honkoma/docs/installation/alpine_linux_en.md

6.8 KiB
Raw Permalink Blame History

Installing on Alpine Linux

{! backend/installation/otp_vs_from_source_source.include !}

Installation

This guide is a step-by-step installation guide for Alpine Linux. The instructions were verified against Alpine v3.10 standard image. You might miss additional dependencies if you use netboot instead.

It assumes that you have administrative rights, either as root or a user with sudo permissions. If you want to run this guide with root, ignore the sudo at the beginning of the lines, unless it calls a user like sudo -Hu pleroma; in this case, use su -l <username> -s $SHELL -c 'command' instead.

{! backend/installation/generic_dependencies.include !}

Prepare the system

  • The community repository must be enabled in /etc/apk/repositories. Depending on which version and mirror you use this looks like http://alpine.42.fr/v3.10/community. If you autogenerated the mirror during installation:
awk 'NR==2' /etc/apk/repositories | sed 's/main/community/' | tee -a /etc/apk/repositories
  • Then update the system, if not already done:
sudo apk update
sudo apk upgrade
  • Install some tools, which are needed later:
sudo apk add git build-base cmake file-dev

Install Elixir and Erlang

  • Install Erlang and Elixir:
sudo apk add erlang erlang-runtime-tools erlang-xmerl elixir
  • Install erlang-eldap if you want to enable ldap authenticator
sudo apk add erlang-eldap

Install PostgreSQL

  • Install Postgresql server:
sudo apk add postgresql postgresql-contrib
  • Initialize database:
sudo /etc/init.d/postgresql start
  • Enable and start postgresql server:
sudo rc-update add postgresql

Install media / graphics packages (optional, see docs/installation/optional/media_graphics_packages.md)

sudo apk add ffmpeg imagemagick exiftool

Install PleromaBE

  • Add a new system user for the Pleroma service:
sudo addgroup pleroma
sudo adduser -S -s /bin/false -h /opt/pleroma -H -G pleroma pleroma

Note: To execute a single command as the Pleroma system user, use sudo -Hu pleroma command. You can also switch to a shell by using sudo -Hu pleroma $SHELL. If you dont have and want sudo on your system, you can use su as root user (UID 0) for a single command by using su -l pleroma -s $SHELL -c 'command' and su -l pleroma -s $SHELL for starting a shell.

  • Git clone the PleromaBE repository and make the Pleroma user the owner of the directory:
sudo mkdir -p /opt/pleroma
sudo chown -R pleroma:pleroma /opt/pleroma
sudo -Hu pleroma git clone -b stable https://git.pleroma.social/pleroma/pleroma /opt/pleroma
  • Change to the new directory:
cd /opt/pleroma
  • Install the dependencies for Pleroma and answer with yes if it asks you to install Hex:
sudo -Hu pleroma mix deps.get
  • Generate the configuration: sudo -Hu pleroma MIX_ENV=prod mix pleroma.instance gen

    • Answer with yes if it asks you to install rebar3.
    • This may take some time, because parts of pleroma get compiled first.
    • After that it will ask you a few questions about your instance and generates a configuration file in config/generated_config.exs.
  • Check the configuration and if all looks right, rename it, so Pleroma will load it (prod.secret.exs for productive instance, dev.secret.exs for development instances):

sudo -Hu pleroma mv config/{generated_config.exs,prod.secret.exs}
  • The previous command creates also the file config/setup_db.psql, with which you can create the database:
sudo -Hu postgres psql -f config/setup_db.psql
  • Now run the database migration:
sudo -Hu pleroma MIX_ENV=prod mix ecto.migrate
  • Now you can start Pleroma already
sudo -Hu pleroma MIX_ENV=prod mix phx.server

Finalize installation

If you want to open your newly installed instance to the world, you should run nginx or some other webserver/proxy in front of Pleroma and you should consider to create an OpenRC service file for Pleroma.

Nginx

  • Install nginx, if not already done:
sudo apk add nginx
  • Setup your SSL cert, using your method of choice or certbot. If using certbot, first install it:
sudo apk add certbot

and then set it up:

sudo mkdir -p /var/lib/letsencrypt/
sudo certbot certonly --email <your@emailaddress> -d <yourdomain> --standalone

If that doesnt work, make sure, that nginx is not already running. If it still doesnt work, try setting up nginx first (change ssl “on” to “off” and try again).

  • Copy the example nginx configuration to the nginx folder
sudo cp /opt/pleroma/installation/pleroma.nginx /etc/nginx/conf.d/pleroma.conf
  • Before starting nginx edit the configuration and change it to your needs. You must change change server_name and the paths to the certificates. You can use nano (install with apk add nano if missing).
server {
    server_name    your.domain;
    listen         80;
    ...
}

server {
    server_name your.domain;
    listen 443 ssl http2;
    ...
    ssl_trusted_certificate   /etc/letsencrypt/live/your.domain/chain.pem;
    ssl_certificate           /etc/letsencrypt/live/your.domain/fullchain.pem;
    ssl_certificate_key       /etc/letsencrypt/live/your.domain/privkey.pem;
    ...
}
  • (Strongly recommended) serve media on another domain

Refer to the Hardening your instance document on how to serve media on another domain. We STRONGLY RECOMMEND you to do this to minimize attack vectors.

  • Enable and start nginx:
sudo rc-update add nginx
sudo service nginx start

If you need to renew the certificate in the future, uncomment the relevant location block in the nginx config and run:

sudo certbot certonly --email <your@emailaddress> -d <yourdomain> --webroot -w /var/lib/letsencrypt/

OpenRC service

  • Copy example service file:
sudo cp /opt/pleroma/installation/init.d/pleroma /etc/init.d/pleroma
  • Make sure to start it during the boot
sudo rc-update add pleroma

Create your first user

If your instance is up and running, you can create your first user with administrative rights with the following task:

sudo -Hu pleroma MIX_ENV=prod mix pleroma.user new <username> <your@emailaddress> --admin

Further reading

{! backend/installation/further_reading.include !}

Questions

Questions about the installation or didnt it work as it should be, ask in #pleroma:libera.chat via Matrix or #pleroma on libera.chat via IRC.