ubergeek77Having trouble deploying Lemmy? Try my new script! Get up and running in minutes!
MigratingtoLemmyThanks, this looks really nice. Bookmarked :)
YolkLiterally been thinking about this so thank you beautiful brained individual. Would you mind if I shouted this in the YSK group?
Thank you very much for the kind words!
Please be my guest! It would make me happy to know this was helping people join Lemmy!
CaptainApatheticI just made a post about having issues with getting a fully functional instance so I think I'm gonna give this a try.
I hope it works out for you!
Quick note: For email, pretty much every VPS provider out there blocks port 25, which is needed for emails to send. They do this to prevent spam emails from being sent en-masse from their servers. This is likely why your Ansible installation is not sending emails.
Since it's uncommon for servers to support email, this script disables it by default. If your provider supports port 25 (or you get approved to use it, some VPS providers allow you to request access), check config.env and set USE_EMAIL to true. This will set up everything you need for email.
I haven't been able to test email, so let me know how it works if you do! This doesn't do any of the DNS verification some email provders require, so your emails might be sent to spam. Lemmy doesn't really have documentation about how to set this up properly. If someone makes guidelines for this, I can update my project to do that automatically as well.
HorseFDIs this easier than the Ansible deployment? That was very straight forward if you’re running a system with apt.
I am biased, but I would say yes, it is. There is only one config file to manage in my project, whereas the Ansible config has three separate config files the user needs to copy and edit.
You also need* a different system with Ansible installed to actually run the playbook, since Ansible needs to connect to your server to run it. That is an extra installation step, on top of needing some way to ensure Ansible has the right SSH credentials to connect.
*_you can tell Ansible to connect to localhost, but this is not supported and a beginner wouldn't know to do this.
There is nothing wrong with the playbook though! I just thought beginners might be a bit intimidated by it, and the dependency on apt is a bit of a bummer.
thanks, it looks good. The biggest plus it that it doesn’t rely on a Debian based system.
I will definitely try this out. I already have my domain and SSL certificate. This will work on linode right?
It will work on pretty much anything that has a public IP and a domain pointing to that IP. The only thing that won't work "out of the box" for most users is email, as most VPS providers block port 25. If you've requested access to port 25 and have been approved to use it, you can edit config.env to turn on the email service.
As for your SSL certificate, unfortunately this does not support importing your own certificate. It's made for beginners, after all :p
But there should be no problems with Caddy simply requesting a new one for you!
netburnrEmail is vital to lemmy working. Saying this works without mail config is just silly.
I'm not sure what you mean? Most people are just self hosting instances for themselves, where email isn't needed. My instance doesn't have an email service.
And as I explained, if email is something you want, I support this, and I give you an easy option to turn it on. It's not the default because there is not a public VPS host out there that lets you use port 25 without special approval.
Email config is needed for lost passwords. It's also needed for account verification, if you run without verification you could easily become a place for people to abuse other servers and get yourself defederated.
Many web hosts have poisoned mail IPs, so setting up with a smtp config to a well known site server is required if you want your emails to be delivered.
Don't lose your passwords and leave closed registration so only people you actually want on your instance are on it. You absolutely do not need email.
You can't have the checkbox for federation and private, the server will crash and tell you that in the lemmy log. Had that happen when I did thy to setup without email the first time.
Weird. I used this script with no working email. How's it going from my private instance that is federated?
"Private instance" and "disable registration" are not the same thing. There are separate options for both. It is possible to run a federated single-user instance with registrations disabled. That's how I run mine.
Private and federation are mutually exclusive concepts. Private instances are ones that intentionally don’t federate - like a private company community that’s locked to their intranet. For self hosted Lemmy instances you just need to close registration. Then since no one can apply, the only use case for email becomes the Forgot Password button for if you forget your password and at that point you’re better served with a password manager.
And that is why I don't advertise this as supporting email out of the box, and why it's an advanced option without any support from me. The embedded postfix server is part of the official Docker Compose deployment from upstream Lemmy, and that is what this is modeled after. That is as far as I go on email support.
If you would like to improve this script by adding support for more robust and secure email systems, I would be happy if you submitted a PR to do just that :)
I think I have successfully got the server running on my linode.
I'm glad to hear that! Thanks for letting me know, it's nice to hear people were able to use my script to get up and running :)
Once I got it up and running, I had to figure out how to get my domain to redirect to it. Now I just gave to figure out how to start federating with other instances.
