Federated social network node, running on kosmos.social https://kosmos.social

activitypub fediverse mastodon rails ruby

Go to file

Patrick Figel df4ff9a8e1 Add recovery code support for two-factor auth (#1773 ) * Add recovery code support for two-factor auth When users enable two-factor auth, the app now generates ten single-use recovery codes. Users are encouraged to print the codes and store them in a safe place. The two-factor prompt during login now accepts both OTP codes and recovery codes. The two-factor settings UI allows users to regenerated lost recovery codes. Users who have set up two-factor auth prior to this feature being added can use it to generate recovery codes for the first time. Fixes #563 and fixes #987 * Set OTP_SECRET in test enviroment * add missing .html to view file names		2017-04-15 13:26:03 +02:00
app	Add recovery code support for two-factor auth (#1773 )	2017-04-15 13:26:03 +02:00
bin	Upgrade to Rails 5.0.0.1	2016-08-17 17:58:00 +02:00
config	Add recovery code support for two-factor auth (#1773 )	2017-04-15 13:26:03 +02:00
db	Add recovery code support for two-factor auth (#1773 )	2017-04-15 13:26:03 +02:00
docs	Fix redirect link on Tuning.md (#1595 )	2017-04-12 12:40:37 +02:00
lib	Add tasks for open/close registration (#1823 )	2017-04-15 13:17:07 +02:00
log	Initial commit	2016-02-20 22:53:20 +01:00
public	Improve emojis - use SVGs where possible	2017-03-29 22:27:24 +02:00
spec	Add recovery code support for two-factor auth (#1773 )	2017-04-15 13:26:03 +02:00
storybook	Fix up storybook	2017-03-02 18:55:15 +01:00
streaming	Dev Tooling fixes (eslint/editorconfig) (#1398 )	2017-04-11 00:36:03 +02:00
vendor/assets	Initial commit	2016-02-20 22:53:20 +01:00
.babelrc	Debounce autosuggestions requests	2016-11-13 13:13:36 +01:00
.buildpacks	Install nodejs before ruby	2017-04-05 13:53:30 +02:00
.codeclimate.yml	Exclude javascript locale file from dup check (#1677 )	2017-04-13 13:40:25 +02:00
.dockerignore	Optimize Dockerfile	2017-04-06 15:42:16 +08:00
.editorconfig	Dev Tooling fixes (eslint/editorconfig) (#1398 )	2017-04-11 00:36:03 +02:00
.env.production.sample	Add REDIS_DB env variable to configure Redis database (#1366 )	2017-04-15 02:21:13 +02:00
.env.test	Add recovery code support for two-factor auth (#1773 )	2017-04-15 13:26:03 +02:00
.env.vagrant	Add a default LOCAL_DOMAIN=mastodon.dev to .env.vagrant	2017-01-26 19:22:59 +11:00
.eslintignore	Dev Tooling fixes (eslint/editorconfig) (#1398 )	2017-04-11 00:36:03 +02:00
.eslintrc	Don't show statuses to blocked users	2016-12-26 19:13:56 +01:00
.gitignore	Ignore postgres/redis folder from docker-compose (#1645 )	2017-04-13 16:04:20 +02:00
.nvmrc	update Node to 6.x LTS (#1228 )	2017-04-15 02:05:41 +02:00
.rspec	Adding a Mention model, test stubs	2016-02-25 00:17:01 +01:00
.rubocop.yml	Fix tests, add applications to eager loading/cache for statuses, fix	2017-01-15 14:01:33 +01:00
.ruby-version	Version bumps for ruby and misc gems (#1159 )	2017-04-10 22:47:41 +02:00
.slugignore	Updates slugignore.	2017-04-06 07:53:48 -04:00
.travis.yml	update Node to 6.x LTS (#1228 )	2017-04-15 02:05:41 +02:00
CONTRIBUTING.md	Request documentation (#1616 )	2017-04-12 18:27:33 +02:00
Capfile	Speed up capistrano deployments	2017-02-16 02:34:21 +01:00
Dockerfile	Version bumps for ruby and misc gems (#1159 )	2017-04-10 22:47:41 +02:00
Gemfile	add basic microformats tests (#1803 )	2017-04-15 02:37:00 +02:00
Gemfile.lock	add basic microformats tests (#1803 )	2017-04-15 02:37:00 +02:00
ISSUE_TEMPLATE.md	Fix typo in ISSUE_TEMPLATE	2017-04-04 14:49:31 +02:00
LICENSE	Fix #49 - License changed from GPL-2.0 to AGPL-3.0	2016-09-21 23:04:34 +02:00
Procfile	Force UTF8 encoding on generated XML (#1140 )	2017-04-07 11:09:14 +02:00
README.md	Fix getting started commands out of order (#1737 )	2017-04-14 11:04:19 +02:00
Rakefile	Initial commit	2016-02-20 22:53:20 +01:00
Vagrantfile	Remove current directory from PATH (#1779 )	2017-04-14 19:10:38 +02:00
app.json	More SMTP customization (#1372 )	2017-04-10 21:48:30 +02:00
config.ru	Fix rubocop issues, introduce usage of frozen literal to improve performance	2016-11-15 16:56:29 +01:00
docker-compose.yml	Use image too in docker-compose (#1109 )	2017-04-15 02:07:59 +02:00
package.json	Fix #1491 - Fix broken notifications, broken Link header parsing for exclude_types (#1548 )	2017-04-11 22:53:58 +02:00
scalingo.json	More SMTP customization (#1372 )	2017-04-10 21:48:30 +02:00
yarn.lock	Fix #1491 - Fix broken notifications, broken Link header parsing for exclude_types (#1548 )	2017-04-11 22:53:58 +02:00

