projects / akkoma / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
docs/…/opt_en.md: Reuse /main/ repository url for the /community/ repo
[akkoma] / docs / installation / otp_en.md
1 # Installing on Linux using OTP releases
2
3 ## Pre-requisites
4 * A machine running Linux with GNU (e.g. Debian, Ubuntu) or musl (e.g. Alpine) libc and `x86_64`, `aarch64` or `armv7l` CPU, you have root access to. If you are not sure if it's compatible see [Detecting flavour section](#detecting-flavour) below
5 * A (sub)domain pointed to the machine
6
7 You will be running commands as root. If you aren't root already, please elevate your priviledges by executing `sudo su`/`su`.
8
9 While in theory OTP releases are possbile to install on any compatible machine, for the sake of simplicity this guide focuses only on Debian/Ubuntu and Alpine.
10
11 ### Detecting flavour
12
13 Paste the following into the shell:
14 ```sh
15 arch="$(uname -m)";if [ "$arch" = "x86_64" ];then arch="amd64";elif [ "$arch" = "armv7l" ];then arch="arm";elif [ "$arch" = "aarch64" ];then arch="arm64";else echo "Unsupported arch: $arch">&2;fi;if getconf GNU_LIBC_VERSION>/dev/null;then libc_postfix="";elif [ "$(ldd 2>&1|head -c 9)" = "musl libc" ];then libc_postfix="-musl";elif [ "$(find /lib/libc.musl*|wc -l)" ];then libc_postfix="-musl";else echo "Unsupported libc">&2;fi;echo "$arch$libc_postfix"
16 ```
17
18 If your platform is supported the output will contain the flavour string, you will need it later. If not, this just means that we don't build releases for your platform, you can still try installing from source.
19
20 ### Installing the required packages
21
22 Other than things bundled in the OTP release Pleroma depends on:
23
24 * curl (to download the release build)
25 * unzip (needed to unpack release builds)
26 * ncurses (ERTS won't run without it)
27 * PostgreSQL (also utilizes extensions in postgresql-contrib)
28 * nginx (could be swapped with another reverse proxy but this guide covers only it)
29 * certbot (for Let's Encrypt certificates, could be swapped with another ACME client, but this guide covers only it)
30 * libmagic/file
31
32 === "Alpine"
33 ```
34 awk 'NR==2' /etc/apk/repositories | sed 's/main/community/' | tee -a /etc/apk/repositories
35 apk update
36 apk add curl unzip ncurses postgresql postgresql-contrib nginx certbot file-dev
37 ```
38
39 === "Debian/Ubuntu"
40 ```
41 apt install curl unzip libncurses5 postgresql postgresql-contrib nginx certbot libmagic-dev
42 ```
43
44 ### Installing optional packages
45
46 Per [`docs/installation/optional/media_graphics_packages.md`](optional/media_graphics_packages.md):
47 * ImageMagick
48 * ffmpeg
49 * exiftool
50
51 === "Alpine"
52 ```
53 apk update
54 apk add imagemagick ffmpeg exiftool
55 ```
56
57 === "Debian/Ubuntu"
58 ```
59 apt install imagemagick ffmpeg libimage-exiftool-perl
60 ```
61
62 ## Setup
63 ### Configuring PostgreSQL
64 #### (Optional) Installing RUM indexes
65
66 !!! warning
67 It is recommended to use PostgreSQL v11 or newer. We have seen some minor issues with lower PostgreSQL versions.
68
69 RUM indexes are an alternative indexing scheme that is not included in PostgreSQL by default. You can read more about them on the [Configuration page](../configuration/cheatsheet.md#rum-indexing-for-full-text-search). They are completely optional and most of the time are not worth it, especially if you are running a single user instance (unless you absolutely need ordered search results).
70
71 === "Alpine"
72 ```
73 apk add git build-base postgresql-dev
74 git clone https://github.com/postgrespro/rum /tmp/rum
75 cd /tmp/rum
76 make USE_PGXS=1
77 make USE_PGXS=1 install
78 cd
79 rm -r /tmp/rum
80 ```
81
82 === "Debian/Ubuntu"
83 ```
84 # Available only on Buster/19.04
85 apt install postgresql-11-rum
86 ```
87
88 #### (Optional) Performance configuration
89 It is encouraged to check [Optimizing your PostgreSQL performance](../configuration/postgresql.md) document, for tips on PostgreSQL tuning.
