From f722bd2387df9163760014e9555928ec487ae95f Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Tue, 4 Apr 2017 00:53:20 +0200 Subject: Separate background jobs into different queues. ATTENTION: new queue "pull" must be added to the Sidekiq invokation in your systemd file The pull queue will handle link crawling, thread resolving, and OStatus processing. Such tasks are more likely to hang for a longer time (due to network requests) so it is more sensible to not make the "in-house" tasks wait for them. --- docs/Running-Mastodon/Production-guide.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs/Running-Mastodon') diff --git a/docs/Running-Mastodon/Production-guide.md b/docs/Running-Mastodon/Production-guide.md index f0dd7bd2b..469fefa94 100644 --- a/docs/Running-Mastodon/Production-guide.md +++ b/docs/Running-Mastodon/Production-guide.md @@ -180,7 +180,7 @@ User=mastodon WorkingDirectory=/home/mastodon/live Environment="RAILS_ENV=production" Environment="DB_POOL=5" -ExecStart=/home/mastodon/.rbenv/shims/bundle exec sidekiq -c 5 -q default -q mailers -q push +ExecStart=/home/mastodon/.rbenv/shims/bundle exec sidekiq -c 5 -q default -q mailers -q pull -q push TimeoutSec=15 Restart=always -- cgit From c22388fc792c171dda9c3f80b16b5ae302cd4806 Mon Sep 17 00:00:00 2001 From: walfie Date: Tue, 4 Apr 2017 00:00:56 -0400 Subject: Fix typo in Heroku guide --- docs/Running-Mastodon/Heroku-guide.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs/Running-Mastodon') diff --git a/docs/Running-Mastodon/Heroku-guide.md b/docs/Running-Mastodon/Heroku-guide.md index 799b8a64c..b66e56200 100644 --- a/docs/Running-Mastodon/Heroku-guide.md +++ b/docs/Running-Mastodon/Heroku-guide.md @@ -8,6 +8,6 @@ Mastodon can theoretically run indefinitely on a free [Heroku](https://heroku.co 1. Click the above button. 2. Fill in the options requested. * You can use a .herokuapp.com domain, which will be simple to set up, or you can use a custom domain. If you want a custom domain and HTTPS, you will need to upgrade to a paid plan (to use Heroku's SSL features), or set up [CloudFlare](https://cloudflare.com) who offer free "Flexible SSL" (note: CloudFlare have some undefined limits on WebSockets. So far, no one has reported hitting concurrent connection limits). - * You will want Amazon S3 for file storage. The only exception is for development purposes, where you may not care if files are not saaved. Follow a guide online for creating a free Amazon S3 bucket and Access Key, then enter the details. + * You will want Amazon S3 for file storage. The only exception is for development purposes, where you may not care if files are not saved. Follow a guide online for creating a free Amazon S3 bucket and Access Key, then enter the details. * If you want your Mastodon to be able to send emails, configure SMTP settings here (or later). Consider using [Mailgun](https://mailgun.com) or similar, who offer free plans that should suit your interests. 3. Deploy! The app should be set up, with a working web interface and database. You can change settings and manage versions from the Heroku dashboard. -- cgit From 665ec615e30274bc10307ba9e56d37e3f9836f03 Mon Sep 17 00:00:00 2001 From: Angristan Date: Tue, 4 Apr 2017 15:57:37 +0200 Subject: Missing quotes --- docs/Running-Mastodon/Production-guide.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs/Running-Mastodon') diff --git a/docs/Running-Mastodon/Production-guide.md b/docs/Running-Mastodon/Production-guide.md index 469fefa94..1fba2025b 100644 --- a/docs/Running-Mastodon/Production-guide.md +++ b/docs/Running-Mastodon/Production-guide.md @@ -132,7 +132,7 @@ Fill in the important data, like host/port of the redis database, host/port/user rake secret -To get a random string. If you are setting up on one single server (most likely), then REDIS_HOST is localhost and `DB_HOST` is `/var/run/postgresql`, `DB_USER` is `mastodon` and `DB_NAME` is `mastodon_production` while `DB_PASS` is empty because this setup will use the ident authentication method (system