git.squeep.com Git - akkoma/blob - docs/installation/alpine_linux_en.md

   1 # Installing on Alpine Linux
   2 ## Installation
   3
   4 This guide is a step-by-step installation guide for Alpine Linux. The instructions were verified against Alpine v3.10 standard image. You might miss additional dependencies if you use `netboot` instead.
   5
   6 It assumes that you have administrative rights, either as root or a user with [sudo permissions](https://www.linode.com/docs/tools-reference/custom-kernels-distros/install-alpine-linux-on-your-linode/#configuration). If you want to run this guide with root, ignore the `sudo` at the beginning of the lines, unless it calls a user like `sudo -Hu pleroma`; in this case, use `su -l <username> -s $SHELL -c 'command'` instead.
   7
   8 ### Required packages
   9
  10 * `postgresql`
  11 * `elixir`
  12 * `erlang`
  13 * `erlang-parsetools`
  14 * `erlang-xmerl`
  15 * `git`
  16 * Development Tools
  17
  18 #### Optional packages used in this guide
  19
  20 * `nginx` (preferred, example configs for other reverse proxies can be found in the repo)
  21 * `certbot` (or any other ACME client for Let’s Encrypt certificates)
  22
  23 ### Prepare the system
  24
  25 * The community repository must be enabled in `/etc/apk/repositories`. Depending on which version and mirror you use this looks like `http://alpine.42.fr/v3.10/community`. If you autogenerated the mirror during installation:
  26
  27 ```shell
  28 awk 'NR==2' /etc/apk/repositories | sed 's/main/community/' | tee -a /etc/apk/repositories
  29 ```
  30
  31
  32 * Then update the system, if not already done:
  33
  34 ```shell
  35 sudo apk update
  36 sudo apk upgrade
  37 ```
  38
  39 * Install some tools, which are needed later:
  40
  41 ```shell
  42 sudo apk add git build-base
  43 ```
  44
  45 ### Install Elixir and Erlang
  46
  47 * Install Erlang and Elixir:
  48
  49 ```shell
  50 sudo apk add erlang erlang-runtime-tools erlang-xmerl elixir
  51 ```
  52
  53 * Install `erlang-eldap` if you want to enable ldap authenticator
  54
  55 ```shell
  56 sudo apk add erlang-eldap
  57 ```
  58 ### Install PostgreSQL
  59
  60 * Install Postgresql server:
  61
  62 ```shell
  63 sudo apk add postgresql postgresql-contrib
  64 ```
  65
  66 * Initialize database:
  67
  68 ```shell
  69 sudo /etc/init.d/postgresql start
  70 ```
  71
  72 * Enable and start postgresql server:
  73
  74 ```shell
  75 sudo rc-update add postgresql
  76 ```
  77
  78 ### Install PleromaBE
  79
  80 * Add a new system user for the Pleroma service:
  81
  82 ```shell
  83 sudo addgroup pleroma
  84 sudo adduser -S -s /bin/false -h /opt/pleroma -H -G pleroma pleroma
  85 ```
  86
  87 **Note**: To execute a single command as the Pleroma system user, use `sudo -Hu pleroma command`. You can also switch to a shell by using `sudo -Hu pleroma $SHELL`. If you don’t have and want `sudo` on your system, you can use `su` as root user (UID 0) for a single command by using `su -l pleroma -s $SHELL -c 'command'` and `su -l pleroma -s $SHELL` for starting a shell.
  88
  89 * Git clone the PleromaBE repository and make the Pleroma user the owner of the directory:
  90
  91 ```shell
  92 sudo mkdir -p /opt/pleroma
  93 sudo chown -R pleroma:pleroma /opt/pleroma
  94 sudo -Hu pleroma git clone -b master https://git.pleroma.social/pleroma/pleroma /opt/pleroma
  95 ```
  96
  97 * Change to the new directory:
  98
  99 ```shell
 100 cd /opt/pleroma
 101 ```
 102
 103 * Install the dependencies for Pleroma and answer with `yes` if it asks you to install `Hex`:
 104
 105 ```shell
 106 sudo -Hu pleroma mix deps.get
 107 ```
 108
 109 * Generate the configuration: `sudo -Hu pleroma mix pleroma.instance gen`
 110   * Answer with `yes` if it asks you to install `rebar3`.
 111   * This may take some time, because parts of pleroma get compiled first.
