this post was submitted on 20 Jul 2023
7 points (88.9% liked)

Lemmy Support

4657 readers
2 users here now

Support / questions about Lemmy.

Matrix Space: #lemmy-space

founded 5 years ago
MODERATORS
 

I have tried the docker, ansible, and scratch methods. I have been troubleshooting for a month now. I have gotten nowhere. I need someone to help walk me through how to deploy a lemmy server because the guides are absolute trash.

Please help. I'm wasting money running this VPS and for literally nothing.

Edit: So, I've tried the ansible method, but I can't access my server this way. It just keeps saying "UNREACHABLE". I have generated a dozen keys, none of them work. I have NO PROBLEMS with ssh in Putty. I can use Putty all day. Putty works fine using my ssh key. Ansible does not. No amount of new keys has made any difference. I have countless keys in my stupid droplet because of this hacky garbage.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 1 year ago (2 children)

Okay, so it looks like nginx is a reverse proxy. That is the step I was on. It doesn't work. Last thing I did was to modify the docker-compose.yml file and change the port from 80 to 1236. I was told to do that by someone who has been trying to troubleshoot with me for 2 weeks now. It doesn't say to do that anywhere, but they told me to so I did. Then they said to "add this to my upstream" but I haven't a fucking clue what that means so I don't know what to do next. There is a config file in etc/nginx/sites-enabled/nginx.conf that the guide directed me to edit. This is the guide that I was directed to use to set up nginx. I was on the step where it requests the nginx status and mine just says "inactive". I promise, I am following these guides PRECISELY. I don't know what I am doing wrong, but all the solutions that I have received are things that the guide DOES NOT say to do. So I don't know where I am. I am happy to start fresh. You just let me know.

[–] [email protected] 1 points 1 year ago (1 children)

In my opinion its best not to touch the nginx that's set up by Lemmy and it's better to have another reverse-proxy in front of it.

I'll try to come up with an solution later in the day, gotta do my daily at work.

[–] [email protected] 1 points 1 year ago (3 children)

No problem at all. Thanks for getting back to me. I really do appreciate it!!!! I have a busy day today too but I'll try to be vigilant about responding.

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago)

So, here's something that might work. I tested it on my local machine, up to Caddy but without HTTPS, but I'm confident it'll work once deployed on a server.

Prerequisites:

  • Server with Docker and docker-compose installed
  • Ports 80 and 443 open and directed at your server
  • A domain name pointing to your server

Setup

First, create a folder and download the following files:

Then, generate passwords for PostgreSQL and your admin user, store them somewhere safe.

Config changes

lemmy.hjson

You'll want to change the admin_username, admin_password and site_name to match your primary user's credentials and the name you want to give your instance.

Then, change hostname to match your domain name: if it is sub.domain.tld then it should read hostname: "sub.domain.tld".

The base config file does not have proper configuration for the database, so you'll have to edit the database field as follows with the password you previously created:

  database: {
    host: postgres
    database: "lemmy"
    user: "lemmy"
    password: "POSTGRES_PWD" # Change for your password
  }

Additionally, if you want to send emails for registration confirmation and password resets, add the following before the closing } and change to match your email provider configuration.

  email: {
      # Hostname and port of the smtp server
      smtp_server: "SMTP_SERVER"
      # Login name for smtp server
      smtp_login: "SMTP_LOGIN"
      # Password to login to the smtp server
      smtp_password: "SMTP_PASSWORD"
      # Address to send emails from, eg "[email protected]"
      smtp_from_address: "SMTP_LOGIN"
      # Whether or not smtp connections should use tls. Can be none, tls, or starttls
      tls_type: "starttls"
    }

docker-compose.yml

By default the compose file is meant to build a development version of Lemmy, we will change this by removing the blocks with build and uncomment those with image. Note: think to update the images to 0.18.2 since it fixes some vulnerabilities.

Also, since we will use a reverse proxy and I don't now if your server has a firewall, we should remove the ports blocks which are used to expose the services' ports on the host.

Finally, make sure to change the POSTGRES_PASSWORD field to match the PostgreSQL password you set in lemmy.hjson.

