2017-06-14 18:56:11 +02:00
---
2017-07-09 16:32:30 +02:00
categories: web social
2017-06-14 18:56:11 +02:00
title: Howto Mastodon
...
2022-11-17 22:17:04 +01:00
* Documentation : < https: // docs . joinmastodon . org />
* Administration : < https: // docs . joinmastodon . org / admin />
2017-06-14 18:56:11 +02:00
2017-07-09 16:32:30 +02:00
[Mastodon ](https://github.com/tootsuite/mastodon ) est un réseau social libre et décentralisé, en alternative à _Twitter_ .
2017-06-14 18:56:11 +02:00
2017-07-09 16:32:30 +02:00
## Installation
2017-06-14 18:56:11 +02:00
2022-11-17 22:17:04 +01:00
Nous installons la version **4.0.2** sous **Debian 11 (Bullseye)** .
2017-06-14 18:56:11 +02:00
2017-12-28 21:25:31 +01:00
Mastodon s'appuie sur Ruby, [NodeJS ](HowtoNodeJS ), [Yarn ](HowtoYarn ), [Nginx ](HowtoNginx ), [Redis ](HowtoRedis ) et [PostgreSQL ](HowtoPostgreSQL ).
2017-06-14 18:56:11 +02:00
2017-07-09 16:32:30 +02:00
On peut installer les dépendances pour Mastodon :
2017-06-14 18:56:11 +02:00
~~~
2017-07-09 16:33:09 +02:00
# apt install nodejs yarn imagemagick ffmpeg libpq-dev libxml2-dev libxslt1-dev file git curl \
2018-01-10 22:25:07 +01:00
g++ libprotobuf-dev protobuf-compiler pkg-config build-essential libreadline-dev libicu-dev \
2018-01-30 22:40:37 +01:00
libidn11-dev libssl-dev libjemalloc-dev
2017-06-14 18:56:11 +02:00
~~~
2017-07-09 16:32:30 +02:00
### Compte UNIX
2017-06-14 18:56:11 +02:00
Créer un compte UNIX *mastodon* :
~~~
# adduser --disabled-login --gecos 'Mastodon App' mastodon
~~~
> **Note** : Assurez-vous d'avoir `DIR_MODE=0750` dans `/etc/adduser.conf` pour créer le home en 750.
2017-07-09 16:32:30 +02:00
### Ruby
2022-11-17 22:17:04 +01:00
Mastodon 4.0.x nécessite Ruby (3.0.4), on le met en place via [rbenv ](HowtoRails#cas-2-utilisation-avec-rbenv-unicorn ) :
2017-07-09 16:32:30 +02:00
~~~
# sudo -iu mastodon
$ git clone https://github.com/rbenv/rbenv.git ~/.rbenv
$ cd ~/.rbenv & & src/configure & & make -C src
$ echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> ~/.bash_profile
$ echo 'eval "$(rbenv init -)"' >> ~/.bash_profile
$ echo 'export RAILS_ENV="production"' >> ~/.bash_profile
$ source ~/.bash_profile
$ git clone https://github.com/rbenv/ruby-build.git ~/.rbenv/plugins/ruby-build
$ cd
2022-11-17 22:17:04 +01:00
$ TMPDIR=~/tmp MAKE_OPTS=-j$(nproc) RUBY_CONFIGURE_OPTS=--with-jemalloc rbenv install 3.0.4
$ rbenv local 3.0.4
2017-07-09 16:32:30 +02:00
~~~
2017-08-07 23:11:39 +02:00
> **Note** : On met la variable d'environnement `RAILS_ENV` dans notre profile bash pour éviter de l'indiquer à chaque commande Ruby/Rails.
