git.squeep.com Git - akkoma/blob - docs/installation/alpine_linux_en.md

   1 # Installing on Alpine Linux
   2 ## Installation
   3
   4 This guide is a step-by-step installation guide for Alpine Linux. The instructions were verified against Alpine v3.10 standard image. You might miss additional dependencies if you use `netboot` instead.
   5
   6 It assumes that you have administrative rights, either as root or a user with [sudo permissions](https://www.linode.com/docs/tools-reference/custom-kernels-distros/install-alpine-linux-on-your-linode/#configuration). If you want to run this guide with root, ignore the `sudo` at the beginning of the lines, unless it calls a user like `sudo -Hu pleroma`; in this case, use `su -l <username> -s $SHELL -c 'command'` instead.
   7
   8 ### Required packages
   9
  10 * `postgresql`
  11 * `elixir`
  12 * `erlang`
  13 * `erlang-parsetools`
  14 * `erlang-xmerl`
  15 * `git`
  16 * `file-dev`
  17 * Development Tools
  18
  19 #### Optional packages used in this guide
  20
  21 * `nginx` (preferred, example configs for other reverse proxies can be found in the repo)
  22 * `certbot` (or any other ACME client for Let’s Encrypt certificates)
  23
  24 ### Prepare the system
  25
  26 * The community repository must be enabled in `/etc/apk/repositories`. Depending on which version and mirror you use this looks like `http://alpine.42.fr/v3.10/community`. If you autogenerated the mirror during installation:
  27
  28 ```shell
  29 awk 'NR==2' /etc/apk/repositories | sed 's/main/community/' | tee -a /etc/apk/repositories
  30 ```
  31
  32
  33 * Then update the system, if not already done:
  34
  35 ```shell
  36 sudo apk update
  37 sudo apk upgrade
  38 ```
  39
  40 * Install some tools, which are needed later:
  41
  42 ```shell
  43 sudo apk add git build-base file-dev
  44 ```
  45
  46 ### Install Elixir and Erlang
  47
  48 * Install Erlang and Elixir:
  49
  50 ```shell
  51 sudo apk add erlang erlang-runtime-tools erlang-xmerl elixir
  52 ```
  53
  54 * Install `erlang-eldap` if you want to enable ldap authenticator
  55
  56 ```shell
  57 sudo apk add erlang-eldap
  58 ```
  59 ### Install PostgreSQL
  60
  61 * Install Postgresql server:
  62
  63 ```shell
  64 sudo apk add postgresql postgresql-contrib
  65 ```
  66
  67 * Initialize database:
  68
  69 ```shell
  70 sudo /etc/init.d/postgresql start
  71 ```
  72
  73 * Enable and start postgresql server:
  74
  75 ```shell
  76 sudo rc-update add postgresql
  77 ```
  78
  79 ### Install PleromaBE
  80
  81 * Add a new system user for the Pleroma service:
  82
  83 ```shell
  84 sudo addgroup pleroma
  85 sudo adduser -S -s /bin/false -h /opt/pleroma -H -G pleroma pleroma
  86 ```
  87
  88 **Note**: To execute a single command as the Pleroma system user, use `sudo -Hu pleroma command`. You can also switch to a shell by using `sudo -Hu pleroma $SHELL`. If you don’t have and want `sudo` on your system, you can use `su` as root user (UID 0) for a single command by using `su -l pleroma -s $SHELL -c 'command'` and `su -l pleroma -s $SHELL` for starting a shell.
  89
  90 * Git clone the PleromaBE repository and make the Pleroma user the owner of the directory:
  91
  92 ```shell
  93 sudo mkdir -p /opt/pleroma
  94 sudo chown -R pleroma:pleroma /opt/pleroma
  95 sudo -Hu pleroma git clone -b stable https://git.pleroma.social/pleroma/pleroma /opt/pleroma
  96 ```
  97
  98 * Change to the new directory:
  99
 100 ```shell
 101 cd /opt/pleroma
 102 ```
 103
 104 * Install the dependencies for Pleroma and answer with `yes` if it asks you to install `Hex`:
 105
 106 ```shell
 107 sudo -Hu pleroma mix deps.get
 108 ```
 109
 110 * Generate the configuration: `sudo -Hu pleroma mix pleroma.instance gen`
 111   * Answer with `yes` if it asks you to install `rebar3`.
 112   * This may take some time, because parts of pleroma get compiled first.