user "mastodon" maps to postgres user "mastodon"). +To get a random string. If you are setting up on one single server (most likely), then `REDIS_HOST` is localhost and `DB_HOST` is `/var/run/postgresql`, `DB_USER` is `mastodon` and `DB_NAME` is `mastodon_production` while `DB_PASS` is empty because this setup will use the ident authentication method (system user "mastodon" maps to postgres user "mastodon"). ## Setup -- cgit From 2fcf8d79ad3e7051e0089741ed00ec0eff0de637 Mon Sep 17 00:00:00 2001 From: Angristan Date: Tue, 4 Apr 2017 17:23:56 +0200 Subject: Fix crontab edit Missing -u parameter to specify the mastodon user. --- docs/Running-Mastodon/Production-guide.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs/Running-Mastodon') diff --git a/docs/Running-Mastodon/Production-guide.md b/docs/Running-Mastodon/Production-guide.md index 469fefa94..2c8db20b7 100644 --- a/docs/Running-Mastodon/Production-guide.md +++ b/docs/Running-Mastodon/Production-guide.md @@ -221,7 +221,7 @@ I recommend creating a couple cronjobs for the following tasks: You may want to run `which bundle` first and copypaste that full path instead of simply `bundle` in the above commands because cronjobs usually don't have all the paths set. The time and intervals of when to run these jobs are up to you, but once every day should be enough for all. -You can edit the cronjob file for the `mastodon` user by running `sudo crontab -e mastodon` (outside of the mastodon user). +You can edit the cronjob file for the `mastodon` user by running `sudo crontab -e -u mastodon` (outside of the mastodon user). ## Things to look out for when upgrading Mastodon -- cgit From 6091b9b1a965ae5c1751627ee29c7db95643fcfe Mon Sep 17 00:00:00 2001 From: Angristan Date: Tue, 4 Apr 2017 19:23:53 +0200 Subject: Add file package If the file package is not installed, we get "Validation failed: File has contents that are not what they are reported to be" when upload media. --- docs/Running-Mastodon/Production-guide.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs/Running-Mastodon') diff --git a/docs/Running-Mastodon/Production-guide.md b/docs/Running-Mastodon/Production-guide.md index 469fefa94..a70f174d4 100644 --- a/docs/Running-Mastodon/Production-guide.md +++ b/docs/Running-Mastodon/Production-guide.md @@ -76,7 +76,7 @@ It is recommended to create a special user for mastodon on the server (you could ## General dependencies curl -sL https://deb.nodesource.com/setup_4.x | sudo bash - - sudo apt-get install imagemagick ffmpeg libpq-dev libxml2-dev libxslt1-dev nodejs + sudo apt-get install imagemagick ffmpeg libpq-dev libxml2-dev libxslt1-dev nodejs file sudo npm install -g yarn ## Redis -- cgit From dcda852b5ff8cc894b384c30f69d66990ee61993 Mon Sep 17 00:00:00 2001 From: Nope Nope Date: Tue, 4 Apr 2017 20:45:32 +0200 Subject: typo in admin doc s/rails/rake/ --- docs/Running-Mastodon/Administration-guide.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs/Running-Mastodon') diff --git a/docs/Running-Mastodon/Administration-guide.md b/docs/Running-Mastodon/Administration-guide.md index af78f6235..dd69eb303 100644 --- a/docs/Running-Mastodon/Administration-guide.md +++ b/docs/Running-Mastodon/Administration-guide.md @@ -7,7 +7,7 @@ So, you have a working Mastodon instance... now what? The following rake task: - rails mastodon:make_admin USERNAME=alice + rake mastodon:make_admin USERNAME=alice Would turn the local user "alice" into an admin. -- cgit From 1e5a1b9abd9dca06e19651f80923249b09bcc847 Mon Sep 17 00:00:00 2001 From: Udo Kramer Date: Tue, 4 Apr 2017 23:45:29 +0200 Subject: Update Production-guide.md --- docs/Running-Mastodon/Production-guide.