updates per pull request

This commit is contained in:
Jeff Sikes 2024-04-11 01:02:40 -05:00
parent 9a108132ef
commit 095b0c685d

View file

@ -1,24 +1,16 @@
# Objective # Objective
Install the FediBuzz relay using a virtual machine running Ubuntu Server 22.04.4 LTS. If you are familiar with NixOS/Flakes, then [installing the NixOS module](https://github.com/astro/buzzrelay?tab=readme-ov-file#build) for this is by far the easier route! This guide will provide you with a working relay to test and configure to your liking.
But for those of us unfamiliar with NixOS, here's another option. If you are familiar with NixOS/Flakes, then [installing the NixOS module](https://github.com/astro/buzzrelay?tab=readme-ov-file#build) is by far the easier route!
# Server Configuration If you're not ready to take the NixOS plunge, here's another option to install the FediBuzz relay on server with a recent release of Ubuntu.
My system consisted of the following:
* Router Configured to forward 80, 443 through a firewall to NGINX Proxy Manager
* NGINX Proxy Manager then directs traffic based on the incoming domain name to the appropriate server.
* A ProxMox server with an Ubuntu VM hosting the FediBuzz relay application.
## Hardware ## Hardware
This could be run very cheaply on your preferred hosting site, or on your own home lab. The official buzzrelay is attached to hundreds of instances and has thousands of followers with a configuration similar to the requirements listed below.
* Ubuntu 22.04.4 LTS
* 1 Core * 1 Core
* 1 GB RAM * 1 GB RAM
The official fedi.buzz relay traffics around 330 public instance streams for around 3,500 unique followers (some may have multiple relay requests) as of April 2024 with a similar configuration.
If you're connecting to the fedi.buzz relay and perhaps one or two others on your own relay, this should be more than enough. If you're connecting to the fedi.buzz relay and perhaps one or two others on your own relay, this should be more than enough.
One caveat here. FediBuzz has an option for individual users to utilize relays as well by "following" a relay actor, like `@tag-dogsofmastodon@relay.com`. One caveat here. FediBuzz has an option for individual users to utilize relays as well by "following" a relay actor, like `@tag-dogsofmastodon@relay.com`.
@ -26,109 +18,59 @@ One caveat here. FediBuzz has an option for individual users to utilize relays a
If you promote this alternative route and many individuals start connecting to your relay, it will cause more outgoing traffic and queue processing, therefore increasing your hardware requirements. If you promote this alternative route and many individuals start connecting to your relay, it will cause more outgoing traffic and queue processing, therefore increasing your hardware requirements.
# Domain Name # Domain Name
As with most fediverse projects, you're going to need a domain. In this particular instance, I used a subdomain of https://relay.{yourdomain}. You'll need a domain or subdomain to run this application. For example, a subdomain of `https://relay.{yourdomain}`.
# NGINX Proxy Manager Config # SSL Certificate
You'll need an SSL certificate for at least the sub-domain. NGINX Proxy Manager has this built in, but you may need some additional assistance depending on your configuration. You'll need an SSL certificate for your domain.
I needed a wildcard SSL for my domain, and used the PorkBun API to make that work. Here's a [blog post about Cloudflare](https://blog.jverkamp.com/2023/03/27/wildcard-lets-encrypt-certificates-with-nginx-proxy-manager-and-cloudflare/), but the setup is very similar for PorkBun.
Websockets may not be required, but I enabled it in NGINX Proxy Manager during configuration.
# Firewall
The following ports need to be open on the server running FediRelay.
```
## Default is 3000 in the FediBuzz docs, change as needed
sudo ufw allow 3000
## Allow SSH traffic so you can connect - consider limiting to specific IPs
sudo ufw allow 22
## When ready...
sudo ufw enable
```
# Initial Server Installs # Initial Server Installs
These packages are required for rust / cargo to work. These packages are required for rust / cargo to work.
``` ```
sudo apt-get update sudo apt-get update
sudo apt install pkg-config sudo apt-get install pkg-config libssl-dev libsystemd-dev git cargo curl
sudo apt-get install libssl-dev
sudo apt-get install libsystemd-dev
sudo apt install git cargo
sudo apt install curl
``` ```
curl was already installed for me. ## Rust and related tooling install
Ensure Rust is installed on your server. Ubuntu has a rustc installation included by default, but it is likely not the latest version. In addition, you may prefer to use rustup to manage your install. Check out [the official installation guide](https://www.rust-lang.org/tools/install).
