The easiest way to describe Pixelfed is to say it's a federated version of Instagram. There's no big bad company behind it, your data is on your server and you can easily run your own at home if you want too. This can connect to any other Pixelfed instance in the Fediverse as it's called.
The image-sharing platform defines itself as “A free and ethical photo-sharing platform” with no ads, third-party analytics, or tracking.
You can find more on pixelfed.org
What Pixelfed does need is more servers to spread the load, I've put this guide together based on some notes from the Pixelfed website itself and another website that I can't for the life of me find to give credit to.
You will need an install of Ubuntu Server 22.04 to run this using these instructions.
Let us begin
Change to root user
sudo -i
Install latest updates
apt update
apt upgrade -y
reboot now
Then install the required software
apt -y install redis-server mariadb-server ffmpeg jpegoptim optipng pngquant gifsicle unzip zip php-fpm php-cli php-bcmath php-curl php-gd php-intl php-mbstring php-redis php-xml php-zip php-mysql nginx certbot python3-certbot-nginx mc php-json php-tokenizer php-imagick
Make some changes to the php config files
nano /etc/php/8.1/fpm/php.ini
Edit these lines, I've set the max size and max filesize to 100M , max file uploads is 50
post_max_size (default 8M, set this around or slightly greater than your desired post size limit)
file_uploads (default On, which it needs to be)
upload_max_filesize (default 2M, set this <= post_max_size)
max_file_uploads (default 20, but make sure it is >= your desired attachment limit)
max_execution_time (default 30, consider raising this to 600 or more so that longer tasks arent interrupted)
And change the line that says
;date.timezone =
to
date.timezone = Europe/London
or wherever your timezone is.
Enable some of the services
systemctl enable redis-server
systemctl enable mariadb
Setup the database
mysql_secure_installation
mysql -u root -p
create database pixelfed;
grant all privileges on pixelfed.* to 'pixelfed'@'localhost' identified by 'yourpassword';
flush privileges;
exit;
Install Composer
curl -sS <https://getcomposer.org/installer -o /tmp/composer-setup.php>
php /tmp/composer-setup.php --install-dir=/usr/local/bin --filename=composer
Get the software downloaded
cd /var/www
git clone -b dev https://github.com/pixelfed/pixelfed.git pixelfed
cd pixelfed
composer install --no-ansi --no-interaction --optimize-autoloader
cp .env.example .env
nano .env
Edit these lines to your requirements
# Instance Configuration
OPEN_REGISTRATION="true"
ENFORCE_EMAIL_VERIFICATION="false"
PF_MAX_USERS="1000"
OAUTH_ENABLED="true"
# Instance URL Configuration
APP_URL="https://pixelfed.yourdomain"
APP_DOMAIN="pixelfed.yourdomain"
ADMIN_DOMAIN="pixelfed.yourdomain"
SESSION_DOMAIN="pixelfed.yourdomain"
TRUST_PROXIES="*"
# Database Configuration
DB_CONNECTION="mysql"
DB_HOST="127.0.0.1"
DB_PORT="3306"
DB_DATABASE="pixelfed"
DB_USERNAME="pixelfed"
DB_PASSWORD="yourpassword"
# ActivityPub Configuration
ACTIVITY_PUB="true"
AP_REMOTE_FOLLOW="true"
AP_INBOX="true"
AP_OUTBOX="true"
AP_SHAREDINBOX="true"
Setup the permissions
sudo chown -R www-data:www-data /var/www/pixelfed
sudo find . -type d -exec chmod 755 {} \; # set all directories to rwx by user/group
sudo find . -type f -exec chmod 644 {} \; # set all files to rw by user/group
Generate the secret APP_KEY:
php artisan key:generate
Storage/ directory must be linked to the application:
php artisan storage:link
Database migrations must be run:
php artisan migrate --force
If you want to enable support for location data:
