. In other words, package crosscompiled on amd64 (little endian) won't work on powerpc or sparc machines (big endian). While _in theory™_ nothing catastrophic should happen, one can see that for example regexes won't work properly. Some distributions just strip this warning away, so it doesn't bother the users... anyway, you've been warned.
  30. ## Source installation
  32. pkgin should have been installed by the NetBSD installer if you selected
  33. the right options. If it isn't installed, install it using `pkg_add`.
  35. Note that `postgresql11-contrib` is needed for the Postgres extensions
  36. Pleroma uses.
  38. > Note: you can use modern versions of PostgreSQL. In this case, just use `postgresql16-contrib` and so on.
  40. The `mksh` shell is needed to run the Elixir `mix` script.
  42. `# pkgin install acmesh elixir git-base git-docs mksh nginx postgresql11-server postgresql11-client postgresql11-contrib sudo ffmpeg4 ImageMagick`
  44. You can also build these packages using pkgsrc:
  45. ```
  46. databases/postgresql11-contrib
  47. databases/postgresql11-client
  48. databases/postgresql11-server
  49. devel/git-base
  50. devel/git-docs
  51. devel/cmake
  52. lang/elixir
  53. security/acmesh
  54. security/sudo
  55. shells/mksh
  56. www/nginx
  57. ```
  59. Create a user for Pleroma:
  61. ```
  62. # groupadd pleroma
  63. # useradd -d /home/pleroma -m -g pleroma -s /usr/pkg/bin/mksh pleroma
  64. # echo 'export LC_ALL="en_GB.UTF-8"' >> /home/pleroma/.profile
  65. # su -l pleroma -c $SHELL
  66. ```
  68. Clone the repository:
  70. ```
  71. $ cd /home/pleroma
  72. $ git clone -b stable https://git.pleroma.social/pleroma/pleroma.git
  73. ```
  75. Get deps and compile:
  77. ```
  78. $ cd /home/pleroma/pleroma
  79. $ export MIX_ENV=prod
  80. $ mix deps.get
  81. $ mix compile
  82. ```
  84. ## Install media / graphics packages (optional, see [`docs/installation/optional/media_graphics_packages.md`](../installation/optional/media_graphics_packages.md))
  86. `# pkgin install ImageMagick ffmpeg4 p5-Image-ExifTool`
  88. or via pkgsrc:
  90. ```
  91. graphics/p5-Image-ExifTool
  92. graphics/ImageMagick
  93. multimedia/ffmpeg4
  94. ```
  96. # Configuration
  98. ## Understanding $PREFIX
  100. From now on, you may encounter `$PREFIX` variable in the paths. This variable indicates your current local pkgsrc prefix. Usually it's `/usr/pkg` unless you configured it otherwise. Translating to pkgsrc's lingo, it's called `LOCALBASE`, which essentially means the same this. You may want to set it up for your local shell session (this uses `mksh` which should already be installed as one of the required dependencies):
  102. ```
  103. $ export PREFIX=$(pkg_info -Q LOCALBASE mksh)
  104. $ echo $PREFIX
  105. /usr/pkg
  106. ```
  108. ## Setting up your instance
  110. Now, you need to configure your instance. During this initial configuration, you will be asked some questions about your server. You will need a domain name at this point; it doesn't have to be deployed, but changing it later will be very cumbersome.
  112. If you've installed via pkgsrc, `pleroma_ctl` should already be in your `PATH`; if you've installed from source, it's located at `/home/pleroma/pleroma/release/bin/pleroma_ctl`.
  114. ```
  115. $ su -l pleroma
  116. $ pleroma_ctl instance gen --output $PREFIX/etc/pleroma/config.exs --output-psql /tmp/setup_db.psql
  117. ```
  119. During installation, you will be asked about static and upload directories. Don't forget to create them and update permissions:
  121. ```
  122. mkdir -p /var/lib/pleroma/uploads
  123. chown -R pleroma:pleroma /var/lib/pleroma
  124. ```
  126. ## Setting up the database
  128. First, run `# /etc/rc.d/pgsql start`. Then, `$ sudo -Hu pgsql -g pgsql createdb`.
  130. We can now initialize the database. You'll need to edit generated SQL file from the previous step. It's located at `/tmp/setup_db.psql`.
  132. Edit this file, and *change the password* to a password of your choice. Make sure it is secure, since
  133. it'll be protecting your database. Now initialize the database:
  135. ```
  136. $ sudo -Hu pgsql -g pgsql psql -f /tmp/setup_db.psql
  137. ```
  139. Postgres allows connections from all users without a password by default. To
  140. fix this, edit `$PREFIX/pgsql/data/pg_hba.conf`. Change every `trust` to
  141. `password`.
