vicwalker.dev.br / pds-mirror
Mirror from bluesky-social/pds
fork

Configure Feed

Select the types of activity you want to include in your feed.

updated to remove manual instructions and explain current state, etc

Jake Gold 9a9db766 d2e0dd1b

+61 -289
+61 -289
README.md
··· 4 4 5 5 ## Table of Contents 6 6 7 - - [PDS](#pds) 8 - - [Table of Contents](#table-of-contents) 9 - - [FAQ](#faq) 10 - - [What is Bluesky?](#what-is-bluesky) 11 - - [What is AT Protocol?](#what-is-at-protocol) 12 - - [How can developers get invite codes?](#how-can-developers-get-invite-codes) 13 - - [Where is the code?](#where-is-the-code) 14 - - [What is the current status of federation?](#what-is-the-current-status-of-federation) 15 - - [What should I know about running a PDS in the developer sandbox?](#what-should-i-know-about-running-a-pds-in-the-developer-sandbox) 16 - - [Self-hosting PDS](#self-hosting-pds) 17 - - [Preparation for self-hosting PDS](#preparation-for-self-hosting-pds) 18 - - [Open your cloud firewall for HTTP and HTTPS](#open-your-cloud-firewall-for-http-and-https) 19 - - [Configure DNS for your domain](#configure-dns-for-your-domain) 20 - - [Check that DNS is working as expected](#check-that-dns-is-working-as-expected) 21 - - [Automatic install on Ubuntu 20.04/22.04 or Debian 11/12](#automatic-install-on-ubuntu-20042204-or-debian-1112) 22 - - [Installing manually on Ubuntu 22.04](#installing-manually-on-ubuntu-2204) 23 - - [Open ports on your Linux firewall](#open-ports-on-your-linux-firewall) 24 - - [Install Docker](#install-docker) 25 - - [Uninstall old versions](#uninstall-old-versions) 26 - - [Set up the repository](#set-up-the-repository) 27 - - [Install Docker Engine](#install-docker-engine) 28 - - [Verify Docker Engine installation](#verify-docker-engine-installation) 29 - - [Set up the PDS directory](#set-up-the-pds-directory) 30 - - [Create the Caddyfile](#create-the-caddyfile) 31 - - [Create the PDS env configuration file](#create-the-pds-env-configuration-file) 32 - - [Start the PDS containers](#start-the-pds-containers) 33 - - [Download the Docker compose file](#download-the-docker-compose-file) 34 - - [Create the systemd service](#create-the-systemd-service) 35 - - [Start the service](#start-the-service) 36 - - [Verify your PDS is online](#verify-your-pds-is-online) 37 - - [Obtain your PDS admin password](#obtain-your-pds-admin-password) 38 - - [Generate an invite code for your PDS](#generate-an-invite-code-for-your-pds) 39 - - [Connecting to your server](#connecting-to-your-server) 40 - - [Manually updating your PDS](#manually-updating-your-pds) 41 - - [PDS environment variables](#pds-environment-variables) 7 + <!-- markdown-toc -i README.md --> 42 8 9 + <!-- toc --> 10 + 11 + - [FAQ](#faq) 12 + * [What is Bluesky?](#what-is-bluesky) 13 + * [What is AT Protocol?](#what-is-at-protocol) 14 + * [Where is the code?](#where-is-the-code) 15 + * [What is the current status of federation?](#what-is-the-current-status-of-federation) 16 + * [What should I know about running a PDS in the developer sandbox?](#what-should-i-know-about-running-a-pds-in-the-developer-sandbox) 17 + - [Self-hosting PDS](#self-hosting-pds) 18 + * [Preparation for self-hosting PDS](#preparation-for-self-hosting-pds) 19 + * [Open your cloud firewall for HTTP and HTTPS](#open-your-cloud-firewall-for-http-and-https) 20 + * [Configure DNS for your domain](#configure-dns-for-your-domain) 21 + * [Check that DNS is working as expected](#check-that-dns-is-working-as-expected) 22 + * [Installer on Ubuntu 20.04/22.04 and Debian 11/12](#installer-on-ubuntu-20042204-and-debian-1112) 23 + * [Verifying that your PDS is online and accessible](#verifying-that-your-pds-is-online-and-accessible) 24 + * [Creating an account using pdsadmin](#creating-an-account-using-pdsadmin) 25 + * [Creating an account using an invite code](#creating-an-account-using-an-invite-code) 26 + * [Using the Bluesky app with your PDS](#using-the-bluesky-app-with-your-pds) 27 + * [Updating your PDS](#updating-your-pds) 28 + 29 + <!-- tocstop --> 43 30 44 31 ## FAQ 45 32 ··· 47 34 48 35 Bluesky is a social media application built on AT Protocol. 49 36 50 - Please visit the [Bluesky website](https://bsky.app/) for more information. 37 + Please visit the [Bluesky website](https://bsky.social/) for more information. 51 38 52 39 ### What is AT Protocol? 53 40 ··· 55 42 56 43 Please visit the [AT Protocol docs](https://atproto.com/guides/overview) for additional information. 57 44 58 - ### How can developers get invite codes? 