 113   * After that it will ask you a few questions about your instance and generates a configuration file in `config/generated_config.exs`.
 114
 115 * Check the configuration and if all looks right, rename it, so Pleroma will load it (`prod.secret.exs` for productive instance, `dev.secret.exs` for development instances):
 116
 117 ```shell
 118 mv config/{generated_config.exs,prod.secret.exs}
 119 ```
 120
 121 * The previous command creates also the file `config/setup_db.psql`, with which you can create the database:
 122
 123 ```shell
 124 sudo -Hu postgres psql -f config/setup_db.psql
 125 ```
 126
 127 * Now run the database migration:
 128
 129 ```shell
 130 sudo -Hu pleroma MIX_ENV=prod mix ecto.migrate
 131 ```
 132
 133 * Now you can start Pleroma already
 134
 135 ```shell
 136 sudo -Hu pleroma MIX_ENV=prod mix phx.server
 137 ```
 138
 139 ### Finalize installation
 140
 141 If you want to open your newly installed instance to the world, you should run nginx or some other webserver/proxy in front of Pleroma and you should consider to create an OpenRC service file for Pleroma.
 142
 143 #### Nginx
 144
 145 * Install nginx, if not already done:
 146
 147 ```shell
 148 sudo apk add nginx
 149 ```
 150
 151 * Setup your SSL cert, using your method of choice or certbot. If using certbot, first install it:
 152
 153 ```shell
 154 sudo apk add certbot
 155 ```
 156
 157 and then set it up:
 158
 159 ```shell
 160 sudo mkdir -p /var/lib/letsencrypt/
 161 sudo certbot certonly --email <your@emailaddress> -d <yourdomain> --standalone
 162 ```
 163
 164 If that doesn’t work, make sure, that nginx is not already running. If it still doesn’t work, try setting up nginx first (change ssl “on” to “off” and try again).
 165
 166 * Copy the example nginx configuration to the nginx folder
 167
 168 ```shell
 169 sudo cp /opt/pleroma/installation/pleroma.nginx /etc/nginx/conf.d/pleroma.conf
 170 ```
 171
 172 * Before starting nginx edit the configuration and change it to your needs. You must change change `server_name` and the paths to the certificates. You can use `nano` (install with `apk add nano` if missing).
 173
 174 ```
 175 server {
 176     server_name    your.domain;
 177     listen         80;
 178     ...
 179 }
 180
 181 server {
 182     server_name your.domain;
 183     listen 443 ssl http2;
 184     ...
 185     ssl_trusted_certificate   /etc/letsencrypt/live/your.domain/chain.pem;
 186     ssl_certificate           /etc/letsencrypt/live/your.domain/fullchain.pem;
 187     ssl_certificate_key       /etc/letsencrypt/live/your.domain/privkey.pem;
 188     ...
 189 }
 190 ```
 191
 192 * Enable and start nginx:
 193
 194 ```shell
 195 sudo rc-update add nginx
 196 sudo service nginx start
 197 ```
 198
 199 If you need to renew the certificate in the future, uncomment the relevant location block in the nginx config and run:
 200
 201 ```shell
 202 sudo certbot certonly --email <your@emailaddress> -d <yourdomain> --webroot -w /var/lib/letsencrypt/
 203 ```
 204
 205 #### OpenRC service
 206
 207 * Copy example service file:
 208
 209 ```shell
 210 sudo cp /opt/pleroma/installation/init.d/pleroma /etc/init.d/pleroma
 211 ```
 212
 213 * Make sure to start it during the boot
 214
 215 ```shell
 216 sudo rc-update add pleroma
 217 ```
 218
 219 #### Create your first user
 220
 221 If your instance is up and running, you can create your first user with administrative rights with the following task:
 222
 223 ```shell
 224 sudo -Hu pleroma MIX_ENV=prod mix pleroma.user new <username> <your@emailaddress> --admin
 225 ```
 226
 227 #### Further reading
 228
 229 * [Backup your instance](../administration/backup.md)
 230 * [Hardening your instance](../configuration/hardening.md)
 231 * [How to activate mediaproxy](../configuration/howto_mediaproxy.md)
 232 * [Updating your instance](../administration/updating.md)
 233
 234 ## Questions
 235
 236 Questions about the installation or didn’t it work as it should be, ask in [#pleroma:matrix.org](https://matrix.heldscal.la/#/room/#freenode_#pleroma:matrix.org) or IRC Channel **#pleroma** on **Freenode**.