### Rust and related tooling install ## Pull GitHub Repo
Rust is already installed on Ubuntu, but not compatible with rustup. Remove it.
```
sudo apt remove rustc cargo
sudo apt autoremove
```
```
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
```
Just installed the default (1) option. This could take a LONG while.
Then set your system's PATH environment variable to make Rust's tools globally accessible:
```
source $HOME/.cargo/env
```
# Pull GitHub Repo
``` ```
git clone https://github.com/astro/buzzrelay.git git clone https://github.com/astro/buzzrelay.git
``` ```
# Postgres SQL ## PostgreSQL
Install a PostGresSQL database, I followed this guide. A PostgreSQL database is needed for this application. This [installation guide](https://www.digitalocean.com/community/tutorials/how-to-install-and-use-postgresql-on-ubuntu-22-04) will assist with the initial install.
[https://www.digitalocean.com/community/tutorials/how-to-install-and-use-postgresql-on-ubuntu-22-04](https://www.digitalocean.com/community/tutorials/how-to-install-and-use-postgresql-on-ubuntu-22-04) Additionally, you'll have to allow for password authentication. [This guide](https://medium.com/@syafiqza/configuring-postgresql-authentication-in-linux-from-peer-to-password-1bde0445c4da) walks you through the process.
Then I create the relay user for the database. Create the relay user for the database. Specifically this command creates a user named relay and then prompts for a password.
``` ```
createuser --interactive sudo -u postgres createuser -P relay
``` ```
Role (user) to add: relay as superuser Then create the database and grant all prviliges to the relay user.
Password wasn't set, so from a postgres prompt:
`ALTER USER relay WITH PASSWORD 'your-secure-password';`
Then create database:
`CREATE DATABASE buzzrelay;`
Then grant the relay user with full rights to the database:
``` ```
ALTER DATABASE buzzrelay OWNER TO relay; sudo -u postgres psql
``` createdb -O relay buzzrelay
\c buzzrelay
```
GRANT ALL PRIVILEGES ON DATABASE buzzrelay TO relay;
GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO relay; GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO relay;
GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO relay; GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO relay;
GRANT ALL PRIVILEGES ON ALL FUNCTIONS IN SCHEMA public TO relay; GRANT ALL PRIVILEGES ON ALL FUNCTIONS IN SCHEMA public TO relay;
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES ON TABLES TO relay; ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES ON TABLES TO relay;
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES ON SEQUENCES TO relay; ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES ON SEQUENCES TO relay;
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES ON FUNCTIONS TO relay; ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES ON FUNCTIONS TO relay;
GRANT USAGE, CREATE ON SCHEMA public TO relay;
``` ```
## Querying the database ## Querying the database
A cheat sheet for getting to the database. A cheat sheet for getting to the database.
``` ```
sudo -i -u postgres psql -U relay -h localhost -d buzzrelay
psql
\c buzzrelay \c buzzrelay
``` ```
@ -138,7 +80,6 @@ It's not necessary to install this, it is not used by the core relay. Just comme
This was used if you are going to host the page shown at [https://fedi.buzz](https://fedi.buzz) which doesn't come with this relay configuration. This was used if you are going to host the page shown at [https://fedi.buzz](https://fedi.buzz) which doesn't come with this relay configuration.
# Update config.yaml # Update config.yaml
Several items need to be updated, see below
## Streams ## Streams
* Leave the fedibuzz stream as is. * Leave the fedibuzz stream as is.
@ -147,8 +88,9 @@ Several items need to be updated, see below
* Add as many others as desired. * Add as many others as desired.
## Additional filters for streams ## Additional filters for streams
If you have a token for an instance that you are using to connect to a mastodon public stream, you're not limited to just the federated stream of all posts. If you want to get more granular, these streaming timelines work, too. If you have a token for an instance that you are using to connect to a mastodon public stream, you're not limited to just the federated stream of all posts. If you want to get more granular, these [streaming timelines](https://docs.joinmastodon.org/methods/streaming/) work, too.
<details><summary><b>View additional filter details</b></summary>
All of the items listed below have a /local/ version as well if you want to get REALLY granular and only pick up posts from the local instance. All of the items listed below have a /local/ version as well if you want to get REALLY granular and only pick up posts from the local instance.
> This does not work for the default fedibuzz relay stream, only for mastodon servers for which you have an access token. > This does not work for the default fedibuzz relay stream, only for mastodon servers for which you have an access token.