90
91 Restart PostgreSQL to apply configuration changes:
92
93 === "Alpine"
94 ```
95 rc-service postgresql restart
96 ```
97
98 === "Debian/Ubuntu"
99 ```
100 systemctl restart postgresql
101 ```
102
103 ### Installing Pleroma
104 ```sh
105 # Create a Pleroma user
106 adduser --system --shell /bin/false --home /opt/pleroma pleroma
107
108 # Set the flavour environment variable to the string you got in Detecting flavour section.
109 # For example if the flavour is `amd64-musl` the command will be
110 export FLAVOUR="amd64-musl"
111
112 # Clone the release build into a temporary directory and unpack it
113 su pleroma -s $SHELL -lc "
114 curl 'https://git.pleroma.social/api/v4/projects/2/jobs/artifacts/stable/download?job=$FLAVOUR' -o /tmp/pleroma.zip
115 unzip /tmp/pleroma.zip -d /tmp/
116 "
117
118 # Move the release to the home directory and delete temporary files
119 su pleroma -s $SHELL -lc "
120 mv /tmp/release/* /opt/pleroma
121 rmdir /tmp/release
122 rm /tmp/pleroma.zip
123 "
124 # Create uploads directory and set proper permissions (skip if planning to use a remote uploader)
125 # Note: It does not have to be `/var/lib/pleroma/uploads`, the config generator will ask about the upload directory later
126
127 mkdir -p /var/lib/pleroma/uploads
128 chown -R pleroma /var/lib/pleroma
129
130 # Create custom public files directory (custom emojis, frontend bundle overrides, robots.txt, etc.)
131 # Note: It does not have to be `/var/lib/pleroma/static`, the config generator will ask about the custom public files directory later
132 mkdir -p /var/lib/pleroma/static
133 chown -R pleroma /var/lib/pleroma
134
135 # Create a config directory
136 mkdir -p /etc/pleroma
137 chown -R pleroma /etc/pleroma
138
139 # Run the config generator
140 su pleroma -s $SHELL -lc "./bin/pleroma_ctl instance gen --output /etc/pleroma/config.exs --output-psql /tmp/setup_db.psql"
141
142 # Create the postgres database
143 su postgres -s $SHELL -lc "psql -f /tmp/setup_db.psql"
144
145 # Create the database schema
146 su pleroma -s $SHELL -lc "./bin/pleroma_ctl migrate"
147
148 # If you have installed RUM indexes uncommend and run
149 # su pleroma -s $SHELL -lc "./bin/pleroma_ctl migrate --migrations-path priv/repo/optional_migrations/rum_indexing/"
150
151 # Start the instance to verify that everything is working as expected
152 su pleroma -s $SHELL -lc "./bin/pleroma daemon"
153
154 # Wait for about 20 seconds and query the instance endpoint, if it shows your uri, name and email correctly, you are configured correctly
155 sleep 20 && curl http://localhost:4000/api/v1/instance
156
157 # Stop the instance
158 su pleroma -s $SHELL -lc "./bin/pleroma stop"
159 ```
160
161 ### Setting up nginx and getting Let's Encrypt SSL certificaties
162
163 #### Get a Let's Encrypt certificate
164 ```sh
165 certbot certonly --standalone --preferred-challenges http -d yourinstance.tld
166 ```
167
168 #### Copy Pleroma nginx configuration to the nginx folder
169
170 The location of nginx configs is dependent on the distro
171
172 === "Alpine"
173 ```
174 cp /opt/pleroma/installation/pleroma.nginx /etc/nginx/conf.d/pleroma.conf
175 ```
176
177 === "Debian/Ubuntu"
178 ```
179 cp /opt/pleroma/installation/pleroma.nginx /etc/nginx/sites-available/pleroma.conf
180 ln -s /etc/nginx/sites-available/pleroma.conf /etc/nginx/sites-enabled/pleroma.conf
181 ```
182
183 If your distro does not have either of those you can append `include /etc/nginx/pleroma.conf` to the end of the http section in /etc/nginx/nginx.conf and
184 ```sh
185 cp /opt/pleroma/installation/pleroma.nginx /etc/nginx/pleroma.conf
186 ```
187
188 #### Edit the nginx config
189 ```sh
190 # Replace example.tld with your (sub)domain
191 $EDITOR path-to-nginx-config
192
193 # Verify that the config is valid
194 nginx -t
195 ```
196 #### Start nginx
197
198 === "Alpine"
199 ```
200 rc-service nginx start
201 ```
202
203 === "Debian/Ubuntu"
204 ```
205 systemctl start nginx
206 ```
207
208 At this point if you open your (sub)domain in a browser you should see a 502 error, that's because Pleroma is not started yet.