It should look something like that:

version: "3.7"

x-logging: &default-logging
  driver: "json-file"
  options:
    max-size: "50m"
    max-file: "4"

services:
  proxy:
    image: nginx:1-alpine
    volumes:
      - ./nginx.conf:/etc/nginx/nginx.conf:ro,Z
    restart: always
    depends_on:
      - pictrs
      - lemmy-ui
    logging: *default-logging

  lemmy:
    # use "image" to pull down an already compiled lemmy. make sure to comment out "build".
    image: dessalines/lemmy:0.18.2
    # platform: linux/x86_64 # no arm64 support. uncomment platform if using m1.
    # use "build" to build your local lemmy server image for development. make sure to comment out "image".
    # run: docker compose up --build

    # this hostname is used in nginx reverse proxy and also for lemmy ui to connect to the backend, do not change
    hostname: lemmy
    restart: always
    environment:
      - RUST_LOG="warn,lemmy_server=debug,lemmy_api=debug,lemmy_api_common=debug,lemmy_api_crud=debug,lemmy_apub=debug,lemmy_db_schema=debug,lemmy_db_views=debug,lemmy_db_views_actor=debug,lemmy_db_views_moderator=debug,lemmy_routes=debug,lemmy_utils=debug,lemmy_websocket=debug"
      - RUST_BACKTRACE=full
    volumes:
      - ./lemmy.hjson:/config/config.hjson:Z
    depends_on:
      - postgres
      - pictrs
    logging: *default-logging

  lemmy-ui:
    # use "image" to pull down an already compiled lemmy-ui. make sure to comment out "build".
    image: dessalines/lemmy-ui:0.18.2
    # platform: linux/x86_64 # no arm64 support. uncomment platform if using m1.
    # use "build" to build your local lemmy ui image for development. make sure to comment out "image".
    # run: docker compose up --build

    # build:
    #   context: ../../lemmy-ui # assuming lemmy-ui is cloned besides lemmy directory
    #   dockerfile: dev.dockerfile
    environment:
      # this needs to match the hostname defined in the lemmy service
      - LEMMY_UI_LEMMY_INTERNAL_HOST=lemmy:8536
      # set the outside hostname here
      - LEMMY_UI_LEMMY_EXTERNAL_HOST=localhost:1236
      - LEMMY_UI_HTTPS=false
      - LEMMY_UI_DEBUG=true
    depends_on:
      - lemmy
    restart: always
    logging: *default-logging
    init: true

  pictrs:
    image: asonix/pictrs:0.4.0-beta.19
    # this needs to match the pictrs url in lemmy.hjson
    hostname: pictrs
    # we can set options to pictrs like this, here we set max. image size and forced format for conversion
    # entrypoint: /sbin/tini -- /usr/local/bin/pict-rs -p /mnt -m 4 --image-format webp
    environment:
      - PICTRS_OPENTELEMETRY_URL=http://otel:4137
      - PICTRS__API_KEY=API_KEY
      - RUST_LOG=debug
      - RUST_BACKTRACE=full
      - PICTRS__MEDIA__VIDEO_CODEC=vp9
      - PICTRS__MEDIA__GIF__MAX_WIDTH=256
      - PICTRS__MEDIA__GIF__MAX_HEIGHT=256
      - PICTRS__MEDIA__GIF__MAX_AREA=65536
      - PICTRS__MEDIA__GIF__MAX_FRAME_COUNT=400
    user: 991:991
    volumes:
      - ./volumes/pictrs:/mnt:Z
    restart: always
    logging: *default-logging

  postgres:
    image: postgres:15-alpine
    # this needs to match the database host in lemmy.hson
    # Tune your settings via
    # https://pgtune.leopard.in.ua/#/
    # You can use this technique to add them here
    # https://stackoverflow.com/a/30850095/1655478
    hostname: postgres
    command:
      [
        "postgres",
        "-c",
        "session_preload_libraries=auto_explain",
        "-c",
        "auto_explain.log_min_duration=5ms",
        "-c",
        "auto_explain.log_analyze=true",
        "-c",
        "track_activity_query_size=1048576",
      ]
    environment:
      - POSTGRES_USER=lemmy
      - POSTGRES_PASSWORD=password # Change with your password
      - POSTGRES_DB=lemmy
    volumes:
      - ./volumes/postgres:/var/lib/postgresql/data:Z
    restart: always
    logging: *default-logging

Reverse-proxy

For the final touch, we are going to setup Caddy, a reverse proxy with HTTPS support out of the box. You could use pretty much any reverse proxy you want, but I chose Caddy for its easy setup.

First, create a file nammed Caddyfile and write the following in it:

sub.domain.tld {
	reverse_proxy http://proxy:1236
}

Make sure to match your actual domain name.