@ -175,8 +117,14 @@ For the user with the associated token, you can create a list of accounts and pa
```http ```http
GET /api/v1/streaming/list?list={yourListId}&access_token={yourAccessToken} HTTP/1.1 GET /api/v1/streaming/list?list={yourListId}&access_token={yourAccessToken} HTTP/1.1
``` ```
</details>
### Hostname ### Hostname
Set it to your domain. I used the sub-domain format of "relay.{yourdomain}" Set it to your domain. I used the sub-domain format of "relay.{yourdomain}"
### Listen Port
Update if necessary for your proxy configuration.
### Private Key File ### Private Key File
Generate a new RSA key pair for signing ActivityPub messages. Note using this command also sets the appropriate permissions values. Generate a new RSA key pair for signing ActivityPub messages. Note using this command also sets the appropriate permissions values.
@ -185,7 +133,7 @@ openssl genrsa -out private-key.pem 4096
openssl rsa -in private-key.pem -pubout -out public-key.pem openssl rsa -in private-key.pem -pubout -out public-key.pem
``` ```
## PostGres Password ## PostgreSQL Password
I used the default user and dbname listed in the config file. Update the password as needed. I used the default user and dbname listed in the config file. Update the password as needed.
# Build it # Build it
@ -205,53 +153,18 @@ cargo run --release config.yaml
If you see redis errors, be sure to comment out those lines in the config.yaml - it is NOT needed. If you see redis errors, be sure to comment out those lines in the config.yaml - it is NOT needed.
With the fedi relay public stream enabled, I see the following error stream quite often, showing that the uri is missing, which it is. With the fedi relay public stream enabled, I did see the following error stream quite often, showing that the uri is missing, which it is.
``` ```
2024-03-23T03:39:34.773184Z TRACE buzzrelay::relay: data: {"created_at":"2024-03-23T03:39:33.020Z","url":"https://some.instance/notes/9r73vj18yk","content":"<p><a href=\"https://some.instance/@some.user\" class=\"u-url mention\">@some.user</a><span> Some Content</p>","account":{"username":"some.user","display_name":"some.display.name","url":"https://some.instance/@some.user","bot":true},"tags":[],"sensitive":false,"mentions":[],"language":"ja","media_attachments":[],"reblog":null} 2024-03-23T03:39:34.773184Z TRACE buzzrelay::relay: data: {"created_at":"2024-03-23T03:39:33.020Z","url":"https://some.instance/notes/9r73vj18yk","content":"<p><a href=\"https://some.instance/@some.user\" class=\"u-url mention\">@some.user</a><span> Some Content</p>","account":{"username":"some.user","display_name:":"some.display.name","url":"https://some.instance/@some.user","bot":true},"tags":[],"sensitive":false,"mentions":[],"language":"ja","media_attachments":[],"reblog":null}
2024-03-23T03:39:48.745870Z ERROR buzzrelay::relay: parse error: missing field `uri` at line 1 column 746 2024-03-23T03:39:48.745870Z ERROR buzzrelay::relay: parse error: missing field `uri` at line 1 column 746
``` ```
However, even with that error, content is coming in for at least the hashtag and instance relay types. However, even with that error, plenty of content is getting pushed to my instance.
# Use it # Try it out
And with that, I had a running relay! Check the homepage of your relay for instructions on how to get started. Check the homepage of your new relay for instructions on how to add your desired entries to a fediverse server and start pulling in posts.
Congratulations! 🎉 You should see entries being added to your federated timeline.
# Next steps You've got a basic working relay to test with. Congratulations! 🎉
Check out the /metrics endpoint at {yourRelayDomain}/metrics for information about the current status of your relay.
Additionally, once you stabilize the settings, you may want to set this up to run automatically after a system reboot.
```ssh
sudo nano /etc/systemd/system/buzzrelay.service
```
Edit the new service file, change the working directory to your own location.
```nano
[Unit]
Description=Buzzrelay Rust Application
After=network.target
[Service]
Type=simple
User=box464
WorkingDirectory=/home/box464/buzzrelay
ExecStart=/home/box464/.cargo/bin/cargo run --release /home/box464/buzzrelay/config.yaml
Restart=on-failure
[Install]
WantedBy=multi-user.target
```
Finally, enable the service, start it, and check the status.
```ssh
sudo systemctl daemon-reload
sudo systemctl enable buzzrelay.service
sudo systemctl start buzzrelay.service
sudo systemctl status buzzrelay.service
```