1 # Installing on Linux using OTP releases
4 * A machine running Linux with GNU (e.g. Debian, Ubuntu) or musl (e.g. Alpine) libc and `x86_64`, `aarch64` or `armv7l` CPU, you have root access to. If you are not sure if it's compatible see [Detecting flavour section](#detecting-flavour) below
5 * A (sub)domain pointed to the machine
7 You will be running commands as root. If you aren't root already, please elevate your priviledges by executing `sudo su`/`su`.
9 While in theory OTP releases are possbile to install on any compatible machine, for the sake of simplicity this guide focuses only on Debian/Ubuntu/Alpine.
13 Paste the following into the shell:
15 arch="$(uname -m)";if [ "$arch" = "x86_64" ];then arch="amd64";elif [ "$arch" = "armv7l" ];then arch="arm";elif [ "$arch" = "aarch64" ];then arch="arm64";else echo "Unsupported arch: $arch">&2;fi;if getconf GNU_LIBC_VERSION>/dev/null;then libc_postfix="";elif [ "$(ldd 2>&1|head -c 9)" = "musl libc" ];then libc_postfix="-musl";elif [ "$(find /lib/libc.musl*|wc -l)" ];then libc_postfix="-musl";else echo "Unsupported libc">&2;fi;echo "$arch$libc_postfix"
18 If your platform is supported the output will contain the flavour string, you will need it later. If not, this just means that we don't build releases for your platform, you can still try installing from source.
20 ### Installing the required packages
22 Other than things bundled in the OTP release Pleroma depends on:
23 * curl (to download the release build)
24 * unzip (needed to unpack release builds)
25 * ncurses (ERTS won't run without it)
26 * PostgreSQL (also utilizes extensions in postgresql-contrib)
27 * nginx (could be swapped with another reverse proxy but this guide covers only it)
28 * certbot (for Let's Encrypt certificates, could be swapped with another ACME client, but this guide covers only it)
32 apt install curl unzip libncurses5 postgresql postgresql-contrib nginx certbot
36 **Warning:** There has been some changes to musl on Alpine 3.10 which need an Elixir rebuild. Since the build machines are running Alpine 3.9 running the builds on 3.10 will likely fail with "dlsym: Resource temporarily unavailable". If you have not updated yet, replace `latest-stable` with `v3.9` in `/etc/apk/repositories`. If you have, try downgrading `musl` to `1.1.20-r3`
38 echo "http://nl.alpinelinux.org/alpine/v3.9/community" >> /etc/apk/repositories
40 apk add curl unzip ncurses postgresql postgresql-contrib nginx certbot
44 ### Configuring PostgreSQL
45 #### (Optional) Installing RUM indexes
46 RUM indexes are an alternative indexing scheme that is not included in PostgreSQL by default. You can read more about them on the [Configuration page](config.html#rum-indexing-for-full-text-search). They are completely optional and most of the time are not worth it, especially if you are running a single user instance (unless you absolutely need ordered search results).
48 Debian/Ubuntu (available only on Buster/19.04):
50 apt install postgresql-11-rum
54 apk add gcc make git postgresql-dev musl-dev
55 git clone https://github.com/postgrespro/rum /tmp/rum
58 make USE_PGXS=1 install
62 #### (Optional) Performance configuration
63 For optimal performance, you may use [PGTune](https://pgtune.leopard.in.ua), don't forget to restart postgresql after editing the configuration
67 systemctl restart postgresql
71 rc-service postgresql restart
73 ### Installing Pleroma
75 # Create the Pleroma user
76 adduser --system --shell /bin/false --home /opt/pleroma pleroma
78 # Set the flavour environment variable to the string you got in Detecting flavour section.
79 # For example if the flavour is `arm64-musl` the command will be
80 export FLAVOUR="arm64-musl"
82 # Clone the release build into a temporary directory and unpack it
83 su pleroma -s $SHELL -lc "
84 curl 'https://git.pleroma.social/api/v4/projects/2/jobs/artifacts/master/download?job=$FLAVOUR' -o /tmp/pleroma.zip
85 unzip /tmp/pleroma.zip -d /tmp/
88 # Move the release to the home directory and delete temporary files
89 su pleroma -s $SHELL -lc "
90 mv /tmp/release/* /opt/pleroma
94 # Create uploads directory and set proper permissions (skip if planning to use a remote uploader)
95 # Note: It does not have to be `/var/lib/pleroma/uploads`, the config generator will ask about the upload directory later
97 mkdir -p /var/lib/pleroma/uploads
98 chown -R pleroma /var/lib/pleroma
100 # Create custom public files directory (custom emojis, frontend bundle overrides, robots.txt, etc.)