README.md

Mastodon

Mastodon is a free, open-source social network server. A decentralized solution to commercial platforms, it avoids the risks of a single company monopolizing your communication. Anyone can run Mastodon and participate in the social network seamlessly.

An alternative implementation of the GNU social project. Based on ActivityStreams, Webfinger, PubsubHubbub and Salmon.

Click on the screenshot to watch a demo of the UI:

The project focus is a clean REST API and a good user interface. Ruby on Rails is used for the back-end, while React.js and Redux are used for the dynamic front-end. A static front-end for public resources (profiles and statuses) is also provided.

If you would like, you can support the development of this project on Patreon. Alternatively, you can donate to this BTC address: 17j2g7vpgHhLuXhN4bueZFCvdxxieyRVWd

Resources

Features

Fully interoperable with GNU social and any OStatus platform Whatever implements Atom feeds, ActivityStreams, Salmon, PubSubHubbub and Webfinger is part of the network
Real-time timeline updates See the updates of people you're following appear in real-time in the UI via WebSockets
Federated thread resolving If someone you follow replies to a user unknown to the server, the server fetches the full thread so you can view it without leaving the UI
Media attachments like images and WebM Upload and view images and WebM videos attached to the updates
OAuth2 and a straightforward REST API Mastodon acts as an OAuth2 provider so 3rd party apps can use the API, which is RESTful and simple
Background processing for long-running tasks Mastodon tries to be as fast and responsive as possible, so all long-running tasks that can be delegated to background processing, are
Deployable via Docker You don't need to mess with dependencies and configuration if you want to try Mastodon, if you have Docker and Docker Compose the deployment is extremely easy

Configuration

LOCAL_DOMAIN should be the domain/hostname of your instance. This is absolutely required as it is used for generating unique IDs for everything federation-related
LOCAL_HTTPS set it to true if HTTPS works on your website. This is used to generate canonical URLs, which is also important when generating and parsing federation-related IDs

Consult the example configuration file, .env.production.sample for the full list. Among other things you need to set details for the SMTP server you are going to use.

Requirements

Ruby
Node.js
PostgreSQL
Redis
Nginx

Running with Docker and Docker-Compose

The project now includes a Dockerfile and a docker-compose.yml file (which requires at least docker-compose version 1.10.0).