php artisan import:cities
If you enabled ActivityPub federation:
php artisan instance:actor
If you enabled OAuth:
php artisan passport:keys
Routes should be cached whenever the source code changes or whenever you change routes:
php artisan route:cache
php artisan view:cache
Every time you edit your .env file, you must run this command to have the changes take effect:
php artisan config:cache
Setup Laravel Horizon - Job queueing
php artisan horizon:install
php artisan horizon:publish
Let's make a startup service for Pixelfed with
nano /etc/systemd/system/pixelfed.service
Paste this in
[Unit]
Description=Pixelfed task queueing via Laravel Horizon
After=network.target
Requires=mariadb
Requires=php8.1-fpm
Requires=redis
Requires=nginx
[Service]
Type=simple
ExecStart=/usr/bin/php artisan horizon --environment=production
ExecStop=/usr/bin/php artisan horizon:terminate --wait
User=www-data
WorkingDirectory=/var/www/pixelfed/
Restart=on-failure
KillSignal=SIGCONT
TimeoutStopSec=3600
[Install]
WantedBy=multi-user.target
Save and exit then run the following to get the services activated
systemctl daemon-reload
systemctl enable pixelfed
systemctl status pixelfed
Create a cron task to do some tidying up
crontab -e
Paste this in
* * * * * /usr/bin/php /var/www/pixelfed/artisan schedule:run >> /dev/null 2>&1
# Instance Configuration
OPEN_REGISTRATION="true"
ENFORCE_EMAIL_VERIFICATION="false"
PF_MAX_USERS="1000"
OAUTH_ENABLED="true"
# Instance URL Configuration
APP_URL="https://pixelfed.yourdomain"
APP_DOMAIN="pixelfed.yourdomain"
ADMIN_DOMAIN="pixelfed.yourdomain"
SESSION_DOMAIN="pixelfed.yourdomain"
TRUST_PROXIES="*"
# Database Configuration
DB_CONNECTION="mysql"
DB_HOST="127.0.0.1"
DB_PORT="3306"
DB_DATABASE="pixelfed"
DB_USERNAME="pixelfed"
DB_PASSWORD="yourpassword"
# ActivityPub Configuration
ACTIVITY_PUB="true"
AP_REMOTE_FOLLOW="true"
AP_INBOX="true"
AP_OUTBOX="true"
AP_SHAREDINBOX="true"
Setup the permissions
sudo chown -R www-data:www-data /var/www/pixelfed
sudo find . -type d -exec chmod 755 {} \; # set all directories to rwx by user/group
sudo find . -type f -exec chmod 644 {} \; # set all files to rw by user/group
Generate the secret APP_KEY:
php artisan key:generate
Storage/ directory must be linked to the application:
php artisan storage:link
Database migrations must be run:
php artisan migrate --force
If you want to enable support for location data:
php artisan import:cities
If you enabled ActivityPub federation:
php artisan instance:actor
If you enabled OAuth:
php artisan passport:keys
Routes should be cached whenever the source code changes or whenever you change routes:
php artisan route:cache
php artisan view:cache
Every time you edit your .env file, you must run this command to have the changes take effect:
php artisan config:cache
Setup Laravel Horizon - Job queueing
php artisan horizon:install
php artisan horizon:publish
Let's make a startup service for Pixelfed with
nano /etc/systemd/system/pixelfed.service
Paste this in
[Unit]
Description=Pixelfed task queueing via Laravel Horizon
After=network.target
Requires=mariadb
Requires=php8.1-fpm
Requires=redis
Requires=nginx
[Service]
Type=simple
ExecStart=/usr/bin/php artisan horizon --environment=production
ExecStop=/usr/bin/php artisan horizon:terminate --wait
User=www-data
WorkingDirectory=/var/www/pixelfed/
Restart=on-failure
KillSignal=SIGCONT
TimeoutStopSec=3600
[Install]
WantedBy=multi-user.target
Save and exit then run the following to get the services activated
systemctl daemon-reload
systemctl enable pixelfed
systemctl status pixelfed
Create a cron task to do some tidying up
crontab -e
Paste this in
