User Tools

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
services:lemmy [2025/01/27 19:32] willyservices:lemmy [2025/02/04 11:04] (current) willy
Line 1: Line 1:
 ====== Lemmy ====== ====== Lemmy ======
  
-[[https://join-lemmy.org|Lemmy]] ...+[[https://join-lemmy.org|Lemmy]] Lemmy is the [[https://en.wikipedia.org/wiki/Fediverse|Fediverse]] response to the //reddit like// social media, but of course, federatedWhat't not to like? And isn't it the best opportunity to self-host for your personal use and have your own Lemmy instance?
  
-Please note that Lemmy requires a dedicated subdomain that cannot be changed afterward, because that is the unique identifier of your instance.+Luckly, it's pretty easy to self-host and it seems not to require many resources, so far. 
 + 
 +**Note:** Lemmy requires a __dedicated subdomain__ that cannot be changed afterward, because that is the unique identifier of your instance.
  
  
 ==== Installation ==== ==== Installation ====
  
-Following [[https://join-lemmy.org/docs/administration/install_docker.html|this guide]].+I suggest you follow [[https://join-lemmy.org/docs/administration/install_docker.html|this guide]], which was my base, taking into consideration my following notes and detailed steps.
  
-Create the usual dedicated user. Also, all data needs to be located in a dedicated folder that will be **/data/lemmy**:+First of all, create the usual dedicated user. You alsoi need to create the data folder where all data needs to be located. As usual in my setup, the daemon folder will be **/data/daemons/lemmy** and the data folder will be **/data/lemmy**:
 <code> <code>
 useradd -d /data/daemons/lemmy -m lemmy useradd -d /data/daemons/lemmy -m lemmy
Line 16: Line 18:
 mkdir /data/lemmy/pictr mkdir /data/lemmy/pictr
 chown lemmy:lemmy /data/lemmy -R chown lemmy:lemmy /data/lemmy -R
-chmod o+w /data/lemmy/pictr  # need to be improved in the future+chmod o+w /data/lemmy/pictr  
 </code> </code>
  
-There are four files that you need to edit, download the raw ones:+The **/data/lemmy/pictr** folder needs to exist but needs also be writable by //others// at this time because it will be populated by a subuid linked to the lemmy user, you can then change it's ownership and permissions after the first usccessfull start with the following commands __as root__: 
 +<code bash> 
 +cd /data/lemmy 
 +ls -l pictrs 
 +# Now grab the UID and GID of the files inside the pictrs folder and use them for the following command: 
 +chown UID:GIR -R pictrs 
 +chmod o-w pictrs -R 
 +</code> 
 + 
 +There are five files that you need to edit, download the raw ones:
 <code bash> <code bash>
 su - lemmy su - lemmy
Line 28: Line 39:
 wget https://raw.githubusercontent.com/LemmyNet/lemmy-docs/main/assets/docker-compose.yml wget https://raw.githubusercontent.com/LemmyNet/lemmy-docs/main/assets/docker-compose.yml
 </code> </code>
 +Please pay attention that you moved the files to **/data/lemmy** and not in the same folder of the docker-compose.yml file (this is different from the above linked guide).
 +
 +Here are some notes on editing them, start with the guide linked above, then follow my notes.
 +
 +=== lemmy.hjson ===
 +
 +This contains critical setup for your Lemmy instance:
 +<file - lemmy.hjson>
 +{
 +  database: {
 +    host: postgres
 +    password: "<< here your custom database password >>"
 +  }
 +  hostname: "lemmy.mydomain.com" # DO NOT put "https://" here!
 +  pictrs: {
 +    url: "http://pictrs:8080/"
 +    api_key: "<< here your custom database password >>"
 +  }
 +  email: {
 +    smtp_server: "postfix:25"
 +    smtp_from_address: "noreply@lemmy.mydomain.eu" 
 +    tls_type: "none"
 +  }
 +}
 +</file>
 +
 +You could edit the email section and enable your own email server, if you have one, to get a better chance of your lemmy emails to reach users.
 +
 +=== nginx_internal.conf ===
 +
 +This is the Lemmy internal NGINX web server setup. You need this even if you will be slapping an additional NGINX reverse proxy in front of it.
 +
 +There is only one line to edit here, which is the internal resolver address:
 +<code>
 +    resolver  10.89.0.1 valid=5s;
 +</code>
 +
 +This is important, because this internal NGINX will need to resolve the other containers by name, and this can be achieved by enabling Podman internal name resolutions for the //lemmy-net//. Podman internal name resolution is disabled by default and need to be enabled in the docker-compose.yml like this:
 +<code>
 +networks:
 +  lemmy-net:
 +    dns_enabled: true 
 +</code>
 +
 +Differently from docker, in podman the internal resolver address is **10.89.0.1**.
 +
 +=== proxy_params ===
 +
 +This file doesn't need to be modified.
 +
 +
 +=== customPostgresql.conf ===
 +
 +This file contains specific PostgreSQL setup to fine-tune the database to your hardware capabilties. Go to [[https://pgtune.leopard.in.ua/|this page]] to generate it's content based on your server specs. I suggest you downplay a bit your specs when you input them in the page. This will create a more conservative configuration, to play better with other shared services on your server.
 +
 +Yes, in other words, you can discard the content of the original downloaded file and replace it with the one generated by the page linked in this paragraph.
  
-then edit the first three files following the guide linked above.  
-Please pay attention that you moved the files to **/data/lemmy** and not in the same folder of the docker-compose.yml file. 
  