Finally, update the docker-compose.yml file to add the following at the end (make sure that it's correctly tabulated)

  caddy:
    image: caddy:2.6.4
    restart: unless-stopped
    ports:
      - "80:80"
      - "443:443"
      - "443:443/udp"
    depends_on:
      - proxy
    volumes:
      - ./Caddyfile:/etc/caddy/Caddyfile:ro
      - caddy_data:/data
      - caddy_config:/config
volumes:
  caddy_data:
  caddy_config:

Launching the instance

Before starting the stack, we have a few things left to do:

  • Create the folders for pictrs and postgres to store their data: mkdir -p volumes/postgres volumes/pictrs
  • Change the owner of volumes/pictrs: sudo chown -R 991:991 pictrs

Finally, to start everything: docker compose up -d

[–] [email protected] 1 points 1 year ago

So, here's something that might work. I tested it on my local machine, up to Caddy but without HTTPS, but I'm confident it'll work once deployed on a server.

Prerequisites:

  • Server with Docker and docker-compose installed
  • Ports 80 and 443 open and directed at your server
  • A domain name pointing to your server

Setup

First, create a folder and download the following files:

Then, generate passwords for PostgreSQL and your admin user, store them somewhere safe.

Config changes

lemmy.hjson

You'll want to change the admin_username, admin_password and site_name to match your primary user's credentials and the name you want to give your instance.

Then, change hostname to match your domain name: if it is sub.domain.tld then it should read hostname: "sub.domain.tld".

The base config file does not have proper configuration for the database, so you'll have to edit the database field as follows with the password you previously created:

  database: {
    host: postgres
    database: "lemmy"
    user: "lemmy"
    password: "POSTGRES_PWD" # Change for your password
  }

Additionally, if you want to send emails for registration confirmation and password resets, add the following before the closing } and change to match your email provider configuration.

  email: {
      # Hostname and port of the smtp server
      smtp_server: "SMTP_SERVER"
      # Login name for smtp server
      smtp_login: "SMTP_LOGIN"
      # Password to login to the smtp server
      smtp_password: "SMTP_PASSWORD"
      # Address to send emails from, eg "[email protected]"
      smtp_from_address: "SMTP_LOGIN"
      # Whether or not smtp connections should use tls. Can be none, tls, or starttls
      tls_type: "starttls"
    }

docker-compose.yml

By default the compose file is meant to build a development version of Lemmy, we will change this by removing the blocks with build and uncomment those with image. Note: think to update the images to 0.18.2 since it fixes some vulnerabilities.

Also, since we will use a reverse proxy and I don't now if your server has a firewall, we should remove the ports blocks which are used to expose the services' ports on the host.

Finally, make sure to change the POSTGRES_PASSWORD field to match the PostgreSQL password you set in lemmy.hjson.

It should look something like that:

version: "3.7"

x-logging: &default-logging
  driver: "json-file"
  options:
    max-size: "50m"
    max-file: "4"

services:
  proxy:
    image: nginx:1-alpine
    volumes:
      - ./nginx.conf:/etc/nginx/nginx.conf:ro,Z
    restart: always
    depends_on:
      - pictrs
      - lemmy-ui
    logging: *default-logging

  lemmy:
    # use "image" to pull down an already compiled lemmy. make sure to comment out "build".
    image: dessalines/lemmy:0.18.2
    # platform: linux/x86_64 # no arm64 support. uncomment platform if using m1.
    # use "build" to build your local lemmy server image for development. make sure to comment out "image".
    # run: docker compose up --build

    # this hostname is used in nginx reverse proxy and also for lemmy ui to connect to the backend, do not change
    hostname: lemmy
    restart: always
    environment:
      - RUST_LOG="warn,lemmy_server=debug,lemmy_api=debug,lemmy_api_common=debug,lemmy_api_crud=debug,lemmy_apub=debug,lemmy_db_schema=debug,lemmy_db_views=debug,lemmy_db_views_actor=debug,lemmy_db_views_moderator=debug,lemmy_routes=debug,lemmy_utils=debug,lemmy_websocket=debug"
      - RUST_BACKTRACE=full
    volumes:
      - ./lemmy.hjson:/config/config.hjson:Z
    depends_on:
      - postgres
      - pictrs
    logging: *default-logging

  lemmy-ui:
    # use "image" to pull down an already compiled lemmy-ui. make sure to comment out "build".
    image: dessalines/lemmy-ui:0.18.2
    # platform: linux/x86_64 # no arm64 support. uncomment platform if using m1.
    # use "build" to build your local lemmy ui image for development. make sure to comment out "image".
    # run: docker compose up --build