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs/Running-Mastodon') diff --git a/docs/Running-Mastodon/Production-guide.md b/docs/Running-Mastodon/Production-guide.md index 469fefa94..ffe42b411 100644 --- a/docs/Running-Mastodon/Production-guide.md +++ b/docs/Running-Mastodon/Production-guide.md @@ -112,7 +112,7 @@ Then once `rbenv` is ready, run `rbenv install 2.3.1` to install the Ruby versio You need the `git-core` package installed on your system. If it is so, from the `mastodon` user: cd ~ - git clone https://github.com/Gargron/mastodon.git live + git clone https://github.com/tootsuite/mastodon.git live cd live Then you can proceed to install project dependencies: -- cgit From 04225ed72e4778c62c78af183f7110c667f1b667 Mon Sep 17 00:00:00 2001 From: Ash Furrow Date: Tue, 4 Apr 2017 18:45:24 -0400 Subject: Adds instructions for adding admin users. --- docs/Running-Mastodon/Heroku-guide.md | 2 ++ 1 file changed, 2 insertions(+) (limited to 'docs/Running-Mastodon') diff --git a/docs/Running-Mastodon/Heroku-guide.md b/docs/Running-Mastodon/Heroku-guide.md index b66e56200..cd92a8bfd 100644 --- a/docs/Running-Mastodon/Heroku-guide.md +++ b/docs/Running-Mastodon/Heroku-guide.md @@ -11,3 +11,5 @@ Mastodon can theoretically run indefinitely on a free [Heroku](https://heroku.co * You will want Amazon S3 for file storage. The only exception is for development purposes, where you may not care if files are not saved. Follow a guide online for creating a free Amazon S3 bucket and Access Key, then enter the details. * If you want your Mastodon to be able to send emails, configure SMTP settings here (or later). Consider using [Mailgun](https://mailgun.com) or similar, who offer free plans that should suit your interests. 3. Deploy! The app should be set up, with a working web interface and database. You can change settings and manage versions from the Heroku dashboard. + +You may need to use the `heroku` CLI application to modify the database directly to give yourself administration rights. -- cgit From dd441606aae48a08ec76ae26383c3e3738254a1a Mon Sep 17 00:00:00 2001 From: Ash Furrow Date: Tue, 4 Apr 2017 20:53:31 -0400 Subject: Updates instructions. --- docs/Running-Mastodon/Heroku-guide.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs/Running-Mastodon') diff --git a/docs/Running-Mastodon/Heroku-guide.md b/docs/Running-Mastodon/Heroku-guide.md index cd92a8bfd..0de26230c 100644 --- a/docs/Running-Mastodon/Heroku-guide.md +++ b/docs/Running-Mastodon/Heroku-guide.md @@ -12,4 +12,4 @@ Mastodon can theoretically run indefinitely on a free [Heroku](https://heroku.co * If you want your Mastodon to be able to send emails, configure SMTP settings here (or later). Consider using [Mailgun](https://mailgun.com) or similar, who offer free plans that should suit your interests. 3. Deploy! The app should be set up, with a working web interface and database. You can change settings and manage versions from the Heroku dashboard. -You may need to use the `heroku` CLI application to modify the database directly to give yourself administration rights. +You may need to use the `heroku` CLI application to run `USERNAME=yourUsername rails mastodon:make_admin` to make yourself an admin. -- cgit From fa7b74cf51e2b5c7c60aaf3ec529ba2292450d7b Mon Sep 17 00:00:00 2001 From: Jason Snell Date: Tue, 4 Apr 2017 18:43:21 -0700 Subject: SSL best practices for nginx --- docs/Running-Mastodon/Production-guide.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'docs/Running-Mastodon') diff --git a/docs/Running-Mastodon/Production-guide.md b/docs/Running-Mastodon/Production-guide.md index b1f7bd35b..d539ddf64 100644 --- a/docs/Running-Mastodon/Production-guide.md +++ b/docs/Running-Mastodon/Production-guide.md @@ -11,10 +11,22 @@ map $http_upgrade $connection_upgrade { '' close; } +server { + listen 80; + listen [::]:80; + server_name example.com; + return 301 https://$host$request_uri; +} + server { listen 443 ssl; server_name example.com; + ssl_protocols TLSv1.2; + ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; + ssl_prefer_server_ciphers on; + ssl_session_cache shared:SSL:10m; + ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; -- cgit From 5dbcd92193f45d71629e261cc264725d59f2ea6c Mon Sep 17 00:00:00 2001 From: Angristan Date: Wed, 5 Apr 2017 10:44:08 +0200 Subject: ECDH only Disable DHE ciphers. We don't loose any compatibility as we already use TLS 1.2, and ECDH is faster and safer. Also, it's better so specify the curve. This is the conf I use here : https://tls.imirhil.fr/https/mstdn.io --- docs/Running-Mastodon/Production-guide.