mirror of
https://github.com/astro/buzzrelay.git
synced 2024-11-22 04:00:59 +00:00
updates per pull request
This commit is contained in:
parent
9a108132ef
commit
095b0c685d
1 changed files with 41 additions and 128 deletions
|
@ -1,24 +1,16 @@
|
||||||
# Objective
|
# Objective
|
||||||
Install the FediBuzz relay using a virtual machine running Ubuntu Server 22.04.4 LTS. If you are familiar with NixOS/Flakes, then [installing the NixOS module](https://github.com/astro/buzzrelay?tab=readme-ov-file#build) for this is by far the easier route!
|
This guide will provide you with a working relay to test and configure to your liking.
|
||||||
|
|
||||||
But for those of us unfamiliar with NixOS, here's another option.
|
If you are familiar with NixOS/Flakes, then [installing the NixOS module](https://github.com/astro/buzzrelay?tab=readme-ov-file#build) is by far the easier route!
|
||||||
|
|
||||||
# Server Configuration
|
If you're not ready to take the NixOS plunge, here's another option to install the FediBuzz relay on server with a recent release of Ubuntu.
|
||||||
My system consisted of the following:
|
|
||||||
|
|
||||||
* Router Configured to forward 80, 443 through a firewall to NGINX Proxy Manager
|
|
||||||
* NGINX Proxy Manager then directs traffic based on the incoming domain name to the appropriate server.
|
|
||||||
* A ProxMox server with an Ubuntu VM hosting the FediBuzz relay application.
|
|
||||||
|
|
||||||
## Hardware
|
## Hardware
|
||||||
This could be run very cheaply on your preferred hosting site, or on your own home lab.
|
The official buzzrelay is attached to hundreds of instances and has thousands of followers with a configuration similar to the requirements listed below.
|
||||||
|
|
||||||
* Ubuntu 22.04.4 LTS
|
|
||||||
* 1 Core
|
* 1 Core
|
||||||
* 1 GB RAM
|
* 1 GB RAM
|
||||||
|
|
||||||
The official fedi.buzz relay traffics around 330 public instance streams for around 3,500 unique followers (some may have multiple relay requests) as of April 2024 with a similar configuration.
|
|
||||||
|
|
||||||
If you're connecting to the fedi.buzz relay and perhaps one or two others on your own relay, this should be more than enough.
|
If you're connecting to the fedi.buzz relay and perhaps one or two others on your own relay, this should be more than enough.
|
||||||
|
|
||||||
One caveat here. FediBuzz has an option for individual users to utilize relays as well by "following" a relay actor, like `@tag-dogsofmastodon@relay.com`.
|
One caveat here. FediBuzz has an option for individual users to utilize relays as well by "following" a relay actor, like `@tag-dogsofmastodon@relay.com`.
|
||||||
|
@ -26,109 +18,59 @@ One caveat here. FediBuzz has an option for individual users to utilize relays a
|
||||||
If you promote this alternative route and many individuals start connecting to your relay, it will cause more outgoing traffic and queue processing, therefore increasing your hardware requirements.
|
If you promote this alternative route and many individuals start connecting to your relay, it will cause more outgoing traffic and queue processing, therefore increasing your hardware requirements.
|
||||||
|
|
||||||
# Domain Name
|
# Domain Name
|
||||||
As with most fediverse projects, you're going to need a domain. In this particular instance, I used a subdomain of https://relay.{yourdomain}.
|
You'll need a domain or subdomain to run this application. For example, a subdomain of `https://relay.{yourdomain}`.
|
||||||
|
|
||||||
# NGINX Proxy Manager Config
|
# SSL Certificate
|
||||||
You'll need an SSL certificate for at least the sub-domain. NGINX Proxy Manager has this built in, but you may need some additional assistance depending on your configuration.
|
You'll need an SSL certificate for your domain.
|
||||||
|
|
||||||
I needed a wildcard SSL for my domain, and used the PorkBun API to make that work. Here's a [blog post about Cloudflare](https://blog.jverkamp.com/2023/03/27/wildcard-lets-encrypt-certificates-with-nginx-proxy-manager-and-cloudflare/), but the setup is very similar for PorkBun.
|
|
||||||
|
|
||||||
Websockets may not be required, but I enabled it in NGINX Proxy Manager during configuration.
|
|
||||||
|
|
||||||
# Firewall
|
|
||||||
The following ports need to be open on the server running FediRelay.