2017-07-09 16:32:30 +02:00
### PostgreSQL
2017-06-14 18:56:11 +02:00
2022-11-17 22:17:04 +01:00
Mastodon utilise [PostgreSQL ](HowtoPostgreSQL ). On utilise donc la version 13 de Debian 11 :
2017-06-14 18:56:11 +02:00
~~~
# apt install postgresql postgresql-client libpq-dev postgresql-contrib
~~~
Création de l'utilisateur PostgreSQL :
~~~
# sudo -u postgres createuser mastodon -d -P -R
~~~
> **Note** : On donne les droits CREATEDB car Mastodon doit faire un DROP DATABASE puis CREATE DATABASE lors de l'installation…
2017-07-09 16:32:30 +02:00
> **Note** : Pensez à conserver le mot de passe pour le mettre par la suite (ou pas si utilisation de l'authentification via _ident_).
2017-06-14 18:56:11 +02:00
2017-07-09 16:32:30 +02:00
### Redis
2017-06-14 18:56:11 +02:00
Installation classique :
~~~
# apt install redis-server
~~~
2017-07-09 16:32:30 +02:00
### Mastodon
2017-06-14 18:56:11 +02:00
2017-07-09 16:32:30 +02:00
On clone le repository et installe avec _bundle_ et _yarn_ :
2017-06-15 15:23:14 +02:00
2017-06-14 18:56:11 +02:00
~~~
# sudo -iu mastodon
$ git clone https://github.com/tootsuite/mastodon.git
$ cd mastodon
2022-11-17 22:17:04 +01:00
$ git checkout v4.0.2
2017-06-14 18:56:11 +02:00
$ gem install bundler
$ bundle install --deployment --without development test
$ yarn install --pure-lockfile
$ cp .env.production.sample .env.production
~~~
2017-07-09 16:32:30 +02:00
> Attention, si vous avez un `/home` en `noexec`, il faudra le passer en `exec` pour les processus Ruby et NPM. Au risque d'obtenir ce genre d'erreurs :
>
> ~~~
> npm[2990]: Error: Compilation of µWebSockets has failed and there is no pre-compiled binary available for your system. Please install a > supported C++11 compiler and reinstall the module 'uws'.
> Failed at step EXEC spawning /home/mastodon/.rbenv/shims/bundle: Permission denied
> ~~~
2017-06-14 18:56:11 +02:00
2017-07-09 16:32:30 +02:00
On édite le fichier fichier `.env.production` à notre convenance, voici un exemple :
2017-06-14 18:56:11 +02:00
~~~
REDIS_HOST=127.0.0.1
REDIS_PORT=6379
2022-11-17 22:17:04 +01:00
REDIS_NAMESPACE=instance01
2017-06-14 18:56:11 +02:00
DB_HOST=127.0.0.1
DB_USER=mastodon
DB_NAME=mastodon_production
DB_PASS=PASSWORD
DB_PORT=5432
LOCAL_DOMAIN=mastodon.example.com
LOCAL_HTTPS=true
EMAIL_DOMAIN_WHITELIST=example.com
DEFAULT_LOCALE=fr
SMTP_SERVER=127.0.0.1
SMTP_PORT=25
SMTP_LOGIN=
SMTP_PASSWORD=
SMTP_FROM_ADDRESS=mastodon@mastodon.example.com
#SMTP_DOMAIN= # defaults to LOCAL_DOMAIN
#SMTP_DELIVERY_METHOD=smtp # delivery method can also be sendmail
SMTP_AUTH_METHOD=none
SMTP_OPENSSL_VERIFY_MODE=none
~~~
2018-01-10 22:25:07 +01:00
Génération des clés d'applications et webpush :
~~~
$ echo PAPERCLIP_SECRET=$(bundle exec rake secret) >> .env.production
$ echo SECRET_KEY_BASE=$(bundle exec rake secret) >> .env.production
$ echo OTP_SECRET=$(bundle exec rake secret) >> .env.production
