2019-03-28 10:46:30 -06:00
# Installing on NetBSD
2021-06-11 00:43:36 -06:00
{! backend/installation/generic_dependencies.include !}
## Installing software used in this guide
2019-03-28 10:46:30 -06:00
pkgin should have been installed by the NetBSD installer if you selected
the right options. If it isn't installed, install it using pkg_add.
Note that `postgresql11-contrib` is needed for the Postgres extensions
Pleroma uses.
The `mksh` shell is needed to run the Elixir `mix` script.
2020-09-24 09:02:50 -06:00
`# pkgin install acmesh elixir git-base git-docs mksh nginx postgresql11-server postgresql11-client postgresql11-contrib sudo ffmpeg4 ImageMagick`
2019-03-28 10:46:30 -06:00
You can also build these packages using pkgsrc:
```
databases/postgresql11-contrib
databases/postgresql11-client
databases/postgresql11-server
devel/git-base
devel/git-docs
2020-08-10 07:24:45 -06:00
devel/cmake
2019-03-28 10:46:30 -06:00
lang/elixir
security/acmesh
security/sudo
shells/mksh
www/nginx
```
Copy the rc.d scripts to the right directory:
```
# cp /usr/pkg/share/examples/rc.d/nginx /usr/pkg/share/examples/rc.d/pgsql /etc/rc.d
```
Add nginx and Postgres to `/etc/rc.conf` :
```
nginx=YES
pgsql=YES
```
## Configuring postgres
First, run `# /etc/rc.d/pgsql start` . Then, `$ sudo -Hu pgsql -g pgsql createdb` .
2021-01-10 01:25:36 -07:00
### Install media / graphics packages (optional, see [`docs/installation/optional/media_graphics_packages.md`](../installation/optional/media_graphics_packages.md))
2020-09-26 10:32:16 -06:00
`# pkgin install ImageMagick ffmpeg4 p5-Image-ExifTool`
2019-03-28 10:46:30 -06:00
## Configuring Pleroma
Create a user for Pleroma:
```
# groupadd pleroma
# useradd -d /home/pleroma -m -g pleroma -s /usr/pkg/bin/mksh pleroma
# echo 'export LC_ALL="en_GB.UTF-8"' >> /home/pleroma/.profile
# su -l pleroma -c $SHELL
```
Clone the repository:
```
$ cd /home/pleroma
2019-10-14 09:38:51 -06:00
$ git clone -b stable https://git.pleroma.social/pleroma/pleroma.git
2019-03-28 10:46:30 -06:00
```
Configure Pleroma. Note that you need a domain name at this point:
```
$ cd /home/pleroma/pleroma
$ mix deps.get
2021-05-16 11:20:20 -06:00
$ MIX_ENV=prod mix pleroma.instance gen # You will be asked a few questions here.
2019-03-28 10:46:30 -06:00
```
Since Postgres is configured, we can now initialize the database. There should
now be a file in `config/setup_db.psql` that makes this easier. Edit it, and
*change the password* to a password of your choice. Make sure it is secure, since
it'll be protecting your database. Now initialize the database:
```
$ sudo -Hu pgsql -g pgsql psql -f config/setup_db.psql
```
Postgres allows connections from all users without a password by default. To
fix this, edit `/usr/pkg/pgsql/data/pg_hba.conf` . Change every `trust` to
`password` .
Once this is done, restart Postgres with `# /etc/rc.d/pgsql restart` .
Run the database migrations.
You will need to do this whenever you update with `git pull` :
```
$ MIX_ENV=prod mix ecto.migrate
```
## Configuring nginx
Install the example configuration file
`/home/pleroma/pleroma/installation/pleroma.nginx` to
`/usr/pkg/etc/nginx.conf` .
Note that it will need to be wrapped in a `http {}` block. You should add
settings for the nginx daemon outside of the http block, for example:
```
user nginx nginx;
error_log /var/log/nginx/error.log;
worker_processes 4;
events {
}
```
Edit the defaults:
* Change `ssl_certificate` and `ssl_trusted_certificate` to
`/etc/nginx/tls/fullchain` .
* Change `ssl_certificate_key` to `/etc/nginx/tls/key` .
* Change `example.tld` to your instance's domain name.
2023-05-26 18:57:22 -06:00
### (Strongly recommended) serve media on another domain
Refer to the [Hardening your instance ](../configuration/hardening.md ) document on how to serve media on another domain. We STRONGLY RECOMMEND you to do this to minimize attack vectors.
2019-03-28 10:46:30 -06:00
## Configuring acme.sh
We'll be using acme.sh in Stateless Mode for TLS certificate renewal.
First, get your account fingerprint:
```
$ sudo -Hu nginx -g nginx acme.sh --register-account
```
You need to add the following to your nginx configuration for the server
running on port 80:
```
location ~ ^/\.well-known/acme-challenge/([-_a-zA-Z0-9]+)$ {
default_type text/plain;
return 200 "$1.6fXAG9VyG0IahirPEU2ZerUtItW2DHzDzD9wZaEKpqd";
}
```
Replace the string after after `$1.` with your fingerprint.
Start nginx:
```
# /etc/rc.d/nginx start
```
It should now be possible to issue a cert (replace `example.com`
with your domain name):
```
$ sudo -Hu nginx -g nginx acme.sh --issue -d example.com --stateless
```
Let's add auto-renewal to `/etc/daily.local`
(replace `example.com` with your domain):
```
/usr/pkg/bin/sudo -Hu nginx -g nginx \
/usr/pkg/sbin/acme.sh -r \
-d example.com \
--cert-file /etc/nginx/tls/cert \
--key-file /etc/nginx/tls/key \
--ca-file /etc/nginx/tls/ca \
--fullchain-file /etc/nginx/tls/fullchain \
--stateless
```
## Creating a startup script for Pleroma
Copy the startup script to the correct location and make sure it's executable:
```
# cp /home/pleroma/pleroma/installation/netbsd/rc.d/pleroma /etc/rc.d/pleroma
# chmod +x /etc/rc.d/pleroma
```
Add the following to `/etc/rc.conf` :
```
pleroma=YES
pleroma_home="/home/pleroma"
pleroma_user="pleroma"
```
Run `# /etc/rc.d/pleroma start` to start Pleroma.
## Conclusion
Restart nginx with `# /etc/rc.d/nginx restart` and you should be up and running.
Make sure your time is in sync, or other instances will receive your posts with
incorrect timestamps. You should have ntpd running.
## Instances running NetBSD
* < https: // catgirl . science >
2020-06-22 03:41:22 -06:00
#### Further reading
{! backend/installation/further_reading.include !}
## Questions
2021-05-25 22:14:45 -06:00
Questions about the installation or didn’ t it work as it should be, ask in [#pleroma:libera.chat ](https://matrix.to/#/#pleroma:libera.chat ) via Matrix or ** #pleroma ** on **libera.chat** via IRC.