 112   * After that it will ask you a few questions about your instance and generates a configuration file in `config/generated_config.exs`.
 113
 114 * Check the configuration and if all looks right, rename it, so Pleroma will load it (`prod.secret.exs` for productive instance, `dev.secret.exs` for development instances):
 115
 116 ```shell
 117 mv config/{generated_config.exs,prod.secret.exs}
 118 ```
 119
 120 * The previous command creates also the file `config/setup_db.psql`, with which you can create the database:
 121
 122 ```shell
 123 sudo -Hu postgres psql -f config/setup_db.psql
 124 ```
 125
 126 * Now run the database migration:
 127
 128 ```shell
 129 sudo -Hu pleroma MIX_ENV=prod mix ecto.migrate
 130 ```
 131
 132 * Now you can start Pleroma already
 133
 134 ```shell
 135 sudo -Hu pleroma MIX_ENV=prod mix phx.server
 136 ```
 137
 138 ### Finalize installation
 139
 140 If you want to open your newly installed instance to the world, you should run nginx or some other webserver/proxy in front of Pleroma and you should consider to create an OpenRC service file for Pleroma.
 141
 142 #### Nginx
 143
 144 * Install nginx, if not already done:
 145
 146 ```shell
 147 sudo apk add nginx
 148 ```
 149
 150 * Setup your SSL cert, using your method of choice or certbot. If using certbot, first install it:
 151
 152 ```shell
 153 sudo apk add certbot
 154 ```
 155
 156 and then set it up:
 157
 158 ```shell
 159 sudo mkdir -p /var/lib/letsencrypt/
 160 sudo certbot certonly --email <your@emailaddress> -d <yourdomain> --standalone
 161 ```
 162
 163 If that doesn’t work, make sure, that nginx is not already running. If it still doesn’t work, try setting up nginx first (change ssl “on” to “off” and try again).
 164
 165 * Copy the example nginx configuration to the nginx folder
 166
 167 ```shell
 168 sudo cp /opt/pleroma/installation/pleroma.nginx /etc/nginx/conf.d/pleroma.conf
 169 ```
 170
 171 * Before starting nginx edit the configuration and change it to your needs. You must change change `server_name` and the paths to the certificates. You can use `nano` (install with `apk add nano` if missing).
 172
 173 ```
 174 server {
 175     server_name    your.domain;
 176     listen         80;
 177     ...
 178 }
 179
 180 server {
 181     server_name your.domain;
 182     listen 443 ssl http2;
 183     ...
 184     ssl_trusted_certificate   /etc/letsencrypt/live/your.domain/chain.pem;
 185     ssl_certificate           /etc/letsencrypt/live/your.domain/fullchain.pem;
 186     ssl_certificate_key       /etc/letsencrypt/live/your.domain/privkey.pem;
 187     ...
 188 }
 189 ```
 190
 191 * Enable and start nginx:
 192
 193 ```shell
 194 sudo rc-update add nginx
 195 sudo service nginx start
 196 ```
 197
 198 If you need to renew the certificate in the future, uncomment the relevant location block in the nginx config and run:
 199
 200 ```shell
 201 sudo certbot certonly --email <your@emailaddress> -d <yourdomain> --webroot -w /var/lib/letsencrypt/
 202 ```
 203
 204 #### OpenRC service
 205
 206 * Copy example service file:
 207
 208 ```shell
 209 sudo cp /opt/pleroma/installation/init.d/pleroma /etc/init.d/pleroma
 210 ```
 211
 212 * Make sure to start it during the boot
 213
 214 ```shell
 215 sudo rc-update add pleroma
 216 ```
 217
 218 #### Create your first user
 219
 220 If your instance is up and running, you can create your first user with administrative rights with the following task:
 221
 222 ```shell
 223 sudo -Hu pleroma MIX_ENV=prod mix pleroma.user new <username> <your@emailaddress> --admin
 224 ```
 225
 226 #### Further reading
 227
 228 * [Backup your instance](../administration/backup.md)
 229 * [Hardening your instance](../configuration/hardening.md)
 230 * [How to activate mediaproxy](../configuration/howto_mediaproxy.md)
 231 * [Updating your instance](../administration/updating.md)
 232
 233 ## Questions
 234
 235 Questions about the installation or didn’t it work as it should be, ask in [#pleroma:matrix.org](https://matrix.heldscal.la/#/room/#freenode_#pleroma:matrix.org) or IRC Channel **#pleroma** on **Freenode**.