    # build:
    #   context: ../../lemmy-ui # assuming lemmy-ui is cloned besides lemmy directory
    #   dockerfile: dev.dockerfile
    environment:
      # this needs to match the hostname defined in the lemmy service
      - LEMMY_UI_LEMMY_INTERNAL_HOST=lemmy:8536
      # set the outside hostname here
      - LEMMY_UI_LEMMY_EXTERNAL_HOST=localhost:1236
      - LEMMY_UI_HTTPS=false
      - LEMMY_UI_DEBUG=true
    depends_on:
      - lemmy
    restart: always
    logging: *default-logging
    init: true

  pictrs:
    image: asonix/pictrs:0.4.0-beta.19
    # this needs to match the pictrs url in lemmy.hjson
    hostname: pictrs
    # we can set options to pictrs like this, here we set max. image size and forced format for conversion
    # entrypoint: /sbin/tini -- /usr/local/bin/pict-rs -p /mnt -m 4 --image-format webp
    environment:
      - PICTRS_OPENTELEMETRY_URL=http://otel:4137
      - PICTRS__API_KEY=API_KEY
      - RUST_LOG=debug
      - RUST_BACKTRACE=full
      - PICTRS__MEDIA__VIDEO_CODEC=vp9
      - PICTRS__MEDIA__GIF__MAX_WIDTH=256
      - PICTRS__MEDIA__GIF__MAX_HEIGHT=256
      - PICTRS__MEDIA__GIF__MAX_AREA=65536
      - PICTRS__MEDIA__GIF__MAX_FRAME_COUNT=400
    user: 991:991
    volumes:
      - ./volumes/pictrs:/mnt:Z
    restart: always
    logging: *default-logging

  postgres:
    image: postgres:15-alpine
    # this needs to match the database host in lemmy.hson
    # Tune your settings via
    # https://pgtune.leopard.in.ua/#/
    # You can use this technique to add them here
    # https://stackoverflow.com/a/30850095/1655478
    hostname: postgres
    command:
      [
        "postgres",
        "-c",
        "session_preload_libraries=auto_explain",
        "-c",
        "auto_explain.log_min_duration=5ms",
        "-c",
        "auto_explain.log_analyze=true",
        "-c",
        "track_activity_query_size=1048576",
      ]
    environment:
      - POSTGRES_USER=lemmy
      - POSTGRES_PASSWORD=password # Change with your password
      - POSTGRES_DB=lemmy
    volumes:
      - ./volumes/postgres:/var/lib/postgresql/data:Z
    restart: always
    logging: *default-logging

Reverse-proxy

For the final touch, we are going to setup Caddy, a reverse proxy with HTTPS support out of the box. You could use pretty much any reverse proxy you want, but I chose Caddy for its easy setup.

First, create a file nammed Caddyfile and write the following in it:

sub.domain.tld {
	reverse_proxy http://proxy:1236
}

Make sure to match your actual domain name.

Finally, update the docker-compose.yml file to add the following at the end (make sure that it's correctly tabulated)

  caddy:
    image: caddy:2.6.4
    restart: unless-stopped
    ports:
      - "80:80"
      - "443:443"
      - "443:443/udp"
    depends_on:
      - proxy
    volumes:
      - ./Caddyfile:/etc/caddy/Caddyfile:ro
      - caddy_data:/data
      - caddy_config:/config
volumes:
  caddy_data:
  caddy_config:

Launching the instance

Before starting the stack, we have a few things left to do:

  • Create the folders for pictrs and postgres to store their data: mkdir -p volumes/postgres volumes/pictrs
  • Change the owner of volumes/pictrs: sudo chown -R 991:991 pictrs

Finally, to start everything: docker compose up -d

[–] [email protected] 1 points 1 year ago

Weird, my comment does not seem to be picked up by lemmy.world, even after deleting and re-submitting it 🤔

https://lemmy.blackeco.com/comment/150520

[–] [email protected] 1 points 1 year ago (1 children)

It doesn't tell you to actually run nginx, it assumes it will automatically run when installed. I don't know why, that sounds like dumb behaviour even if it were correct. You are right about the guides being trash.

I recommend getting used to package manager (apt, dpkg) and system daemon/init system (systemd - accessed via systemctl) and then ignoring that guide. Installing and running nginx isn't complex enough to warrant a guide; installing packages and running services, in general, are just. Configuring nginx, however... If you know the concepts, it's pretty easy. The concepts are hard.

[–] [email protected] 1 points 1 year ago

It doesn’t tell you to actually run nginx

That may be so, but the link that they give references a digital ocean guide that DOES (it's literally step 2). So, am I just ignoring that part? How do I figure out which parts of a guide should be followed and which ones shouldn't?

running nginx isn’t complex enough to warrant a guide

I haven't gotten it to work yet so I disagree.