  143. Once this is done, restart Postgres with `# /etc/rc.d/pgsql restart`.
  145. Run the database migrations.
  147. ### pkgsrc installation
  149. ```
  150. pleroma_ctl migrate
  151. ```
  153. ### Source installation
  155. You will need to do this whenever you update with `git pull`:
  157. ```
  158. $ cd /home/pleroma/pleroma
  159. $ MIX_ENV=prod mix ecto.migrate
  160. ```
  162. ## Configuring nginx
  164. Install the example configuration file
  165. (`$PREFIX/share/examples/pleroma/pleroma.nginx` or `/home/pleroma/pleroma/installation/pleroma.nginx`) to
  166. `$PREFIX/etc/nginx.conf`.
  168. Note that it will need to be wrapped in a `http {}` block. You should add
  169. settings for the nginx daemon outside of the http block, for example:
  171. ```
  172. user                    nginx  nginx;
  173. error_log               /var/log/nginx/error.log;
  174. worker_processes        4;
  176. events {
  177. }
  178. ```
  180. Edit the defaults:
  182. * Change `ssl_certificate` and `ssl_trusted_certificate` to
  183. `/etc/nginx/tls/fullchain`.
  184. * Change `ssl_certificate_key` to `/etc/nginx/tls/key`.
  185. * Change `example.tld` to your instance's domain name.
  187. ### (Strongly recommended) serve media on another domain
  189. Refer to the [Hardening your instance](../configuration/hardening.md) document on how to serve media on another domain. We STRONGLY RECOMMEND you to do this to minimize attack vectors.
  191. ## Configuring acme.sh
  193. We'll be using acme.sh in Stateless Mode for TLS certificate renewal.
  195. First, get your account fingerprint:
  197. ```
  198. $ sudo -Hu nginx -g nginx acme.sh --register-account
  199. ```
  201. You need to add the following to your nginx configuration for the server
  202. running on port 80:
  204. ```
  205.   location ~ ^/\.well-known/acme-challenge/([-_a-zA-Z0-9]+)$ {
  206.     default_type text/plain;
  207.     return 200 "$1.6fXAG9VyG0IahirPEU2ZerUtItW2DHzDzD9wZaEKpqd";
  208.   }
  209. ```
  211. Replace the string after after `$1.` with your fingerprint.
  213. Start nginx:
  215. ```
  216. # /etc/rc.d/nginx start
  217. ```
  219. It should now be possible to issue a cert (replace `example.com`
  220. with your domain name):
  222. ```
  223. $ sudo -Hu nginx -g nginx acme.sh --issue -d example.com --stateless
  224. ```
  226. Let's add auto-renewal to `/etc/daily.local`
  227. (replace `example.com` with your domain):
  229. ```
  230. /usr/pkg/bin/sudo -Hu nginx -g nginx \
  231.     /usr/pkg/sbin/acme.sh -r \
  232.     -d example.com \
  233.     --cert-file /etc/nginx/tls/cert \
  234.     --key-file /etc/nginx/tls/key \
  235.     --ca-file /etc/nginx/tls/ca \
  236.     --fullchain-file /etc/nginx/tls/fullchain \
  237.     --stateless
  238. ```
  240. ## Autostart
  242. For properly functioning instance, you will need pleroma (backend service), nginx (reverse proxy) and postgresql (database) services running. There's no requirement for them to reside on the same machine, but you have to provide autostart for each of them.
  244. ### nginx
  245. ```
  246. # cp $PREFIX/share/examples/rc.d/nginx /etc/rc.d
  247. # echo "nginx=YES" >> /etc/rc.conf
  248. ```
  250. ### postgresql
  252. ```
  253. # cp $PREFIX/share/examples/rc.d/pgsql /etc/rc.d
  254. # echo "pgsql=YES" >> /etc/rc.conf
  255. ```
  257. ### pleroma
  259. First, copy the script (pkgsrc variant)
  260. ```
  261. # cp $PREFIX/share/examples/pleroma/pleroma.rc /etc/rc.d/pleroma
  262. ```
  264. or source variant
  265. ```
  266. # cp /home/pleroma/pleroma/installation/netbsd/rc.d/pleroma /etc/rc.d/pleroma
  267. # chmod +x /etc/rc.d/pleroma
  268. ```
  270. Then, add the following to `/etc/rc.conf`:
  272. ```
  273. pleroma=YES
  274. ```
  276. ## Conclusion
  278. Run `# /etc/rc.d/pleroma start` to start Pleroma.
  279. Restart nginx with `# /etc/rc.d/nginx restart` and you should be up and running.
  281. Make sure your time is in sync, or other instances will receive your posts with
  282. incorrect timestamps. You should have ntpd running.
  284. ## Instances running NetBSD
  286. * <https://catgirl.science>
  288. #### Further reading
  290. {! backend/installation/further_reading.include !}
  292. ## Questions
  294. Questions about the installation or didn’t it work as it should be, ask in [#pleroma:libera.chat](https://matrix.to/#/#pleroma:libera.chat) via Matrix or **#pleroma** on **libera.chat** via IRC.