Black Rocks Social News

It's been a few months since I've set up my own Mastodon server, and so I wanted to write a quick note about what I found easy, what was not so easy, and what broke. I'm going to try to describe the technical steps in an accessible way, but if anything needs clarification feel free to toot @ me about it.

Resources I used to get going are listed at the end.

Determining server size, choosing a host

Because I wanted to keep all my infrastructure in Canada (for simplicity) and use a hosting service that used renewable energy (for the good of the planet), I would not be able to use the simpler hosting options presented in the setup documentation and would instead be installing from source.

Installing from source in this case means downloading the mastodon code onto the server computer and building it myself. Since I'm a developer, this was an appealing option for me anyways, but it definitely added to the number of steps.

The server I ended up buying is located in Quebec, which recently became the first province to ban oil and gas development, and is with a company that uses the province's hydro power for their data warehouse operations. In terms of server size, I went with 4 CPU cores, 4gb memory and 50gb of SSD storage.

A month in this has been working well for our small 3 user instance, but I did go with a scalable option so that it's easy to scale up as needed. The server filesystem stores uploads right now.

If your server does not have key based ssh login setup

This is something I ran into, and I followed this digital ocean guide to set up key based auth and disable password auth. My only addendum to the post is make sure key based auth is working before disabling password auth!

If your server has apache installed

Disable it using the following:

systemctl disable apache2

Before I did this, if my server restarted apache would spin up before NGINX on boot and steal the ports. This has been the only source of outages for me so far.

Additional services I set up

Backups

I use Amazon S3's free tier for backups only; setting up daily server backups was something I initially struggled to find resources on, and I ended up uses HasHooves' script as my starting point. It's worked great!

CDN

I have the domain set up with cloudflare to protect the server's IP address behind their dns tunneling, and to add a layer of protection in front of the instance.

SMTP relay for sending emails

I actually did not have this set up until I started running into issues with email sending during the configuration wizard step. I recommend you make sure you have this set up beforehand as the Mastodon documentation mentions it in the pre-req list.

I followed this guide to get my instance sending emails; note that sendinblue is now named Brevo, and I don't think this is a perfect solution as all the emails are marked as spam in spite of the authentication records. I'm hoping to fix that.

Setting up NGINX & cert generation

This was the trickiest step for me, and the solution was outlined in this Github issue. Here are the steps (copied from the issue) that you should do before you copy the NGINX configuration template Mastodon provides:

1. Run certbot certonly --nginx -d example.com where example.com is replaced with whatever your instance domain is.

2. Copy (or re-enable) the configuration template for nginx per the instructions

3. Uncomment the ssl_certificate and ssl_certificate_key lines in /etc/nginx/sites-enabled/mastodon

4. run nginx -t to test the config, and systemctl reload nginx to reload it

You may need to wait some time for SSL to propagate properly, so if you're having trouble with the cert generation don't be afraid to sleep on it!

Saving disk space on the server

First, I don't use tons of relays because those can/do pull in a lot more posts from bigger instances.

That being said, I did follow this blog post by Ricard Torresto set up some regular tootctl cron tasks.

Because I haven't run into any issues yet, I don't have much in the ways of my own findings for this section...yet! I imagine I'll need to take some of the advice in the official documentationshould the instance membership grow.

What's next for me

I want to set up a heartbeat alert that will allow me to know when the site is down as soon as possible, as well as additional logging/observability and to fix the email from going to spam.

I'm still figuring out federation, moderation, etc.

Misc Resources used throughout this process

• https://github.com/FediFence/fedifence: I use this as a reference for moderation and keeping my instance as safe as a space as possible while I learn how to be a service provider.

• https://fedi.tips/ is great for admins and users alike

• https://github.com/HasHooves/mastodon-backup: This script is what I used to setup my backups to s3.