|
|
||||||
|
|
||||||
```
|
|
||||||
## Default is 3000 in the FediBuzz docs, change as needed
|
|
||||||
sudo ufw allow 3000
|
|
||||||
## Allow SSH traffic so you can connect - consider limiting to specific IPs
|
|
||||||
sudo ufw allow 22
|
|
||||||
|
|
||||||
## When ready...
|
|
||||||
sudo ufw enable
|
|
||||||
```
|
|
||||||
|
|
||||||
# Initial Server Installs
|
# Initial Server Installs
|
||||||
These packages are required for rust / cargo to work.
|
These packages are required for rust / cargo to work.
|
||||||
```
|
```
|
||||||
sudo apt-get update
|
sudo apt-get update
|
||||||
sudo apt install pkg-config
|
sudo apt-get install pkg-config libssl-dev libsystemd-dev git cargo curl
|
||||||
sudo apt-get install libssl-dev
|
|
||||||
sudo apt-get install libsystemd-dev
|
|
||||||
sudo apt install git cargo
|
|
||||||
sudo apt install curl
|
|
||||||
```
|
```
|
||||||
|
|
||||||
curl was already installed for me.
|
## Rust and related tooling install
|
||||||
|
Ensure Rust is installed on your server. Ubuntu has a rustc installation included by default, but it is likely not the latest version. In addition, you may prefer to use rustup to manage your install. Check out [the official installation guide](https://www.rust-lang.org/tools/install).
|
||||||
|
|
||||||
### Rust and related tooling install
|
## Pull GitHub Repo
|
||||||
Rust is already installed on Ubuntu, but not compatible with rustup. Remove it.
|
|
||||||
|
|
||||||
```
|
|
||||||
sudo apt remove rustc cargo
|
|
||||||
sudo apt autoremove
|
|
||||||
```
|
|
||||||
|
|
||||||
```
|
|
||||||
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
|
|
||||||
```
|
|
||||||
|
|
||||||
Just installed the default (1) option. This could take a LONG while.
|
|
||||||
|
|
||||||
Then set your system's PATH environment variable to make Rust's tools globally accessible:
|
|
||||||
|
|
||||||
```
|
|
||||||
source $HOME/.cargo/env
|
|
||||||
```
|
|
||||||
|
|
||||||
# Pull GitHub Repo
|
|
||||||
```
|
```
|
||||||
git clone https://github.com/astro/buzzrelay.git
|
git clone https://github.com/astro/buzzrelay.git
|
||||||
```
|
```
|
||||||
|
|
||||||
# Postgres SQL
|
## PostgreSQL
|
||||||
Install a PostGresSQL database, I followed this guide.
|
A PostgreSQL database is needed for this application. This [installation guide](https://www.digitalocean.com/community/tutorials/how-to-install-and-use-postgresql-on-ubuntu-22-04) will assist with the initial install.
|
||||||
|
|
||||||
[https://www.digitalocean.com/community/tutorials/how-to-install-and-use-postgresql-on-ubuntu-22-04](https://www.digitalocean.com/community/tutorials/how-to-install-and-use-postgresql-on-ubuntu-22-04)
|
Additionally, you'll have to allow for password authentication. [This guide](https://medium.com/@syafiqza/configuring-postgresql-authentication-in-linux-from-peer-to-password-1bde0445c4da) walks you through the process.
|
||||||
|
|
||||||
Then I create the relay user for the database.
|
Create the relay user for the database. Specifically this command creates a user named relay and then prompts for a password.
|
||||||
|
|
||||||
```
|
```
|
||||||
createuser --interactive
|
sudo -u postgres createuser -P relay
|
||||||
```
|
```
|
||||||
|
|
||||||
Role (user) to add: relay as superuser
|
Then create the database and grant all prviliges to the relay user.