If your instance is fully reachable from the public, all you have to do is search for the community you want to federate with in your search bar. For example, if you wanted to federate with and subscribe to this community, put this in your search bar, then hit search:
https://lemmy.world/c/selfhosted
It works for kbin communities too!
You might see some people say to search it like [email protected], but I have way more success with doing it like that. After you've done that, you can click on Communities at the top of your instance's page, click the All tab, then start subscribing with some of them.
It will only start pulling "new" data though, you won't get days or week old posts like this. But, if there is something you want to see/comment on from your instance, you can put the direct link to any post, comment, or user into your instance's search bar, to make it "aware" of that post/comment/user. Then you can just interact like normal.
Welcome to the self-hosted Fediverse!
BlueÆtherThrew an error:
Creating lemmy-easy-deploy_pictrs_1 ... Creating lemmy-easy-deploy_postgres_1 ... error
ERROR: for lemmy-easy-deploy_postgres_1 Cannot start service postgres: failed to create task for container: failed to create shim task: OCI runtime create failed: runc cr Creating lemmy-easy-deploy_pictrs_1 ... error: permission denied: unknown
Does your user have permission to use Docker? You could try running the script as root and seeing if that helps?
Is there any other info about your system that you can provide? For example, are you using a non-standard OCI runtime, such as podman? I've added detection for podman-compose in the script, but I haven't tested it yet. If you're using something like that, you'll need to ensure all the permissions are set up correctly.
Shouldn't be anything odd, I had used the ansible script but had run the install from that.
From a quick Google search, it looks like there may have been a bug in the Docker engine a few months ago that might cause this. If possible, please update your Docker engine.
If the issue still occurs, unfortunately this is a core Docker engine/Docker Compose issue, and outside of my ability to fix :(
Re-installed docker-compose for different source and worked
Docker Compose is just a frontend script for Docker, it doesn't provide the engine. Is it possible you don't have Docker itself installed? I will add an additional check to my script to guide users into making sure Docker is installed.
Regardless of if you have Docker installed or not, if you are on Ubuntu, the Ubuntu version of Docker is usually several versions out of date. I recommend following this guide to help you uninstall everything Docker related from your system, then reinstalling the most stable and up to date version of Docker.
https://docs.docker.com/engine/install/ubuntu/
After doing this, reboot your server, then try again. Make sure you can run:
docker run hello-world
If that errors too, then unfortunately there is not a lot I can do to help you. But hopefully reinstalling from the official Docker sources works for you.
If you aren't on Ubuntu, you can get specific instructions for different distributions directly on this page:
https://docs.docker.com/engine/install/
For the guide you're following, you should be sure to follow the "Uninstall old versions" part, then proceed with the rest of the commands on the page.
It looks like I had to enable nesting in proxmox
Looks great my dude.
If you expanded out the environment variables a ton, making it more customizable, (with default values in place of couse) this could appeal to a huge range of people.
If you expanded out the environment variables a ton, making it more customizable, (with default values in place of couse) this could appeal to a huge range of people.
Can you explain? I provide an interface for everything available in lemmy.hjson, so I am not sure what else I would add.
I will note though, this is primarily intended for beginners. More advanced users would probably prefer to manage this on their own with Docker Compose, and those people will be very well versed in messing with the environment variables and all that.
If there are variables you want to pass in, you can simply edit docker-compose.yml.template to import an env_file, that way you can pass anything you want into the container.
neetlyAs someone who spent hours figuring out how to deploy through Ansible, how dare you ~/s~ But seriously thank you for putting in the work to make creating an instance more attainable for people.
What was difficult about ansible? The 4 step instructions worked perfectly for me.
I'm just a novice hobbyist (the only server I've put together was a homebridge server years ago) so the learning curve for this was relatively high putting together a VPS, setting up ssh, learning how to properly configure, and there were some errors when running the playbook I had to slowly figure out. Honestly though once it was all done, I thought "man, that was actually pretty easy" and I learned a lot so that was really cool
As someone who spent hours figuring out how to deploy through Ansible, how dare you ~/s~ But seriously thank you for putting in the work to make creating an instance more attainable for people.
MarxineYou kind Sir/Lady/Gentleperson are making the fediverse a better place with this help. Thanks a bunch, gonna definitely ease my attempts at eventually self-hosting!