$ bundle exec rake mastodon:webpush:generate_vapid_key >> .env.production
~~~
2017-06-14 18:56:11 +02:00
Initialisation de la base de données :
~~~
2018-01-10 22:25:07 +01:00
$ SAFETY_ASSURED=1 bundle exec rails db:setup
2017-06-14 18:56:11 +02:00
~~~
Compilation des assets :
~~~
$ bundle exec rails assets:precompile
2022-11-17 22:17:04 +01:00
$ chmod -R u=rwX,g=rwX,o=rX /home/mastodon/mastodon/public
2017-06-14 18:56:11 +02:00
~~~
2017-07-09 16:32:30 +02:00
### Unités systemd
2017-06-14 18:56:11 +02:00
Unités systemd à mettre dans /etc/systemd/system
2017-07-09 16:32:30 +02:00
`mastodon-web.service`
2017-06-15 12:35:31 +02:00
2017-06-14 18:56:11 +02:00
~~~
[Unit]
Description=mastodon-web
After=network.target
[Service]
Type=simple
User=mastodon
WorkingDirectory=/home/mastodon/mastodon
Environment="RAILS_ENV=production"
Environment="PORT=3000"
ExecStart=/home/mastodon/.rbenv/shims/bundle exec puma -C config/puma.rb
2018-01-10 22:25:07 +01:00
ExecReload=/bin/kill -SIGUSR1 $MAINPID
2017-06-14 18:56:11 +02:00
TimeoutSec=15
Restart=always
[Install]
WantedBy=multi-user.target
~~~
2017-07-09 16:32:30 +02:00
`mastodon-sidekiq.service`
2017-06-15 12:35:31 +02:00
2017-06-14 18:56:11 +02:00
~~~
[Unit]
Description=mastodon-sidekiq
After=network.target
[Service]
Type=simple
User=mastodon
WorkingDirectory=/home/mastodon/mastodon
Environment="RAILS_ENV=production"
Environment="DB_POOL=5"
ExecStart=/home/mastodon/.rbenv/shims/bundle exec sidekiq -c 5 -q default -q mailers -q pull -q push
TimeoutSec=15
Restart=always
[Install]
WantedBy=multi-user.target
~~~
2017-07-09 16:32:30 +02:00
`mastodon-streaming.service`
2017-06-15 12:35:31 +02:00
2017-06-14 18:56:11 +02:00
~~~
[Unit]
Description=mastodon-streaming
After=network.target
[Service]
Type=simple
User=mastodon
WorkingDirectory=/home/mastodon/mastodon
Environment="NODE_ENV=production"
Environment="PORT=4000"
ExecStart=/usr/bin/npm run start
TimeoutSec=15
Restart=always
[Install]
WantedBy=multi-user.target
~~~
2022-11-17 22:17:04 +01:00
Note : les ports 3000 et 4000 ci-haut devront être changés s'il y a plus d'une instance sur le serveur. On pourra par exemple incrémenter de 1, donc 3001, 4001.
2017-07-09 16:32:30 +02:00
On active et on démarre les unités :
2017-06-14 18:56:11 +02:00
~~~
# systemctl enable mastodon-{web,sidekiq,streaming}
# systemctl start mastodon-{web,sidekiq,streaming}
~~~
2017-07-09 16:32:30 +02:00
### Crontab
2017-06-14 18:56:11 +02:00
~~~
RAILS_ENV=production
2018-01-10 22:25:07 +01:00
@daily cd /home/mastodon/mastodon && /home/mastodon/.rbenv/shims/bundle exec rake mastodon:media:remove_remote
2017-06-14 18:56:11 +02:00
~~~
2022-11-17 22:17:04 +01:00
Note : Depuis la version 4.0.x, il est aussi possible de configurer la durée de vie du cache (médias, etc.) depuis l'interface d'administration (sous Administration -> Paramètres du serveur -> Rétention du contenu).