|
||||||
Password wasn't set, so from a postgres prompt:
|
|
||||||
|
|
||||||
`ALTER USER relay WITH PASSWORD 'your-secure-password';`
|
|
||||||
|
|
||||||
Then create database:
|
|
||||||
|
|
||||||
`CREATE DATABASE buzzrelay;`
|
|
||||||
|
|
||||||
Then grant the relay user with full rights to the database:
|
|
||||||
|
|
||||||
```
|
```
|
||||||
ALTER DATABASE buzzrelay OWNER TO relay;
|
sudo -u postgres psql
|
||||||
```
|
createdb -O relay buzzrelay
|
||||||
|
|
||||||
|
\c buzzrelay
|
||||||
|
|
||||||
```
|
|
||||||
GRANT ALL PRIVILEGES ON DATABASE buzzrelay TO relay;
|
|
||||||
GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO relay;
|
GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO relay;
|
||||||
GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO relay;
|
GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO relay;
|
||||||
GRANT ALL PRIVILEGES ON ALL FUNCTIONS IN SCHEMA public TO relay;
|
GRANT ALL PRIVILEGES ON ALL FUNCTIONS IN SCHEMA public TO relay;
|
||||||
|
|
||||||
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES ON TABLES TO relay;
|
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES ON TABLES TO relay;
|
||||||
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES ON SEQUENCES TO relay;
|
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES ON SEQUENCES TO relay;
|
||||||
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES ON FUNCTIONS TO relay;
|
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES ON FUNCTIONS TO relay;
|
||||||
GRANT USAGE, CREATE ON SCHEMA public TO relay;
|
|
||||||
```
|
```
|
||||||
|
|
||||||
## Querying the database
|
## Querying the database
|
||||||
A cheat sheet for getting to the database.
|
A cheat sheet for getting to the database.
|
||||||
|
|
||||||
```
|
```
|
||||||
sudo -i -u postgres
|
psql -U relay -h localhost -d buzzrelay
|
||||||
psql
|
|
||||||
\c buzzrelay
|
\c buzzrelay
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -138,7 +80,6 @@ It's not necessary to install this, it is not used by the core relay. Just comme
|
||||||
This was used if you are going to host the page shown at [https://fedi.buzz](https://fedi.buzz) which doesn't come with this relay configuration.
|
This was used if you are going to host the page shown at [https://fedi.buzz](https://fedi.buzz) which doesn't come with this relay configuration.
|
||||||
|
|
||||||
# Update config.yaml
|
# Update config.yaml
|
||||||
Several items need to be updated, see below
|
|
||||||
|
|
||||||
## Streams
|
## Streams
|
||||||
* Leave the fedibuzz stream as is.
|
* Leave the fedibuzz stream as is.
|
||||||
|
@ -147,8 +88,9 @@ Several items need to be updated, see below
|
||||||
* Add as many others as desired.
|
* Add as many others as desired.
|
||||||
|
|
||||||
## Additional filters for streams
|
## Additional filters for streams
|
||||||
If you have a token for an instance that you are using to connect to a mastodon public stream, you're not limited to just the federated stream of all posts. If you want to get more granular, these streaming timelines work, too.
|
If you have a token for an instance that you are using to connect to a mastodon public stream, you're not limited to just the federated stream of all posts. If you want to get more granular, these [streaming timelines](https://docs.joinmastodon.org/methods/streaming/) work, too.
|
||||||
|
|
||||||
|
<details><summary><b>View additional filter details</b></summary>
|
||||||
All of the items listed below have a /local/ version as well if you want to get REALLY granular and only pick up posts from the local instance.
|
All of the items listed below have a /local/ version as well if you want to get REALLY granular and only pick up posts from the local instance.
|
||||||
|
|
||||||
> This does not work for the default fedibuzz relay stream, only for mastodon servers for which you have an access token.
|
> This does not work for the default fedibuzz relay stream, only for mastodon servers for which you have an access token.
|
||||||
|
@ -175,8 +117,14 @@ For the user with the associated token, you can create a list of accounts and pa
|
||||||
```http
|
```http
|
||||||
GET /api/v1/streaming/list?list={yourListId}&access_token={yourAccessToken} HTTP/1.1
|
GET /api/v1/streaming/list?list={yourListId}&access_token={yourAccessToken} HTTP/1.1
|
||||||
```
|
```
|
||||||
|
</details>
|
||||||
|
|
||||||
### Hostname
|
### Hostname
|
||||||
Set it to your domain. I used the sub-domain format of "relay.{yourdomain}"
|
Set it to your domain. I used the sub-domain format of "relay.{yourdomain}"
|
||||||
|
|
||||||
|
### Listen Port
|
||||||
|
Update if necessary for your proxy configuration.
|
||||||
|
|
||||||
### Private Key File
|
### Private Key File
|
||||||
Generate a new RSA key pair for signing ActivityPub messages. Note using this command also sets the appropriate permissions values.
|
Generate a new RSA key pair for signing ActivityPub messages. Note using this command also sets the appropriate permissions values.
|
||||||
|
|
||||||
|
@ -185,7 +133,7 @@ openssl genrsa -out private-key.pem 4096
|
||||||
openssl rsa -in private-key.pem -pubout -out public-key.pem
|
openssl rsa -in private-key.pem -pubout -out public-key.pem
|
||||||
```
|
```
|
||||||
|
|
||||||
## PostGres Password
|
## PostgreSQL Password
|
||||||
I used the default user and dbname listed in the config file. Update the password as needed.