101 # Note: It does not have to be `/var/lib/pleroma/static`, the config generator will ask about the custom public files directory later
102 mkdir -p /var/lib/pleroma/static
103 chown -R pleroma /var/lib/pleroma
105 # Create a config directory
106 mkdir -p /etc/pleroma
107 chown -R pleroma /etc/pleroma
109 # Run the config generator
110 su pleroma -s $SHELL -lc "./bin/pleroma_ctl instance gen --output /etc/pleroma/config.exs --output-psql /tmp/setup_db.psql"
112 # Create the postgres database
113 su postgres -s $SHELL -lc "psql -f /tmp/setup_db.psql"
115 # Create the database schema
116 su pleroma -s $SHELL -lc "./bin/pleroma_ctl migrate"
118 # If you have installed RUM indexes uncommend and run
119 # su pleroma -s $SHELL -lc "./bin/pleroma_ctl migrate --migrations-path priv/repo/optional_migrations/rum_indexing/"
121 # Start the instance to verify that everything is working as expected
122 su pleroma -s $SHELL -lc "./bin/pleroma daemon"
124 # Wait for about 20 seconds and query the instance endpoint, if it shows your uri, name and email correctly, you are configured correctly
125 sleep 20 && curl http://localhost:4000/api/v1/instance
128 su pleroma -s $SHELL -lc "./bin/pleroma stop"
131 ### Setting up nginx and getting Let's Encrypt SSL certificaties
134 # Get a Let's Encrypt certificate
135 certbot certonly --standalone --preferred-challenges http -d yourinstance.tld
137 # Copy the Pleroma nginx configuration to the nginx folder
138 # The location of nginx configs is dependent on the distro
141 cp /opt/pleroma/installation/pleroma.nginx /etc/nginx/sites-available/pleroma.nginx
142 ln -s /etc/nginx/sites-available/pleroma.nginx /etc/nginx/sites-enabled/pleroma.nginx
144 cp /opt/pleroma/installation/pleroma.nginx /etc/nginx/conf.d/pleroma.conf
145 # If your distro does not have either of those you can append
146 # `include /etc/nginx/pleroma.conf` to the end of the http section in /etc/nginx/nginx.conf and
147 cp /opt/pleroma/installation/pleroma.nginx /etc/nginx/pleroma.conf
149 # Edit the nginx config replacing example.tld with your (sub)domain
150 $EDITOR path-to-nginx-config
152 # Verify that the config is valid
157 systemctl start nginx
159 rc-service nginx start
162 At this point if you open your (sub)domain in a browser you should see a 502 error, that's because pleroma is not started yet.
164 ### Setting up a system service
167 # Copy the service into a proper directory
168 cp /opt/pleroma/installation/pleroma.service /etc/systemd/system/pleroma.service
170 # Start pleroma and enable it on boot
171 systemctl start pleroma
172 systemctl enable pleroma
176 # Copy the service into a proper directory
177 cp /opt/pleroma/installation/init.d/pleroma /etc/init.d/pleroma
179 # Start pleroma and enable it on boot
180 rc-service pleroma start
181 rc-update add pleroma
184 If everything worked, you should see Pleroma-FE when visiting your domain. If that didn't happen, try reviewing the installation steps, starting Pleroma in the foreground and seeing if there are any errrors.
186 Still doesn't work? Feel free to contact us on [#pleroma on freenode](https://webchat.freenode.net/?channels=%23pleroma) or via matrix at <https://matrix.heldscal.la/#/room/#freenode_#pleroma:matrix.org>, you can also [file an issue on our Gitlab](https://git.pleroma.social/pleroma/pleroma/issues/new)
190 ### Setting up auto-renew Let's Encrypt certificate
192 # Create the directory for webroot challenges
193 mkdir -p /var/lib/letsencrypt
195 # Uncomment the webroot method
196 $EDITOR path-to-nginx-config
198 # Verify that the config is valid
204 systemctl restart nginx
206 # Ensure the webroot menthod and post hook is working
207 certbot renew --cert-name yourinstance.tld --webroot -w /var/lib/letsencrypt/ --dry-run --post-hook 'systemctl nginx reload'
209 # Add it to the daily cron
211 certbot renew --cert-name yourinstance.tld --webroot -w /var/lib/letsencrypt/ --dry-run --post-hook "systemctl reload nginx"
212 ' > /etc/cron.daily/renew-pleroma-cert
213 chmod +x /etc/cron.daily/renew-pleroma-cert
215 # If everything worked the output should contain /etc/cron.daily/renew-pleroma-cert
216 run-parts --test /etc/cron.daily
221 rc-service nginx restart
223 # Start the cron daemon and make it start on boot
224 rc-service crond start
227 # Ensure the webroot menthod and post hook is working
228 certbot renew --cert-name yourinstance.tld --webroot -w /var/lib/letsencrypt/ --dry-run --post-hook 'rc-service nginx reload'
230 # Add it to the daily cron
232 certbot renew --cert-name yourinstance.tld --webroot -w /var/lib/letsencrypt/ --dry-run --post-hook "rc-service nginx reload"
233 ' > /etc/periodic/daily/renew-pleroma-cert
234 chmod +x /etc/periodic/daily/renew-pleroma-cert
236 # If everything worked this should output /etc/periodic/daily/renew-pleroma-cert
237 run-parts --test /etc/periodic/daily
239 ### Running Mix tasks