Wow, I'll definitely look into this, thanks! Even if I don't use it, it still may be useful just reading through it.
falcon15500Looks really good. I did it pretty much the same way, myself - but if I were looking to start again, I would definitely use this.
Zach Were you able to get AWS to open port 25 for smtp support?
I didn't bother, as I was just testing. But you are right, port 25 outbound is blocked by default. They have a defined process for you to ask for it to be unblocked and you have to tell them what you are using it for and how you are preventing spam from being sent. In this case it might be enough to say that you aren't allowing port 25 inbound, so it can't be used as an open relay.
Yeah, I tried and failed. They denied it and told me to use SES lol.
Whatever haha
I am not 100% surprised they refuse to do it for new accounts. If you have an account that has been with them for a while, they most likely would open it.
Problem with SES is that you start sandboxed and can only deliver to specific email addresses - which obviously won't work here.
Yeah maybe, i've had my account for a few years but who knows.
If i decide do use email i'll just make an smtp mail server on my homelab
Nice! Looks like it even has update checker as well. Is there any reason why
pictrs is not included in the update checker and hardcoded to version 0.3.1?
(The Lemmy maintainers themselves seem to lock it at 0.3.1)[https://github.com/LemmyNet/lemmy/blob/1386039eceb5f49bcb3e060462f923c0d56b8721/docker/prod/docker-compose.yml#L60], and I wanted to maintain parity with their deployment. I know pictrs is up to at least 0.3.3, and has a release candidate for 0.4, but upstream Lemmy uses 0.3.1 for whatever reason, so that's why I lock it there.
It's excluded from the update checker because I don't have a stable way to check what version upstream is using. The Lemmy update checker just checks to see what the latest tag on LemmyNet/lemmy. I could try and pull the latest Gitea tag for pictrs, but since upstream Lemmy isn't using the latest version, that's not really an option as something might break.
I considered trying to parse their docker-compose.yml file to see what version they use, but they seem to be restructuring their docker folder right now. The folder in main is completely different from the one tagged 0.17.4. If I assume a certain directory path for that file for every version after this, but they move it, my script will break. Sadly, until their Docker deployment files seem like they're going unchanged for a good few versions, I'll have to do it manually for now.
I see, looks like it's a correct decision to me. Let the Lemmy developers worry about which version of pictrs to use.
KirYou are helping the whole community! Thank you, I will give a try to it, since I'm quite new in self-hosted platform!
untilyouarrivedI'm relatively competent installing server software, but the Lemmy instructions completely flummoxed me. Their docker instructions just don't work.
I ended up using the ansible docker scripts and filling out the blanks because I'm unfamiliar with ansible.
If this is as good as it sounds, you're doing everyone a massive favour.
cwagnerSame, I keep getting new errors every step of the way with the ansible setup. And that’s for an install on a pristine server, can’t imagine someone trying to use it on a server with other things installed. I’ll give this a try.
Ted Ward@ubergeek77 I will have to give this a go next week. Thanks for putting this together for the less technically gifted.
kunaDo I understand it correctly that this script only works if it can set up it's own Caddy, and if I already run nginx to reverse proxy stuff on my server, then this isn't for me?
You can try changing the ports in
docker-compose.yml.template. I just use Caddy in this because its HTTPS convenience is hard to beat!
Thanks!
So stupid question - how do you shut them down? Docker compose down or stop don't seem to work.
Also, as an intermediate (spoiled Unraid) user, if I'm behind nginx proxy manager with custom ports do I just change 80 and 443 in the lemmy docker-compose? I'm doing this in a Debian VM.
I'll add some better instructions for this to the readme.
You can do any Docker compose commands by changing to the ./live folder, then running:
docker compose -p lemmy-easy-deploy <command>
can be whatever Docker Compose supports, up,down,ps, etc.
I don't have config options for the ports, but you can just change them in docker-compose.yml.template to change what they're listening on. As long as yourdomain.com:80 is reachable from the public, it shouldn't matter what routing shenanigans are going on behind it.
Use docker commands
What adjustments I need to do to run this locally (in my LAN) just for testing?
I haven't tested a local only use case, but you can probably set these options in config.env
- Set
LEMMY_HOSTNAMEtolocalhost - Set
CADDY_DISABLE_TLStotrue - Set
TLS_ENABLEDtofalse
This will disable any HTTPS certificate generation and only run Lemmy on port 80. I don't know if Caddy or Lemmy will act weird if the hostname is localhost, but this should work for you. Let me know if it doesn't.