Review the settings in docker-compose.yml. Note that it is not default to store the postgresql database and redis databases in a persistent storage location, so you may need or want to adjust the settings there.

Then, you need to fill in the .env.production file:

cp .env.production.sample .env.production
nano .env.production

Do NOT change the REDIS_* or DB_* settings when running with the default docker configurations.

You will need to fill in, at least: LOCAL_DOMAIN, LOCAL_HTTPS, PAPERCLIP_SECRET, SECRET_KEY_BASE, OTP_SECRET, and the SMTP_* settings. To generate the PAPERCLIP_SECRET, SECRET_KEY_BASE, and OTP_SECRET, you may use:

Before running the first time, you need to build the images:

docker-compose build


docker-compose run --rm web rake secret

Do this once for each of those keys, and copy the result into the .env.production file in the appropriate field.

Then you should run the db:migrate command to create the database, or migrate it from an older release:

docker-compose run --rm web rails db:migrate

Then, you will also need to precompile the assets:

docker-compose run --rm web rails assets:precompile

before you can launch the docker image with:

docker-compose up

If you wish to run this as a daemon process instead of monitoring it on console, use instead:

docker-compose up -d

Then you may login to your new Mastodon instance by browsing to http://localhost:3000/

Following that, make sure that you read the production guide. You are probably going to want to understand how to configure Nginx to make your Mastodon instance available to the rest of the world.

The container has two volumes, for the assets and for user uploads, and optionally two more, for the postgresql and redis databases.

The default docker-compose.yml maps them to the repository's public/assets and public/system directories, you may wish to put them somewhere else. Likewise, the PostgreSQL and Redis images have data containers that you may wish to map somewhere where you know how to find them and back them up.

Note: The --rm option for docker-compose will remove the container that is created to run a one-off command after it completes. As data is stored in volumes it is not affected by that container clean-up.

Tasks

rake mastodon:media:clear removes uploads that have not been attached to any status after a while, you would want to run this from a periodic cronjob
rake mastodon:push:clear unsubscribes from PuSH notifications for remote users that have no local followers. You may not want to actually do that, to keep a fuller footprint of the fediverse or in case your users will soon re-follow
rake mastodon:push:refresh re-subscribes PuSH for expiring remote users, this should be run periodically from a cronjob and quite often as the expiration time depends on the particular hub of the remote user
rake mastodon:feeds:clear_all removes all timelines, which forces them to be re-built on the fly next time a user tries to fetch their home/mentions timeline. Only for troubleshooting
rake mastodon:feeds:clear removes timelines of users who haven't signed in lately, which allows to save RAM and improve message distribution. This is required to be run periodically so that when they login again the regeneration process will trigger

Running any of these tasks via docker-compose would look like this:

docker-compose run --rm web rake mastodon:media:clear

Updating

This approach makes updating to the latest version a real breeze.

git pull to download updates from the repository
docker-compose build to compile the Docker image out of the changed source files
(optional) docker-compose run --rm web rails db:migrate to perform database migrations. Does nothing if your database is up to date
(optional) docker-compose run --rm web rails assets:precompile to compile new JS and CSS assets
docker-compose up -d to re-create (restart) containers and pick up the changes

Deployment without Docker

Docker is great for quickly trying out software, but it has its drawbacks too. If you prefer to run Mastodon without using Docker, refer to the production guide for examples, configuration and instructions.

Deployment on Scalingo

You can view a guide for deployment on Scalingo here.

Deployment on Heroku (experimental)

Mastodon can run on Heroku, but it gets expensive and impractical due to how Heroku prices resource usage. You can view a guide for deployment on Heroku here, but you have been warned.

Development with Vagrant

A quick way to get a development environment up and running is with Vagrant. You will need recent versions of Vagrant and VirtualBox installed.

You can find the guide for setting up a Vagrant development environment here.

Contributing

You can open issues for bugs you've found or features you think are missing. You can also submit pull requests to this repository. Here are the guidelines for code contributions

IRC channel: #mastodon on irc.freenode.net

Extra credits

The Emoji One pack has been used for the emojis
The error page image courtesy of Dopatwo