logo

pleroma

My custom branche(s) on git.pleroma.social/pleroma/pleroma git clone https://hacktivis.me/git/pleroma.git

netbsd_en.md (5609B)

    

  1. # Installing on NetBSD
  3. {! backend/installation/generic_dependencies.include !}
  5. ## Installing software used in this guide
  7. pkgin should have been installed by the NetBSD installer if you selected
  8. the right options. If it isn't installed, install it using pkg_add.
  10. Note that `postgresql11-contrib` is needed for the Postgres extensions
  11. Pleroma uses.
  13. The `mksh` shell is needed to run the Elixir `mix` script.
  15. `# pkgin install acmesh elixir git-base git-docs mksh nginx postgresql11-server postgresql11-client postgresql11-contrib sudo ffmpeg4 ImageMagick`
  17. You can also build these packages using pkgsrc:
  18. ```
  19. databases/postgresql11-contrib
  20. databases/postgresql11-client
  21. databases/postgresql11-server
  22. devel/git-base
  23. devel/git-docs
  24. devel/cmake
  25. lang/elixir
  26. security/acmesh
  27. security/sudo
  28. shells/mksh
  29. www/nginx
  30. ```
  32. Copy the rc.d scripts to the right directory:
  34. ```
  35. # cp /usr/pkg/share/examples/rc.d/nginx /usr/pkg/share/examples/rc.d/pgsql /etc/rc.d
  36. ```
  38. Add nginx and Postgres to `/etc/rc.conf`:
  40. ```
  41. nginx=YES
  42. pgsql=YES
  43. ```
  45. ## Configuring postgres
  47. First, run `# /etc/rc.d/pgsql start`. Then, `$ sudo -Hu pgsql -g pgsql createdb`.
  49. ### Install media / graphics packages (optional, see [`docs/installation/optional/media_graphics_packages.md`](../installation/optional/media_graphics_packages.md))
  51. `# pkgin install ImageMagick ffmpeg4 p5-Image-ExifTool`
  53. ## Configuring Pleroma
  55. Create a user for Pleroma:
  57. ```
  58. # groupadd pleroma
  59. # useradd -d /home/pleroma -m -g pleroma -s /usr/pkg/bin/mksh pleroma
  60. # echo 'export LC_ALL="en_GB.UTF-8"' >> /home/pleroma/.profile
  61. # su -l pleroma -c $SHELL
  62. ```
  64. Clone the repository:
  66. ```
  67. $ cd /home/pleroma
  68. $ git clone -b stable https://git.pleroma.social/pleroma/pleroma.git
  69. ```
  71. Configure Pleroma. Note that you need a domain name at this point:
  73. ```
  74. $ cd /home/pleroma/pleroma
  75. $ mix deps.get
  76. $ MIX_ENV=prod mix pleroma.instance gen # You will be asked a few questions here.
  77. ```
  79. Since Postgres is configured, we can now initialize the database. There should
  80. now be a file in `config/setup_db.psql` that makes this easier. Edit it, and
  81. *change the password* to a password of your choice. Make sure it is secure, since
  82. it'll be protecting your database. Now initialize the database:
  84. ```
  85. $ sudo -Hu pgsql -g pgsql psql -f config/setup_db.psql
  86. ```
  88. Postgres allows connections from all users without a password by default. To
  89. fix this, edit `/usr/pkg/pgsql/data/pg_hba.conf`. Change every `trust` to
  90. `password`.
  92. Once this is done, restart Postgres with `# /etc/rc.d/pgsql restart`.
  94. Run the database migrations.
  95. You will need to do this whenever you update with `git pull`:
  97. ```
  98. $ MIX_ENV=prod mix ecto.migrate
  99. ```
  101. ## Configuring nginx
  103. Install the example configuration file
  104. `/home/pleroma/pleroma/installation/pleroma.nginx` to
  105. `/usr/pkg/etc/nginx.conf`.
  107. Note that it will need to be wrapped in a `http {}` block. You should add
  108. settings for the nginx daemon outside of the http block, for example:
  110. ```
  111. user                    nginx  nginx;
  112. error_log               /var/log/nginx/error.log;
  113. worker_processes        4;
  115. events {
  116. }
  117. ```
  119. Edit the defaults:
  121. * Change `ssl_certificate` and `ssl_trusted_certificate` to
  122. `/etc/nginx/tls/fullchain`.
  123. * Change `ssl_certificate_key` to `/etc/nginx/tls/key`.
  124. * Change `example.tld` to your instance's domain name.
  126. ### (Strongly recommended) serve media on another domain
  128. Refer to the [Hardening your instance](../configuration/hardening.md) document on how to serve media on another domain. We STRONGLY RECOMMEND you to do this to minimize attack vectors.
  130. ## Configuring acme.sh
  132. We'll be using acme.sh in Stateless Mode for TLS certificate renewal.
  134. First, get your account fingerprint:
  136. ```
  137. $ sudo -Hu nginx -g nginx acme.sh --register-account
  138. ```
  140. You need to add the following to your nginx configuration for the server
  141. running on port 80:
  143. ```
  144.   location ~ ^/\.well-known/acme-challenge/([-_a-zA-Z0-9]+)$ {
  145.     default_type text/plain;
  146.     return 200 "$1.6fXAG9VyG0IahirPEU2ZerUtItW2DHzDzD9wZaEKpqd";
  147.   }
  148. ```
  150. Replace the string after after `$1.` with your fingerprint.
  152. Start nginx:
  154. ```
  155. # /etc/rc.d/nginx start
  156. ```
  158. It should now be possible to issue a cert (replace `example.com`
  159. with your domain name):
  161. ```
  162. $ sudo -Hu nginx -g nginx acme.sh --issue -d example.com --stateless
  163. ```
  165. Let's add auto-renewal to `/etc/daily.local`
  166. (replace `example.com` with your domain):
  168. ```
  169. /usr/pkg/bin/sudo -Hu nginx -g nginx \
  170.     /usr/pkg/sbin/acme.sh -r \
  171.     -d example.com \
  172.     --cert-file /etc/nginx/tls/cert \
  173.     --key-file /etc/nginx/tls/key \
  174.     --ca-file /etc/nginx/tls/ca \
  175.     --fullchain-file /etc/nginx/tls/fullchain \
  176.     --stateless
  177. ```
  179. ## Creating a startup script for Pleroma
  181. Copy the startup script to the correct location and make sure it's executable:
  183. ```
  184. # cp /home/pleroma/pleroma/installation/netbsd/rc.d/pleroma /etc/rc.d/pleroma
  185. # chmod +x /etc/rc.d/pleroma
  186. ```
  188. Add the following to `/etc/rc.conf`:
  190. ```
  191. pleroma=YES
  192. pleroma_home="/home/pleroma"
  193. pleroma_user="pleroma"
  194. ```
  196. Run `# /etc/rc.d/pleroma start` to start Pleroma.
  198. ## Conclusion
  200. Restart nginx with `# /etc/rc.d/nginx restart` and you should be up and running.
  202. Make sure your time is in sync, or other instances will receive your posts with
  203. incorrect timestamps. You should have ntpd running.
  205. ## Instances running NetBSD
  207. * <https://catgirl.science>
  209. #### Further reading
  211. {! backend/installation/further_reading.include !}
  213. ## Questions
  215. Questions about the installation or didn’t it work as it should be, ask in [#pleroma:libera.chat](https://matrix.to/#/#pleroma:libera.chat) via Matrix or **#pleroma** on **libera.chat** via IRC.