-For the **nginx_internal.conf** you need to specify **10.89.0.1** as //resolver//, since this is the one used by podman, and the above linked guide is for docker.+=== docker-compose.yml ===
  
-I will post here my docker-compose.yml since it'the one that gets the most edits:+This is the most critical fileThe following is derived from the one linked above, but i have done a few podman specific editings, noted below:
 <file - docker-compose.yml> <file - docker-compose.yml>
 x-logging: &default-logging x-logging: &default-logging
Line 46: Line 111:
     image: nginx:1-alpine     image: nginx:1-alpine
     ports:     ports:
-      # Listen for outside connections on port 10633. You can freely change the left-side +      - "10633:8536"  # Choose an available port on your server!
-      # number to a different port, eg using port 80 if you don't need a reverse proxy. +
-      - "10633:8536"+
     volumes:     volumes:
       - /data/lemmy/nginx_internal.conf:/etc/nginx/nginx.conf:ro,Z       - /data/lemmy/nginx_internal.conf:/etc/nginx/nginx.conf:ro,Z
Line 86: Line 149:
   pictrs:   pictrs:
     image: asonix/pictrs:0.5.16     image: asonix/pictrs:0.5.16
-    # this needs to match the pictrs url in lemmy.hjson 
     hostname: pictrs     hostname: pictrs
-    # we can set options to pictrs like this, here we set max. image size and forced format for conversion 
-    # entrypoint: /sbin/tini -- /usr/local/bin/pict-rs -p /mnt -m 4 --image-format webp 
     environment:     environment:
       - PICTRS_OPENTELEMETRY_URL=http://otel:4137       - PICTRS_OPENTELEMETRY_URL=http://otel:4137
Line 98: Line 158:
       - PICTRS__MEDIA__ANIMATION__MAX_HEIGHT=256       - PICTRS__MEDIA__ANIMATION__MAX_HEIGHT=256
       - PICTRS__MEDIA__ANIMATION__MAX_FRAME_COUNT=400       - PICTRS__MEDIA__ANIMATION__MAX_FRAME_COUNT=400
-    user: 991:991+    user: 991:991 # This 991 will be used to define the UID:GID you need to set ownership of the folder to, as stated above...
     volumes:     volumes:
-      - /data/lemmy/pictrs:/mnt:Z+      - /data/lemmy/pictrs:/mnt:# this is the folder of which you need to set ownership. This folder must exist before first launch
     restart: always     restart: always
     logging: *default-logging     logging: *default-logging
Line 111: Line 171:
     environment:     environment:
       - POSTGRES_USER=lemmy       - POSTGRES_USER=lemmy
-      - POSTGRES_PASSWORD=<< here your lemmy postgres password >>+      - POSTGRES_PASSWORD=<< here your lemmy postgres password >> # the same as in the lemmy hjson above
       - POSTGRES_DB=lemmy       - POSTGRES_DB=lemmy
     shm_size: 1g     shm_size: 1g
Line 125: Line 185:
     image: mwader/postfix-relay     image: mwader/postfix-relay
     environment:     environment:
-      - POSTFIX_myhostname="https://lemmy.mydomain.com"+      - POSTFIX_myhostname="lemmy.mydomain.com" # DO NOT put the "https://" here
     restart: "always"     restart: "always"
     logging: *default-logging     logging: *default-logging
Line 133: Line 193:
 networks: networks:
   lemmy-net:   lemmy-net:
-    dns_enabled: true # this is very important!+    dns_enabled: true # this is very important for the internal proxy
 </file> </file>
-Please note that this compose file is a bit different from the original one. Note the network, which enabled DNS internal name resolver, which is disabled by default in podman but needs to be enabled for the proxy to work. Also note that the //depends// lines have been changed a bit from the docker original example. 
  
 +Please also note that the //depends// lines have been changed a bit from the docker original example, maybe due to some podman differences. 
  
-Last, edit the **customPostgresql.conf** with the output generated from [[https://pgtune.leopard.in.ua/|this page]].+**Note:** first startup might fail because the postgress image takes too long to create the daabase and the lemmy image failsIn this case, just wait until it's done, stop it and restart it.
  
-Now pull it:+Now pull the images:
 <code bash> <code bash>
 podman compose pull podman compose pull
Line 189: Line 249:
     add_header X-Frame-Options "DENY";     add_header X-Frame-Options "DENY";
     add_header X-XSS-Protection "1; mode=block";     add_header X-XSS-Protection "1; mode=block";
 +
 +    access_log /var/log/nginx/lemmy.mydomain.com_access_log main;
 +    error_log /var/log/nginx/lemmy.mydomain.com_error_log info;
  
     location / {     location / {
Line 224: Line 287:
 rc-service user-containers.lemmy start rc-service user-containers.lemmy start
 </code> </code>
 +
 +
 +==== Usage Notes ====
 +
 +A few notes and hints i learned after setting everything up and running.
 +
 +  * Federation takes hours. Expect at least half day / one day for your new instance to propagate the fediverse and start being picked up by other lemmy instances. At least a few hours. Manually forcing specified instances by searching for communities on them will speed this up a bit, but not too much.
 +
 +  * Registering new users will just popup a notification in your admin panel, you will need to go there and accept them. At first i was expecting an email in my inbox (a real email), but i doesnt happen. At the same time, i strongly suggest you don't allow open registrations for legal issues and such.
 +
 +  * You might want to head to [[https://gui.fediseer.com|fediseer.com]] to register your instance. Just type your instance name and admin name, and you will receive an API key in your inbox. Place the key back into the website and your instance will be stored. You can then ask for a guarantee from other instances and provide your own to others.
 +
  

This website uses technical cookies only. No information is shared with anybody or used in any way but provide the website in your browser.

More information