Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- apt -y install tmux
- apt -y install curl
- curl -sL https://deb.nodesource.com/setup_6.x | bash -
- curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add -
- echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list
- apt update
- apt -y install imagemagick ffmpeg libpq-dev libxml2-dev libxslt1-dev file git-core g++ libprotobuf-dev protobuf-compiler pkg-config nodejs gcc autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm3 libgdbm-dev nginx redis-server redis-tools postgresql postgresql-contrib letsencrypt yarn libidn11-dev libicu-dev
- adduser mastodon
- sudo su - mastodon
- git clone https://github.com/rbenv/rbenv.git ~/.rbenv
- cd ~/.rbenv && src/configure && make -C src
- echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> ~/.bashrc
- echo 'eval "$(rbenv init -)"' >> ~/.bashrc
- exec bash
- type rbenv
- git clone https://github.com/rbenv/ruby-build.git ~/.rbenv/plugins/ruby-build
- rbenv install 2.4.2
- rbenv global 2.4.2
- cd ~
- git clone https://github.com/tootsuite/mastodon.git live
- cd ~/live
- git checkout $(git tag -l | grep -v 'rc[0-9]*$' | sort -V | tail -n 1)
- gem install bundler
- bundle install --deployment --without development test
- yarn install --pure-lockfile
- su
- sudo -u postgres psql
- CREATE USER mastodon CREATEDB;
- \q
- cd /etc/nginx/sites-available
- vi /etc/nginx/sites-available/kemoshi.co.conf
- ----
- map $http_upgrade $connection_upgrade {
- default upgrade;
- '' close;
- }
- server {
- listen 80;
- listen [::]:80;
- server_name kemoshi.co;
- root /home/mastodon/live/public;
- # Useful for Let's Encrypt
- location /.well-known/acme-challenge/ { allow all; }
- location / { return 301 https://$host$request_uri; }
- }
- server {
- listen 443 ssl http2;
- listen [::]:443 ssl http2;
- server_name kemoshi.co;
- ####################
- # SECURITY WARNING #
- ####################
- #
- # Providing a state of the art TLS configuration
- # is beyond the scope of this documentation.
- #
- # You need to replace this comment with a proper
- # ssl configuration template for nginx.
- #
- # If you don't know were to start, you can get one here :
- # https://mozilla.github.io/server-side-tls/ssl-config-generator/
- #
- # This configuration file won't work without ssl configuration directives.
- keepalive_timeout 70;
- sendfile on;
- client_max_body_size 0;
- root /home/mastodon/live/public;
- gzip on;
- gzip_disable "msie6";
- gzip_vary on;
- gzip_proxied any;
- gzip_comp_level 6;
- gzip_buffers 16 8k;
- gzip_http_version 1.1;
- gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
- location / {
- try_files $uri @proxy;
- }
- location ~ ^/(emoji|packs|system/accounts/avatars|system/media_attachments/files) {
- add_header Cache-Control "public, max-age=31536000, immutable";
- try_files $uri @proxy;
- }
- location /sw.js {
- add_header Cache-Control "public, max-age=0";
- try_files $uri @proxy;
- }
- location @proxy {
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Proto https;
- proxy_set_header Proxy "";
- proxy_pass_header Server;
- proxy_pass http://127.0.0.1:3000;
- proxy_buffering off;
- proxy_redirect off;
- proxy_http_version 1.1;
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection $connection_upgrade;
- tcp_nodelay on;
- }
- location /api/v1/streaming {
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Proto https;
- proxy_set_header Proxy "";
- proxy_pass http://127.0.0.1:4000;
- proxy_buffering off;
- proxy_redirect off;
- proxy_http_version 1.1;
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection $connection_upgrade;
- tcp_nodelay on;
- }
- error_page 500 501 502 503 504 /500.html;
- }
- ----
- cd /etc/nginx/sites-enabled
- ln -s ../sites-available/kemoshi.co.conf
- systemctl stop nginx
- letsencrypt certonly --standalone -d kemoshi.co
- systemctl start nginx
- letsencrypt certonly --webroot -d kemoshi.co -w /home/mastodon/live/public/
- vi /etc/cron.daily/letsencrypt-renew
- ----
- letsencrypt renew
- systemctl reload nginx
- ----
- chmod +x /etc/cron.daily/letsencrypt-renew
- systemctl restart cron
- ----
- sudo su - mastodon
- cd ~/live
- cp .env.production.sample .env.production
- vi .env.production
- ----
- # Your Redis host
- REDIS_HOST=127.0.0.1
- # Your Redis port
- REDIS_PORT=6379
- # Your PostgreSQL host
- DB_HOST=/var/run/postgresql
- # Your PostgreSQL user
- DB_USER=mastodon
- # Your PostgreSQL DB name
- DB_NAME=mastodon_production
- # Leave DB password empty
- DB_PASS=Krmt.k2011po
- # Your DB_PORT
- DB_PORT=5432
- # Your instance's domain
- LOCAL_DOMAIN=mstdn.kemoshi.co
- # We have HTTPS enabled
- LOCAL_HTTPS=true
- # Application secrets
- # Generate each with `RAILS_ENV=production bundle exec rake secret`
- PAPERCLIP_SECRET=
- SECRET_KEY_BASE=
- OTP_SECRET=
- # Web Push VAPID keys
- # Generate with `RAILS_ENV=production bundle exec rake mastodon:webpush:generate_vapid_key`
- VAPID_PRIVATE_KEY=
- VAPID_PUBLIC_KEY=
- # All SMTP details, Mailgun and Sparkpost have free tiers
- SMTP_SERVER=smtp.kemono-friends.xyz
- SMTP_PORT=587
- SMTP_LOGIN=confirm_kemoshi.co@kemono-friends.xyz
- SMTP_PASSWORD=krmt#k2011po
- SMTP_FROM_ADDRESS=
- ----
- RAILS_ENV=production bundle exec rails db:setup
- RAILS_ENV=production bundle exec rails assets:precompile
Add Comment
Please, Sign In to add comment