initial commit 🦣

LICENSE

@@ -0,0 +1,19 @@
+Copyright (c) 2022 Jake Jarvis
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

README.md

@@ -0,0 +1,73 @@
+# 🦣 Mastodon installer (unofficial)
+
+> ⚠️ This is ***beyond experimental*** and may need some manual intervention from you. [Let me know](https://github.com/jakejarvis/mastodon-installer/issues) about any problems you run into!
+
+![Escape the Space Karen](https://user-images.githubusercontent.com/1703673/202923190-95424152-3eb5-45ed-86e7-0ae0c89f917c.JPG)
+
+Be your own boss and host your own [Mastodon](https://joinmastodon.org/) server on the fediverse!
+
+## Requirements
+
+- Ubuntu 20.04 LTS
+- A domain name (or subdomain) already pointing to your server's IP
+
+## Usage
+
+### Creating a non-root user
+
+This script must be run as a **non-root user with sudo priviledges**. To create one called `mastodon` and switch to it, for example:
+
+```sh
+sudo adduser --gecos 'Mastodon' mastodon
+sudo usermod -aG sudo mastodon
+sudo su - mastodon
+```
+
+### Running the script
+
+If you trust me (which you shouldn't, _please_ don't trust random people on the internet!) this will download and run the installer automatically:
+
+```sh
+# with curl
+curl -fsSL https://github.com/jakejarvis/mastodon-installer/raw/HEAD/install.sh | bash
+
+# alternatively, with wget
+wget -q https://github.com/jakejarvis/mastodon-installer/raw/HEAD/install.sh -O- | bash
+```
+
+Or, clone this repository and make sure the installer is executable before running:
+
+```sh
+git clone https://github.com/jakejarvis/mastodon-installer.git && cd mastodon-installer
+chmod +x install.sh
+./install.sh
+```
+
+### What's next?
+
+- Review the many [config options](https://docs.joinmastodon.org/admin/config/) located in `/home/mastodon/live/.env.production`
+- Harden your server's security using:
+  - [UFW](https://www.linode.com/docs/guides/configure-firewall-with-ufw/) or [iptables](https://docs.joinmastodon.org/admin/prerequisites/#install-a-firewall-and-only-allow-ssh-http-and-https-ports)
+  - [Fail2ban](https://docs.joinmastodon.org/admin/prerequisites/#install-fail2ban-so-it-blocks-repeated-login-attempts)
+- Configure an email provider:
+  - [Mailgun](https://www.mailgun.com/products/send/smtp/free-smtp-service/) and [SendGrid](https://sendgrid.com/free/) have a free tier
+  - ...but any regular SMTP server will work.
+- [Offload media files to Amazon S3](https://docs.joinmastodon.org/admin/optional/object-storage-proxy/). They **will** eat a ton of disk space, even on a single-user server!
+- Tune [Sidekiq & Puma](https://docs.joinmastodon.org/admin/scaling/#concurrency) for performance and consider using [pgBouncer](https://docs.joinmastodon.org/admin/scaling/#pgbouncer).
+  - [Official scaling docs](https://docs.joinmastodon.org/admin/scaling/)
+  - [Scaling Mastodon _down_](https://gist.github.com/nolanlawson/fc027de03a7cc0b674dcdc655eb5f2cb)
+  - [PGTune](https://pgtune.leopard.in.ua/#/)
+
+## Software installed
+
+- Mastodon, of course
+- Nginx
+- PostgreSQL
+- Redis
+- Node + Yarn
+- Ruby
+- Certbot
+
+## License
+
+MIT