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'docs/Running-Mastodon') diff --git a/docs/Running-Mastodon/Production-guide.md b/docs/Running-Mastodon/Production-guide.md index d539ddf64..3912fd2ba 100644 --- a/docs/Running-Mastodon/Production-guide.md +++ b/docs/Running-Mastodon/Production-guide.md @@ -23,7 +23,8 @@ server { server_name example.com; ssl_protocols TLSv1.2; - ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; + ssl_ciphers EECDH+AESGCM:EECDH+AES; + ssl_ecdh_curve secp384r1; ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:10m; -- cgit From 5ed2de6be2f3003be4422a659bdd7ab96803adf0 Mon Sep 17 00:00:00 2001 From: Angristan Date: Wed, 5 Apr 2017 14:11:08 +0200 Subject: Add git and curl as dependencies In some VPS templates, they are not installed by default. --- docs/Running-Mastodon/Production-guide.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'docs/Running-Mastodon') diff --git a/docs/Running-Mastodon/Production-guide.md b/docs/Running-Mastodon/Production-guide.md index 3912fd2ba..90e9c0dea 100644 --- a/docs/Running-Mastodon/Production-guide.md +++ b/docs/Running-Mastodon/Production-guide.md @@ -88,8 +88,9 @@ It is recommended to create a special user for mastodon on the server (you could ## General dependencies + sudo apt-get install imagemagick ffmpeg libpq-dev libxml2-dev libxslt1-dev nodejs file git curl curl -sL https://deb.nodesource.com/setup_4.x | sudo bash - - sudo apt-get install imagemagick ffmpeg libpq-dev libxml2-dev libxslt1-dev nodejs file + apt-get intall nodejs sudo npm install -g yarn ## Redis -- cgit From d6bab0c71cd94bff4f775b79a55493b6e02215a0 Mon Sep 17 00:00:00 2001 From: Jonathan Hurter Date: Wed, 5 Apr 2017 16:00:48 +0200 Subject: Add doc --- README.md | 2 ++ docs/Running-Mastodon/Scalingo-guide.md | 13 +++++++++++++ 2 files changed, 15 insertions(+) create mode 100644 docs/Running-Mastodon/Scalingo-guide.md (limited to 'docs/Running-Mastodon') diff --git a/README.md b/README.md index fde4df6bb..db60b66f7 100644 --- a/README.md +++ b/README.md @@ -121,6 +121,8 @@ Docker is great for quickly trying out software, but it has its drawbacks too. I [![Deploy on Scalingo](https://cdn.scalingo.com/deploy/button.svg)](https://my.scalingo.com/deploy?source=https://github.com/tootsuite/mastodon#master) +[You can view a guide for deployment on Scalingo here.](docs/Running-Mastodon/Scalingo-guide.md) + ## Deployment on Heroku (experimental) [![Deploy](https://www.herokucdn.com/deploy/button.svg)](https://heroku.com/deploy) diff --git a/docs/Running-Mastodon/Scalingo-guide.md b/docs/Running-Mastodon/Scalingo-guide.md new file mode 100644 index 000000000..6552056a8 --- /dev/null +++ b/docs/Running-Mastodon/Scalingo-guide.md @@ -0,0 +1,13 @@ +Scalingo guide +============== + +[![Deploy on Scalingo](https://cdn.scalingo.com/deploy/button.svg)](https://my.scalingo.com/deploy?source=https://github.com/tootsuite/mastodon#master) + +1. Click the above button. +2. Fill in the options requested. + * You can use a .scalingo.io domain, which will be simple to set up, or you can use a custom domain. + * You will want Amazon S3 for file storage. The only exception is for development purposes, where you may not care if files are not saved. Follow a guide online for creating a free Amazon S3 bucket and Access Key, then enter the details. + * If you want your Mastodon to be able to send emails, configure SMTP settings here (or later). Consider using [Mailgun](https://mailgun.com) or similar, who offer free plans that should suit your interests. +3. Deploy! The app should be set up, with a working web interface and database. You can change settings and manage versions from the Heroku dashboard. + +You may need to use the `scalingo` CLI application to run `USERNAME=yourUsername rails mastodon:make_admin` to make yourself an admin. -- cgit