209
210 ### Setting up a system service
211
212 === "Alpine"
213 ```
214 # Copy the service into a proper directory
215 cp /opt/pleroma/installation/init.d/pleroma /etc/init.d/pleroma
216
217 # Start pleroma and enable it on boot
218 rc-service pleroma start
219 rc-update add pleroma
220 ```
221
222 === "Debian/Ubuntu"
223 ```
224 # Copy the service into a proper directory
225 cp /opt/pleroma/installation/pleroma.service /etc/systemd/system/pleroma.service
226
227 # Start pleroma and enable it on boot
228 systemctl start pleroma
229 systemctl enable pleroma
230 ```
231
232 If everything worked, you should see Pleroma-FE when visiting your domain. If that didn't happen, try reviewing the installation steps, starting Pleroma in the foreground and seeing if there are any errrors.
233
234 Questions about the installation or didn’t it work as it should be, ask in [#pleroma:libera.chat](https://matrix.to/#/#pleroma:libera.chat) via Matrix or **#pleroma** on **libera.chat** via IRC, you can also [file an issue on our Gitlab](https://git.pleroma.social/pleroma/pleroma-support/issues/new).
235
236 ## Post installation
237
238 ### Setting up auto-renew of the Let's Encrypt certificate
239 ```sh
240 # Create the directory for webroot challenges
241 mkdir -p /var/lib/letsencrypt
242
243 # Uncomment the webroot method
244 $EDITOR path-to-nginx-config
245
246 # Verify that the config is valid
247 nginx -t
248 ```
249
250 === "Alpine"
251 ```
252 # Restart nginx
253 rc-service nginx restart
254
255 # Start the cron daemon and make it start on boot
256 rc-service crond start
257 rc-update add crond
258
259 # Ensure the webroot menthod and post hook is working
260 certbot renew --cert-name yourinstance.tld --webroot -w /var/lib/letsencrypt/ --dry-run --post-hook 'rc-service nginx reload'
261
262 # Add it to the daily cron
263 echo '#!/bin/sh
264 certbot renew --cert-name yourinstance.tld --webroot -w /var/lib/letsencrypt/ --post-hook "rc-service nginx reload"
265 ' > /etc/periodic/daily/renew-pleroma-cert
266 chmod +x /etc/periodic/daily/renew-pleroma-cert
267
268 # If everything worked the output should contain /etc/cron.daily/renew-pleroma-cert
269 run-parts --test /etc/periodic/daily
270 ```
271
272 === "Debian/Ubuntu"
273 ```
274 # Restart nginx
275 systemctl restart nginx
276
277 # Ensure the webroot menthod and post hook is working
278 certbot renew --cert-name yourinstance.tld --webroot -w /var/lib/letsencrypt/ --dry-run --post-hook 'systemctl reload nginx'
279
280 # Add it to the daily cron
281 echo '#!/bin/sh
282 certbot renew --cert-name yourinstance.tld --webroot -w /var/lib/letsencrypt/ --post-hook "systemctl reload nginx"
283 ' > /etc/cron.daily/renew-pleroma-cert
284 chmod +x /etc/cron.daily/renew-pleroma-cert
285
286 # If everything worked the output should contain /etc/cron.daily/renew-pleroma-cert
287 run-parts --test /etc/cron.daily
288 ```
289
290 ## Create your first user and set as admin
291 ```sh
292 cd /opt/pleroma
293 su pleroma -s $SHELL -lc "./bin/pleroma_ctl user new joeuser joeuser@sld.tld --admin"
294 ```
295 This will create an account withe the username of 'joeuser' with the email address of joeuser@sld.tld, and set that user's account as an admin. This will result in a link that you can paste into the browser, which logs you in and enables you to set the password.
296
297 ## Further reading
298
299 {! backend/installation/further_reading.include !}
300
301 ## Questions
302
303 Questions about the installation or didn’t it work as it should be, ask in [#pleroma:libera.chat](https://matrix.to/#/#pleroma:libera.chat) via Matrix or **#pleroma** on **libera.chat** via IRC, you can also [file an issue on our Gitlab](https://git.pleroma.social/pleroma/pleroma-support/issues/new).
Fork of https://akkoma.dev/AkkomaGang/akkoma.git