Self-Hosting Mastodon for Fun ~& Profit~
Many people have brought out the popcorn to watch the Musk-driven Bird Site meltdown. A fun side-effect is watching those around us who are not usually interested in experimenting with new social media services or messaging apps suddenly show some interest in Mastodon.
What server should I join?
For most, federated social media is such an alien concept, and the idea of a service that is not only federated but largely volunteer lead and without an official app is downright scary. In light of this (and to tickle my own curiosity), I decided to host my own Mastodon instance and suggest my family join that server. I also wanted to create a second one that was more for friends.
I looked around for advice and a starting point, and after deciding that hosted databases and things were beyond my budget, I found the docker definitions inside the Mastodon repo. These let you self-host all the required services on a single machine. This is not the best production setup you can achieve, but it's an easy launching-off point and makes it straightforward to migrate servers/infrastructure at a later stage, should that be necessary.
I also stumbled upon this excellent set of instructions for setting up the docker version, which I highly recommend reviewing.
For those interested, the basic tasks were:
- buy the domains
- do some basic setup on a fresh cloud server
- point the domain DNS records at the server
- add a data disk, and setup docker to store files there
- edit the data volumes folders in the docker-compose setup to go on the data disk
- add a password to the Postgres DB container
- set up the configuration file
- make another configuration and another docker-compose.yml with different exposed ports (as I was hosting a second instance on the same server), and you can rename the services if they live on the same internal docker network or isolate them and you won't have to do that.
- set up an email server (a hosted service is easier and less likely to go to spam than anything you'd do yourself).
- get the services running
- setup nginx to proxy the traffic to the right ports on the machine
- setup TLS with certbot from Lets Encrypt
At this point, things should be up and running.
The biggest hurdle I encountered was wanting to use my Proton Mail email service, which, for encryption reasons, requires Proton Bridge to send mail via SMTP, and also is only listening to localhost in the default configuration. Inside my secure network, I had the problem that the Docker services could not talk to services on localhost on the host machine. Ultimately, I had to bind to a different network interface by editing the constant in the Proton Bridge source code and building it from source. This is not ideal, but other tricks (like forwarding traffic with socat or something) would not have been any better.
I also found some helpful instructions for setting up a service to keep Proton Bridge running.
It ended in success, and I now have two instances that are federating and able to send sign-up confirmation emails and things, and I have new Mastodon moderator/admin responsibilities as well as sysadmin responsibilities to keep everything up-to-date.
Do I recommend this approach? Maybe. If you're able to understand the linked instructions (and the implications of the decisions contained within them) and edit them comfortably to customise the setup, then it's a fun thing to do, but otherwise I'd suggest finding another server or paying for a hosted instance if you can find a willing host.
Keeping your instance safe both by ensuring you're not federating content that you are uncomfortable with/or that is illegal where you live and keeping your users and your hosting account safe are real burdens. There are potential legal ramifications to being a service provider, even as a volunteer hosting a free service for fun.
Either way, it's kind of cool to share a private server with people you know, if nothing else, just because you can!