Install mastodon compatible activity pub server for less then 5$/month

akkoma_setup.md

This setup is suitable to start a new fediverse server with few users.

• removed ssh/gopher frontend support
• removed chats
• removed scrobling support
• other stuff slowing down server were chopped off
• added elasticsearch and meilisearch support
• EDIT posts 🔦

Video Tutorial https://www.youtube.com/watch?v=GDCvCkSWKak

Setup VPS for akkoma

Select any VPS provider that you like. You will need at least 2Gb 1CPU box.

Hetzner

Select Image Rocky Linux. Rest of the guide will be in the scope of this distro Type - standart CX11 Networking - IPV4/IPV6 SSH keys - add your ssh key Volumes - leave it blank Firewalls - add firewall that allows only incoming 22/tcp port

Initial Linux hardening

Before going further, we need to harden security on our server

SELinux

In /etc/ssh/sshd_config set SELINUX=enforcing and reboot your instance with command reboot

Create user for yourself

Create user and set password

useradd yourself
passwd yourself

Add user to wheel group, so yourself user can use "sudo" to elevate permissions

usermod -a -G wheel yourself

Copy ssh auth keys to user, so you can have access

cp /root/.ssh /home/yourself/.ssh -a
chown yourself:yourself /home/yourself/.ssh -R

SSH

In /etc/ssh/sshd_config, set

PasswordAuthentication no
PermitRootLogin no
PubkeyAuthentication yes

and restart ssh daemon

systemctl restart sshd

Enable OS autoupdates

dnf install dnf-automatic
systemctl enable dnf-automatic.timer
systemctl start  dnf-automatic

Run full update

yum update

Prepare environment for akkoma

Instal git

yum install git

Install docker

Install docker package

yum install yum-utils epel-release
yum-config-manager --add-repo  https://download.docker.com/linux/centos/docker-ce.repo
yum install docker-ce docker-ce-cli containerd.io docker-compose-plugin

Start & autostart docker daemon

systemctl enable docker
systemctl start docker

Create symlink to docker compose plugin, so akkoma scripts can use this plugin

ln -s /usr/libexec/docker/cli-plugins/docker-compose /usr/bin/docker-compose

Akkoma user

Add user for akkoma and allow to use docker daemon

useradd akkoma
usermod -a -G docker akkoma

Create Swapfile

As to build and run akkoma we will need a little bit more memory, let's add swapfile

dd if=/dev/zero of=/root/swapfile bs=1024 count=5242880
chown root:root /root/swapfile
chmod 0600 /root/swapfile
mkswap /root/swapfile
swapon /root/swapfile

Add swap to mount config in /etc/fstab

/root/swapfile swap swap defaults 0 0

Enable swap

swapon -a

Install akkoma

Switch user to akkoma

su - akkoma

Please refer to https://docs.akkoma.dev/stable/installation/docker_en/ for latest installation instructions

Set up basic configuration

cp docker-resources/env.example .env
echo "DOCKER_USER=$(id -u):$(id -g)" >> .env

Change DB_PASS in .env in docker-compose

Building the container

The container provided is a thin wrapper around akkoma's dependencies, it does not contain the code itself. This is to allow for easy updates and debugging if required.

./docker-resources/build.sh

This will generate a container called akkoma which we can use in our compose environment.

Generating your instance

mkdir pgdata
./docker-resources/manage.sh mix deps.get
./docker-resources/manage.sh mix compile
./docker-resources/manage.sh mix pleroma.instance gen

This will ask you a few questions - the defaults are fine for most things, the database hostname is db, the database password is akkoma (not auto generated), and you will want to set the ip to 0.0.0.0.

Now we'll want to copy over the config it just created

cp config/generated_config.exs config/prod.secret.exs

Setting up the database

We need to run a few commands on the database container, this isn't too bad

docker-compose run --rm --user akkoma -d db
# Note down the name it gives here, it will be something like akkoma_db_run
docker-compose run --rm akkoma psql -h db -U akkoma -f config/setup_db.psql
docker stop akkoma_db_run # Replace with the name you noted down

Now we can actually run our migrations

./docker-resources/manage.sh mix ecto.migrate
# this will recompile your files at the same time, since we changed the config

Start the server

We're going to run it in the foreground on the first run, just to make sure everything start up.

docker-compose up

If everything went well, you should be able to access your instance at http://localhost:4000

You can ctrl-c out of the docker-compose now to shutdown the server.

Running in the background

docker-compose up -d

Create admin user

If your instance is up and running, you can create your first user with administrative rights with the following task:

./docker-resources/manage.sh mix pleroma.user new superadmin  superadmin@social --admin

Create user for toots

./docker-resources/manage.sh mix pleroma.user new yourself  yourself@social

Installing Frontends

Once your backend server is functional, you'll also want to probably install frontends.

These are no longer bundled with the distribution and need an extra command to install.

    ./docker-resources/manage.sh mix pleroma.frontend install pleroma-fe --ref stable
    ./docker-resources/manage.sh mix pleroma.frontend install admin-fe --ref stable

Configure Ingress

For ingress, we will use cloudflare argo tunnel

Setup and create domain on https://www.cloudflare.com/

Go to Zero Trust -> Access -> Tunnels -> Create Tunnel

Choose operating system "Red Hat" and architecture "amd64"

copy and run snippet from cloudflare page to run connector

On the next step, choose your domain and subdomain if needed .

Set "Service" to "HTTP" and URL to "127.0.0.1:4000"

Click "Save ..."

Now you can go to https://social.yourdomain.com and check if your akkoma server is working!

Disable registrations

https://youtu.be/GDCvCkSWKak?t=1665

Disable known timeline

https://youtu.be/GDCvCkSWKak?t=1840

Black list instances

https://youtu.be/GDCvCkSWKak?t=1862