install.sh

@@ -0,0 +1,84 @@
+#!/bin/bash
+
+# exit when any step fails
+set -euo pipefail
+
+# authenticate w/ sudo up-front
+sudo -v
+
+# ask for domain
+read -p "👋  Hi! Enter your Mastodon server's domain or subdomain (without \"http\" or \"https\" - e.g. social.example): " MASTODON_DOMAIN
+
+# initial ubuntu updates
+export DEBIAN_FRONTEND=noninteractive
+sudo apt update
+sudo apt upgrade -y
+sudo apt install -y curl wget gnupg apt-transport-https lsb-release ca-certificates
+
+# add node apt repository
+curl -sL https://deb.nodesource.com/setup_16.x | sudo bash -
+
+# add postgres apt repository
+sudo wget -O /usr/share/keyrings/postgresql.asc https://www.postgresql.org/media/keys/ACCC4CF8.asc
+echo "deb [signed-by=/usr/share/keyrings/postgresql.asc] http://apt.postgresql.org/pub/repos/apt $(lsb_release -cs)-pgdg main" | sudo tee /etc/apt/sources.list.d/postgresql.list
+
+# install prerequisites:
+# https://docs.joinmastodon.org/admin/install/#system-packages
+sudo apt update
+sudo apt install -y \
+  imagemagick ffmpeg libpq-dev libxml2-dev libxslt1-dev file git-core \
+  g++ libprotobuf-dev protobuf-compiler pkg-config nodejs gcc autoconf \
+  bison build-essential libssl-dev libyaml-dev libreadline6-dev \
+  zlib1g-dev libncurses5-dev libffi-dev libgdbm-dev \
+  nginx redis-server redis-tools postgresql postgresql-contrib \
+  certbot python3-certbot-nginx libidn11-dev libicu-dev libjemalloc-dev
+
+# setup yarn
+sudo npm install --global yarn
+sudo corepack enable
+yarn set version classic
+
+# install rbenv & ruby-build
+git clone https://github.com/rbenv/rbenv.git ~/.rbenv
+echo 'eval "$(~/.rbenv/bin/rbenv init - bash)"' >> ~/.bash_profile
+source ~/.bash_profile
+git clone https://github.com/rbenv/ruby-build.git "$(rbenv root)/plugins/ruby-build"
+
+# clone mastodon & checkout latest version
+git clone https://github.com/mastodon/mastodon.git ~/live && cd ~/live
+git checkout $(git tag -l | grep -v 'rc[0-9]*$' | sort -V | tail -n 1)
+
+# install ruby
+RUBY_CONFIGURE_OPTS=--with-jemalloc rbenv install "$(cat ./.ruby-version)"
+rbenv global "$(cat ./.ruby-version)"
+
+# install npm and gem dependencies
+gem install bundler --no-document
+bundle config deployment "true"
+bundle config without "development test"
+bundle install -j$(getconf _NPROCESSORS_ONLN)
+yarn install --pure-lockfile --network-timeout 100000
+
+# set up database
+echo "CREATE USER $(whoami) CREATEDB" | sudo -u postgres psql -f -
+
+# run interactive mastodon wizard
+RAILS_ENV=production bundle exec rake mastodon:setup
+
+# order an ssl certificate from LE
+sudo certbot certonly --nginx -d "$MASTODON_DOMAIN"
+
+# configure nginx
+sudo cp ./dist/nginx.conf "/etc/nginx/sites-available/$MASTODON_DOMAIN.conf"
+sudo sed -i "/etc/nginx/sites-available/$MASTODON_DOMAIN.conf" -e "s/example.com/$MASTODON_DOMAIN/g"
+sudo sed -i "/etc/nginx/sites-available/$MASTODON_DOMAIN.conf" -e "/ssl_certificate/s/^  #//"
+sudo ln -s "/etc/nginx/sites-available/$MASTODON_DOMAIN.conf" "/etc/nginx/sites-enabled/$MASTODON_DOMAIN.conf"
+sudo systemctl restart nginx
+
+# enable systemd services on startup
+sudo cp ./dist/mastodon-*.service /etc/systemd/system/
+sudo systemctl daemon-reload
+sudo systemctl enable --now mastodon-web mastodon-sidekiq mastodon-streaming
+
+echo "All done! Consider working on these highly recommended next steps:"
+echo "https://github.com/jakejarvis/mastodon-installer#whats-next"

upgrade.sh

@@ -0,0 +1,42 @@
+#!/bin/bash
+
+# exit when any step fails
+set -euo pipefail
+
+# update ubuntu packages
+sudo apt update
+sudo apt upgrade -y
+
+# pull latest mastodon source
+cd ~/live
+git fetch --tags
+git checkout $(git tag -l | grep -v 'rc[0-9]*$' | sort -V | tail -n 1)
+
+# set new ruby version
+RUBY_CONFIGURE_OPTS=--with-jemalloc rbenv install "$(cat ./.ruby-version)"
+rbenv global "$(cat ./.ruby-version)"
+
+# update dependencies
+bundle install
+yarn install --frozen-lockfile
+
+# run migrations:
+# https://docs.joinmastodon.org/admin/upgrading/
+SKIP_POST_DEPLOYMENT_MIGRATIONS=true RAILS_ENV=production bundle exec rails db:migrate
+RAILS_ENV=production bundle exec rails assets:clobber
+RAILS_ENV=production bundle exec rails assets:precompile
+
+# restart mastodon
+sudo systemctl reload mastodon-web
+sudo systemctl restart mastodon-sidekiq
+
+# clear caches & run post-deployment db migration
+RAILS_ENV=production ./bin/tootctl cache clear
+RAILS_ENV=production bundle exec rails db:migrate
+
+# restart mastodon again
+sudo systemctl reload mastodon-web
+sudo systemctl restart mastodon-sidekiq
+
+echo "All done! Check the latest release notes, there may be additional version-specific steps:"
+echo "https://github.com/mastodon/mastodon/releases"