|
I used the default user and dbname listed in the config file. Update the password as needed.
|
||||||
|
|
||||||
# Build it
|
# Build it
|
||||||
|
@ -205,53 +153,18 @@ cargo run --release config.yaml
|
||||||
|
|
||||||
If you see redis errors, be sure to comment out those lines in the config.yaml - it is NOT needed.
|
If you see redis errors, be sure to comment out those lines in the config.yaml - it is NOT needed.
|
||||||
|
|
||||||
With the fedi relay public stream enabled, I see the following error stream quite often, showing that the uri is missing, which it is.
|
With the fedi relay public stream enabled, I did see the following error stream quite often, showing that the uri is missing, which it is.
|
||||||
|
|
||||||
```
|
```
|
||||||
2024-03-23T03:39:34.773184Z TRACE buzzrelay::relay: data: {"created_at":"2024-03-23T03:39:33.020Z","url":"https://some.instance/notes/9r73vj18yk","content":"<p><a href=\"https://some.instance/@some.user\" class=\"u-url mention\">@some.user</a><span> Some Content</p>","account":{"username":"some.user","display_name":"some.display.name","url":"https://some.instance/@some.user","bot":true},"tags":[],"sensitive":false,"mentions":[],"language":"ja","media_attachments":[],"reblog":null}
|
2024-03-23T03:39:34.773184Z TRACE buzzrelay::relay: data: {"created_at":"2024-03-23T03:39:33.020Z","url":"https://some.instance/notes/9r73vj18yk","content":"<p><a href=\"https://some.instance/@some.user\" class=\"u-url mention\">@some.user</a><span> Some Content</p>","account":{"username":"some.user","display_name:":"some.display.name","url":"https://some.instance/@some.user","bot":true},"tags":[],"sensitive":false,"mentions":[],"language":"ja","media_attachments":[],"reblog":null}
|
||||||
2024-03-23T03:39:48.745870Z ERROR buzzrelay::relay: parse error: missing field `uri` at line 1 column 746
|
2024-03-23T03:39:48.745870Z ERROR buzzrelay::relay: parse error: missing field `uri` at line 1 column 746
|
||||||
```
|
```
|
||||||
|
|
||||||
However, even with that error, content is coming in for at least the hashtag and instance relay types.
|
However, even with that error, plenty of content is getting pushed to my instance.
|
||||||
|
|
||||||
# Use it
|
# Try it out
|
||||||
And with that, I had a running relay! Check the homepage of your relay for instructions on how to get started.
|
Check the homepage of your new relay for instructions on how to add your desired entries to a fediverse server and start pulling in posts.
|
||||||
|
|
||||||
Congratulations! 🎉
|
You should see entries being added to your federated timeline.
|
||||||
|
|
||||||
# Next steps
|
You've got a basic working relay to test with. Congratulations! 🎉
|
||||||
Check out the /metrics endpoint at {yourRelayDomain}/metrics for information about the current status of your relay.
|
|
||||||
|
|
||||||
Additionally, once you stabilize the settings, you may want to set this up to run automatically after a system reboot.
|
|
||||||
|
|
||||||
```ssh
|
|
||||||
sudo nano /etc/systemd/system/buzzrelay.service
|
|
||||||
```
|
|
||||||
|
|
||||||
Edit the new service file, change the working directory to your own location.
|
|
||||||
|
|
||||||
```nano
|
|
||||||
[Unit]
|
|
||||||
Description=Buzzrelay Rust Application
|
|
||||||
After=network.target
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
Type=simple
|
|
||||||
User=box464
|
|
||||||
WorkingDirectory=/home/box464/buzzrelay
|
|
||||||
ExecStart=/home/box464/.cargo/bin/cargo run --release /home/box464/buzzrelay/config.yaml
|
|
||||||
Restart=on-failure
|
|
||||||
|
|
||||||
[Install]
|
|
||||||
WantedBy=multi-user.target
|
|
||||||
```
|
|
||||||
|
|
||||||
Finally, enable the service, start it, and check the status.
|
|
||||||
|
|
||||||
```ssh
|
|
||||||
sudo systemctl daemon-reload
|
|
||||||
sudo systemctl enable buzzrelay.service
|
|
||||||
sudo systemctl start buzzrelay.service
|
|
||||||
sudo systemctl status buzzrelay.service
|
|
||||||
|
|
||||||
```
|
|
Loading…
Reference in a new issue