Hier landen Infos zur Installation, zum laufenden Betrieb und zur Administration der neuen Mastodon Instanz
Es ist geplant, diese Instanz auf die Domäne esslingen.social zu verlegen.
Basis Setup - dockerized
-
Docker Setup https://gist.github.com/melroy89/6fe7d05bdc0cfd2153b77310abf62990
-
From Source https://docs.joinmastodon.org/admin/install/:
Weitere Doku
-
https://blog.vyvojari.dev:4438/mastodon-behind-a-reverse-proxy-without-ssl-https/
-
https://wersdoerfer.de/blogs/ephes_blog/til-setting-up-a-mastodon-instance/
-
https://goneuland.de/mastodon-mit-docker-und-traefik-installieren/
-
https://du.nkel.dev/blog/2023-12-12_mastodon-docker-rootless/
Initialer Setup
Erzeugt die Werte für die Umgebungsvariablen in .env.production
docker run -it --rm tootsuite/mastodon bundle exec rake mastodon:setup
.env.production
Federation
# ----------
# This identifies your server and cannot be changed safely later
# ----------
LOCAL_DOMAIN=esslingen.social
# Redis
# -----
REDIS_HOST=x.x.x.x
REDIS_PORT=6379
REDIS_PASSWORD=xxxx
# PostgreSQL
# ----------
DB_HOST=x.x.x.x
DB_USER=mastodon
DB_NAME=mastodon
DB_PASS=xxxx
DB_PORT=5432
# Elasticsearch (optional)
# ------------------------
ES_ENABLED=true
ES_HOST=localhost
ES_PORT=9200
# Authentication for ES (optional)
ES_USER=elastic
ES_PASS=password
# Secrets
# -------
# Make sure to use `bundle exec rails secret` to generate secrets
# -------
SECRET_KEY_BASE=
SMTP_FROM_ADDRESS=noreply@netzwissen.de
# File storage (optional)
# -----------------------
S3_ENABLED=false
S3_BUCKET=files.example.com
AWS_ACCESS_KEY_ID=
AWS_SECRET_ACCESS_KEY=
S3_ALIAS_HOST=files.example.com
# Optional list of hosts that are allowed to serve media for your instance
# EXTRA_MEDIA_HOSTS=https://data.example1.com,https://data.example2.com
# IP and session retention
# -----------------------
# Make sure to modify the scheduling of ip_cleanup_scheduler in config/sidekiq.yml
# to be less than daily if you lower IP_RETENTION_PERIOD below two days (172800).
# -----------------------
IP_RETENTION_PERIOD=xxxxxxxxxxx
SESSION_RETENTION_PERIOD=xxxxxxxxxxx
Docker Networks
docker-compose: lsitening IPs/ports einstellen, default ist locahost
NETWORK ID NAME DRIVER SCOPE
cf14c65aa61c bridge bridge local
ed8f3249aa2b gitea_default bridge local
7311abb900d2 host host local
d7bad067f715 mastodon_external_network bridge local
03653e915e6d mastodon_internal_network bridge local
400c8847417e none null local
root@docker1:/etc/docker/mastodon#
Secret Base
Secrets nicht nachträglich ändern!
To generate keys for SECRET_KEY_BASE & OTP_SECRET run
docker run --rm -it --entrypoint /bin/bash lscr.io/linuxserver/mastodon:latest generate-secret
once for each.
More Secrets
Run bin/rails db:encryption:init to generate new secrets and then assign the environment variables
.
web-1 | Do not change the secrets once they are set, as doing so may cause data loss and other issues that w
ill be difficult or impossible to recover from.
web-1 | [7] ! Unable to load application: SystemExit:
web-1 | Mastodon now requires that these variables are set:
web-1 |
web-1 | - ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY
web-1 | - ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT
web-1 | - ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY
web-1 |
.
Add the following secret environment variables to your Mastodon environment (e.g. .env.production), ensure they are shared across all your nodes and do not change them after they are set:
ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Web Push
Generate with bundle exec rails mastodon:webpush:generate_vapid_key
VAPID_PRIVATE_KEY=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
VAPID_PUBLIC_KEY=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Datenbank neu erstellen
Die Postgres Datenbank wird in diesem Fall extern auf einer anderen VM angelegt und nicht -wie im Standardfall- in einem lokalen Container. Nur mit diesem Schalter in der .env.production kann die Datenbank komplett überschreiben werden
# for destructive recreation of database
DISABLE_DATABASE_ENVIRONMENT_CHECK=1
docker run -it --rm tootsuite/mastodon bundle exec rake mastodon:setup
Did you not create the database, or did you delete it? To create the database, run:
sidekiq-1 |
sidekiq-1 | bin/rails db:create
Tootctl
https://docs.joinmastodon.org/admin/tootctl/
Einsteig in den Container mit docker exec -t -i 66b766aa9853 /bin/bash
mastodon@66b766aa9853:~$ bin/tootctl
Commands:
tootctl accounts SUBCOMMAND ...ARGS # Manage accounts
tootctl cache SUBCOMMAND ...ARGS # Manage cache
tootctl canonical_email_blocks SUBCOMMAND ...ARGS # Manage canonical e-mail blocks
tootctl domains SUBCOMMAND ...ARGS # Manage account domains
tootctl email_domain_blocks SUBCOMMAND ...ARGS # Manage e-mail domain blocks
tootctl emoji SUBCOMMAND ...ARGS # Manage custom emoji
tootctl feeds SUBCOMMAND ...ARGS # Manage feeds
tootctl help [COMMAND] # Describe available commands or one specific command
tootctl ip_blocks SUBCOMMAND ...ARGS # Manage IP blocks
tootctl maintenance SUBCOMMAND ...ARGS # Various maintenance utilities
tootctl media SUBCOMMAND ...ARGS # Manage media files
tootctl preview_cards SUBCOMMAND ...ARGS # Manage preview cards
tootctl search SUBCOMMAND ...ARGS # Manage the search engine
tootctl self-destruct # Erase the server from the federation
tootctl settings SUBCOMMAND ...ARGS # Manage dynamic settings
tootctl statuses SUBCOMMAND ...ARGS # Manage statuses
tootctl upgrade SUBCOMMAND ...ARGS # Various version upgrade utilities
tootctl version # Show version
Admin account
Rolle: Owner
RAILS_ENV=production bin/tootctl accounts create \
alice \
--email alice@example.com \
--confirmed \
--role Owner
Zurücksetzen eines Kontos
Dies setzt ein generiertes Passwort. Der Anwender bekommt eine Mail und kann das Passwort anschliessend aktualisieren.
tootctl accounts modify [username] --reset-password
mastodon@66b766aa9853:~$ bin/tootctl accounts modify admin
OK
mastodon@66b766aa9853:~$ bin/tootctl accounts modify admin --reset-password
INFO 2026-04-22T13:08:13.815Z pid=645 tid=1x1: Sidekiq 8.0.9 connecting to Redis with options {size: 10, pool_name: "internal", url: "redis://redis:6379/0", driver: :hiredis}
OK
New password: d1486538ff1206bd2ebf3425d995dd09
mastodon@66b766aa9853:~$