2017-07-09 16:32:30 +02:00
### Nginx
2017-06-14 18:56:11 +02:00
2017-07-09 16:32:30 +02:00
On utilise [Nginx ](Howtonginx ) :
2017-06-14 18:56:11 +02:00
~~~
2017-06-15 12:35:31 +02:00
# apt install nginx-full
~~~
Exemple de vhost :
~~~
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 80;
listen [::]:80;
server_name example.com;
# Useful for Let's Encrypt
location /.well-known/acme-challenge/ { allow all; }
location / { return 301 https://$host$request_uri; }
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name example.com;
ssl_protocols TLSv1.2;
ssl_ciphers HIGH:!MEDIUM:!LOW:!aNULL:!NULL:!SHA;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
keepalive_timeout 70;
sendfile on;
client_max_body_size 0;
root /home/mastodon/mastodon/public;
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
add_header Strict-Transport-Security "max-age=31536000";
location / {
try_files $uri @proxy ;
}
location ~ ^/(packs|system/media_attachments/files|system/accounts/avatars) {
add_header Cache-Control "public, max-age=31536000, immutable";
try_files $uri @proxy ;
}
location @proxy {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Proxy "";
proxy_pass_header Server;
proxy_pass http://127.0.0.1:3000;
proxy_buffering off;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
tcp_nodelay on;
}
location /api/v1/streaming {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Proxy "";
proxy_pass http://127.0.0.1:4000;
proxy_buffering off;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
tcp_nodelay on;
}
error_page 500 501 502 503 504 /500.html;
}
2017-06-14 18:56:11 +02:00
~~~
2017-07-09 16:32:30 +02:00
> **Note** : La partie SSL/TLS n'est pas évoquée. À vous de faire le nécessaire avec un certificat [Let's Encrypt](HowtoLetsEncrypt) par exemple. N'oubliez donc pas de modifier les directives `ssl_` dans le vhost.
2017-06-14 18:56:11 +02:00
2017-07-09 16:32:30 +02:00
## Mises à jour
2017-06-14 18:56:11 +02:00
Le principe des mises à jour est basé sur un `git pull` et un `git checkout` .
2017-06-15 12:35:31 +02:00
~~~
# sudo -iu mastodon
$ cd mastodon
$ git fetch
2017-06-15 12:39:08 +02:00
$ git checkout < VERSION >
$ bundle install --deployment --without development test
2017-06-15 12:35:31 +02:00
$ yarn install --pure-lockfile
2018-01-30 22:40:37 +01:00
$ bundle exec rails db:migrate
2017-06-15 12:35:31 +02:00
$ bundle exec rails assets:precompile
2019-06-14 13:09:14 +02:00
$ bin/tootctl cache clear
2018-10-08 10:40:01 +02:00
$ chmod -R u=rwX,g=rwX,o=rX /home/mastodon/mastodon/public/{assets,packs}
2017-06-15 12:35:31 +02:00
$ exit
# systemctl restart mastodon-*.service
~~~
2022-11-17 22:17:04 +01:00
> **Note** : Ces commandes génériques ne sont parfois pas suffisantes. Vous devez systématiquement lire les [notes de versions](https://github.com/tootsuite/mastodon/releases/).
2017-06-15 13:09:59 +02:00
2017-06-15 13:44:34 +02:00
2017-07-09 16:32:30 +02:00
## Configuration
Pour restreindre l'inscription à certains domaines de messagerie :
~~~
EMAIL_DOMAIN_WHITELIST=example.com|example.org
~~~
2017-06-15 13:44:34 +02:00
2017-06-15 13:47:49 +02:00
2017-07-09 16:32:30 +02:00
## Utilisation
On peut utiliser différents clients :
2018-03-22 20:45:24 +01:00
- L'interface web via un navigateur ;
- [Mastalab ](https://github.com/stom79/mastalab ) sous Android ;
- [Twidere ](https://github.com/TwidereProject ) sous Android ou iOS ;
- [Amaroq ](https://itunes.apple.com/us/app/amaroq-for-mastodon/id1214116200 ) sous iOS.
2017-07-09 16:32:30 +02:00
## FAQ
### À propos des logs
2018-06-01 10:03:22 +02:00
Mastodon n'a aucun fichier de logs. Les logs sont gérés via la sortie standard et vont donc dans journald. On consultera les logs avec `journalctl -u mastodon-web` (ou `mastodon-sidekiq` ou `mastodon-streaming` ).
2018-02-19 16:10:07 +01:00
2022-11-17 22:17:04 +01:00
### Passer un utilisateur existant en admin
2018-02-19 16:10:07 +01:00
~~~
2022-11-17 22:17:04 +01:00
~/mastodon$ bin/tootctl accounts modify jdoe --role Admin
2018-02-19 16:10:07 +01:00
Congrats! jdoe is now an admin. \o/
~~~
