How to Install Mastodon Using Docker on Alibaba Cloud ECS

Prerequisites

Setting Up Your Server

# sudo apt update && sudo apt upgrade
# sudo apt-get install software-properties-common -y
# sudo apt-get install apt-transport-https -y 
# sudo apt-get install ca-certificates -y
# sudo apt-get install curl -y

Install Docker CE and Docker Compose

# curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
# sudo apt-key fingerprint 0EBFCD88
# sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
# sudo apt update
# sudo apt install docker-ce
# sudo adduser aareez docker
# docker run hello-world
# sudo curl -L https://github.com/docker/compose/releases/download/1.21.2/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
# sudo chmod +x /usr/local/bin/docker-compose

Install Mastodon:

# git clone https://github.com/tootsuite/mastodon
# cd mastodon
# cp .env.production.sample .env.production
# docker-compose build
# SECRET_KEY_BASE=$(docker-compose run --rm web bundle exec rake secret)
# sed -i -e "s/SECRET_KEY_BASE=/&${SECRET_KEY_BASE}/" .env.production
# OTP_SECRET=$(docker-compose run --rm web bundle exec rake secret)
# sed -i -e "s/OTP_SECRET=/&${OTP_SECRET}/" .env.production
# PAPERCLIP_SECRET=$(docker-compose run --rm web bundle exec rake secret)
# sed -i -e "s/PAPERCLIP_SECRET=/&${PAPERCLIP_SECRET}/" .env.production
# sudo nano ~/mastodon/.env.production
# cd mastodon
# docker-compose build
# docker-compose run --rm web rails db:migrate
# docker-compose run --rm web rails assets:precompile
# docker-compose up -d

Install and Configure Nginx Server

# sudo apt-get install nginx
# sudo rm /etc/nginx/sites-available/default
# sudo rm /etc/nginx/sites-enabled/default
# sudo touch /etc/nginx/sites-available/mastodon
# sudo ln -s /etc/nginx/sites-available/mastodon /etc/nginx/sites-enabled/mastodon
# sudo nano /etc/nginx/sites-available/mastodon
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 80;
listen [::]:80;
server_name softpedia.xyz;
root /home/mastodon/live/public;
# Useful for Encrypt
location /.well-known/acme-challenge/ { allow all; }
location / { return 301 https://$host$request_uri; }
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name softpedia.xyz;
ssl_protocols TLSv1.2;
ssl_ciphers HIGH:!MEDIUM:!LOW:!aNULL:!NULL:!SHA;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_certificate /etc/letsencrypt/live/softpedia.xyz/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/softpedia.xyz/privkey.pem;
keepalive_timeout 70;
sendfile on;
client_max_body_size 80m;
root /home/mastodon/live/public; gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
add_header Strict-Transport-Security "max-age=31536000"; location / {
try_files $uri @proxy;
}
location ~ ^/(emoji|packs|system/accounts/avatars|system/media_attachments/files) {
add_header Cache-Control "public, max-age=31536000, immutable";
try_files $uri @proxy;
}

location /sw.js {
add_header Cache-Control "public, max-age=0";
try_files $uri @proxy;
}
location @proxy {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Proxy "";
proxy_pass_header Server;
proxy_pass http://127.0.0.1:3000;
proxy_buffering off;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
tcp_nodelay on;
}
location /api/v1/streaming {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Proxy "";
proxy_pass http://127.0.0.1:4000;
proxy_buffering off;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
tcp_nodelay on;
}
error_page 500 501 502 503 504 /500.html;
}

Install SSL Certificate:

# sudo apt-get update
# sudo apt-get install software-properties-common
# sudo add-apt-repository ppa:certbot/certbot
# sudo apt-get update
# sudo systemctl stop apache2
# sudo apt-get install python-certbot-apache
# sudo certbot --apache -d softpedia.xyz
# sudo systemctl start apache2

Original Source

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store