it's still having trouble fetching stored images for some reason
3.7 KiB
Fediverse VMs
This repo is, for now, an attempt to familiarize myself with NixOS options for Fediverse applications, and build up a configuration layer that will set most of the relevant options for you (in a semi-opinionated way) given some high-level configuration. This is in the same vein as nixos-mailserver.
Eventually, this will be tailored to high-throughput multi-machine setups. For now, it's just a small configuration to run in VMs.
Running the VMs
you can build a VM using
nixos-rebuild build-vm --flake .#<vm_name>
where <vm_name>
is one of mastodon
, peertube
, pixelfed
, or all
and then run it with
./result/bin/run-nixos-vm
You can then access the apps on your local machine (using the magic of port forwarding) at the following addresses
-
Mastodon: http://mastodon.localhost:55001
- You will have to "accept the security risk"
- It may take a minute for the webpage to come online. Until then you will see "502 Bad Gateway"
- (NOTE: currently broken) email sent from the mastodon instance (e.g. for setting up an account) will be accessible at https://mastodon.localhost:55001/letter_opener
- You can also create accounts on the machine itself by running
mastodon-tootctl accounts create <name> --email <email> --confirmed --approve
-
PeerTube: http://peertube.localhost:9000
- The root account can be accessed with username "root". The password can be obtained by running the following command on the VM:
journalctl -u peertube | perl -ne '/password: (.*)/ && print $1'
- Creating other accounts has to be enabled via the admin interface.
Administration > Configuration > Basic > Enable Signup
or just add an account directly fromAdministration > Create user
. But functionality can also be tested from the root account.
- The root account can be accessed with username "root". The password can be obtained by running the following command on the VM:
debugging notes
- it is sometimes useful to
cat result/bin/run-nixos-vm
to see what's really going on (e.g. which ports are getting forwarded) - relevant systemd services:
- mastodon-web.service
- peertube.service
- unclear yet which pixelfed services are useful
- you can ssh to the machine using
ssh -p 2222 root@localhost
TODOs
- set up a domain name and a DNS service so we can do deploy this to an actual machine
- set up an email service
- add logging
- errors / logs
- performance
- switch to garage / s3 storage
- decouple the postgres database from this machine
- test with high use / throughput
- configure scaling behaviour
- remove the need for "accept security risk" dialogue if possible
- development environment does not work seamlessly.
- don't require proxy server
- either forward 443 directly, or get mastodon to accept connections on a different port (maybe 3000? see development environment documentation)
- get letter_opener working
- share resources (e.g. s3 storage) between the services
- get garage running on another machine
- get garage replication running (multiple machines)
questions
- what is meant to be shared between instances?
- this is relevant to the security model. If garage is being shared between instances, we have to be careful having configurations depend on each other.
resources
-
Tutorial for setting up better logging: https://krisztianfekete.org/self-hosting-mastodon-on-nixos-a-proof-of-concept/
-
Setting up development environment: https://docs.joinmastodon.org/dev/setup/
-
Tutorial for PeerTube that doesn't use
createLocally
: https://nixos.wiki/wiki/PeerTube