* * * * * /usr/bin/php /var/www/pixelfed/artisan schedule:run >> /dev/null 2>&1
Enable nginx
systemctl enable nginx
Disable the default site
unlink /etc/nginx/sites-enabled/default
Create the pixelfed website
cp /var/www/pixelfed/contrib/nginx.conf /etc/nginx/sites-available/pixelfed.conf
ln -s /etc/nginx/sites-available/pixelfed.conf /etc/nginx/sites-enabled/
nano /etc/nginx/sites-available/pixelfed.conf
systemctl enable nginx
Disable the default site
unlink /etc/nginx/sites-enabled/default
Create the pixelfed website
cp /var/www/pixelfed/contrib/nginx.conf /etc/nginx/sites-available/pixelfed.conf
ln -s /etc/nginx/sites-available/pixelfed.conf /etc/nginx/sites-enabled/
nano /etc/nginx/sites-available/pixelfed.conf
Change the server name and the path to your chosen ones and amend the line that says
fastcgi_pass unix:/run/php-fpm/php-fpm.sock; # make sure this is correct
to
fastcgi_pass unix:/run/php/php-fpm.sock; # make sure this is correct
Setup an initial ssl connection, it doesn't need to be done but it's easier.
sudo mkdir /etc/nginx/ssl
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/server.key -out /etc/nginx/ssl/server.crt
systemctl reload nginx
service php8.1-fpm restart
service nginx restart
service pixelfed restart
Install proper ssl certificates
certbot
Create the first user and make admin,
fastcgi_pass unix:/run/php-fpm/php-fpm.sock; # make sure this is correct
to
fastcgi_pass unix:/run/php/php-fpm.sock; # make sure this is correct
Setup an initial ssl connection, it doesn't need to be done but it's easier.
sudo mkdir /etc/nginx/ssl
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/server.key -out /etc/nginx/ssl/server.crt
systemctl reload nginx
service php8.1-fpm restart
service nginx restart
service pixelfed restart
Install proper ssl certificates
certbot
Create the first user and make admin,
php artisan user:create
And that is it so far, you can now go to https://pixelfed.yourdomain and have some fun.
Once that's all done, I have added a few extra lines to the bottom of the .env file
ENABLE_CONFIG_CACHE=true
MAX_BIO_LENGTH=500
IMPORT_INSTAGRAM=true
MAX_PHOTO_SIZE=100000
IMAGE_DRIVER=imagick
LIMIT_ACCOUNT_SIZE=false
And that is it so far, you can now go to https://pixelfed.yourdomain and have some fun.
Once that's all done, I have added a few extra lines to the bottom of the .env file
ENABLE_CONFIG_CACHE=true
MAX_BIO_LENGTH=500
IMPORT_INSTAGRAM=true
MAX_PHOTO_SIZE=100000
IMAGE_DRIVER=imagick
LIMIT_ACCOUNT_SIZE=false
Make sure you run the following to activate the changes.
php artisan config:cache
You really should also setup a firewall to allow only the required connections, you can do this with.
sudo ufw allow http
sudo ufw allow https
You should also setup a port for connection by ssh, the default port is 22 so you would run
sudo ufw allow 22
It would be a good idea to change the port from the default.
Run sudo ufw enable
To enable the firewall, that's it people.
Feel free to look me up on pixelfed @paulholt@pixelfed.travelsoftux.co.uk and look up the man behind it all, @dansup@pixelfed.social.
php artisan config:cache
You really should also setup a firewall to allow only the required connections, you can do this with.
sudo ufw allow http
sudo ufw allow https
You should also setup a port for connection by ssh, the default port is 22 so you would run
sudo ufw allow 22
It would be a good idea to change the port from the default.
Run sudo ufw enable
To enable the firewall, that's it people.
Feel free to look me up on pixelfed @paulholt@pixelfed.travelsoftux.co.uk and look up the man behind it all, @dansup@pixelfed.social.
No comments:
Post a Comment