59 - 60 - There is no invite required to join the sandbox network. Simply set up your own PDS and generate your own invite codes to create accounts. If you desire an account on the production network (on the official Bluesky PDS) please check out the [Bluesky Developer Waitlist](https://docs.google.com/forms/d/e/1FAIpQLSfCuguykw3HaPxIZMJQKRu8_-vsRew90NALVTDOjCSPDmsGNg/viewform) which prioritizes access for developers wanting to build software on atproto. 61 - 62 45 ### Where is the code? 63 46 64 - * [Canonical TypeScript code](https://github.com/bluesky-social/atproto) 65 - * [Experimental Go code](https://github.com/bluesky-social/indigo) 47 + * [TypeScript code](https://github.com/bluesky-social/atproto) 48 + * [Go code](https://github.com/bluesky-social/indigo) 66 49 67 50 ### What is the current status of federation? 68 51 69 - We do not currently support PDS federation on the production network but it is now possible to federate in the developer sandbox. 52 + As of Feb, 2024, the AT Protocol data service (PDS) is now open to federation for self-hosters! 53 + 54 + ✅ Federated domain handles (e.g. `@fda.gov`) 55 + ✅ Federated feed generators (custom algorithms) 56 + ✅ Federated relays (event firehose) 57 + ✅ Federated app views (API service) 58 + ✅ Federated data service (PDS hosting) 59 + 🟩 Federated moderation (labeling) (coming soon) 70 60 71 61 ### What should I know about running a PDS in the developer sandbox? 62 + 63 + Developers may now run self-hosted PDS hosts on the production network! 64 + 65 + Though it is still recommended to run experiments in the developer sandbox network. 72 66 73 67 Read the [SANDBOX.md](https://github.com/bluesky-social/pds/blob/main/SANDBOX.md) for an overview of the sandbox network. 74 68 ··· 136 130 137 131 These should all return your server's public IP. 138 132 139 - ### Automatic install on Ubuntu 20.04/22.04 or Debian 11/12 133 + ### Installer on Ubuntu 20.04/22.04 and Debian 11/12 140 134 141 - On your server via ssh, run the installer script: 135 + On your server via ssh, download the installer script using wget: 142 136 143 137 ```bash 144 138 wget https://raw.githubusercontent.com/bluesky-social/pds/main/installer.sh 145 139 ``` 146 140 147 - ```bash 148 - sudo bash installer.sh 149 - ``` 150 - 151 - ### Installing manually on Ubuntu 22.04 152 - 153 - #### Open ports on your Linux firewall 154 - 155 - If your server is running a Linux firewall managed with `ufw`, you will need to open these ports: 156 - 157 - ```bash 158 - $ sudo ufw allow 80/tcp 159 - $ sudo ufw allow 443/tcp 160 - ``` 161 - 162 - #### Install Docker 163 - 164 - On your server, install Docker CE (Community Edition), using the the following instructions. For other operating systems you may reference the [official Docker install guides](https://docs.docker.com/engine/install/). 165 - 166 - **Note:** All of the following commands should be run on your server via ssh. 167 - 168 - ##### Uninstall old versions 169 - 170 - ```bash 171 - sudo apt-get remove docker docker-engine docker.io containerd runc 172 - ``` 173 - 174 - ##### Set up the repository 175 - 176 - ```bash 177 - sudo apt-get update 178 - sudo apt-get install \ 179 - ca-certificates \ 180 - curl \ 181 - gnupg 182 - ``` 183 - 184 - ```bash 185 - sudo install -m 0755 -d /etc/apt/keyrings 186 - curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg 187 - sudo chmod a+r /etc/apt/keyrings/docker.gpg 188 - ``` 189 - 190 - ```bash 191 - echo \ 192 - "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \ 193 - "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \ 194 - sudo tee /etc/apt/sources.list.d/docker.list > /dev/null 195 - ``` 196 - 197 - ##### Install Docker Engine 198 - 199 - ```bash 200 - sudo apt-get update 201 - ``` 202 - 203 - ```bash 204 - sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin 205 - ``` 206 - 207 - ##### Verify Docker Engine installation 208 - 209 - ```bash 210 - sudo docker run hello-world 211 - ``` 212 - 213 - #### Set up the PDS directory 214 - 215 - ```bash 216 - sudo mkdir /pds 217 - sudo mkdir --parents /pds/caddy/data 218 - sudo mkdir --parents /pds/caddy/etc/caddy 219 - ``` 220 - 221 - #### Create the Caddyfile 222 - 223 - Be sure to replace `example.com` with your own domain. 224 - 225 - ```bash 226 - cat <<CADDYFILE | sudo tee /pds/caddy/etc/caddy/Caddyfile 227 - { 228 - email you@example.com 229 - } 230 - 231 - *.example.com, example.com { 232 - tls { 233 - on_demand 234 - } 235 - reverse_proxy http://localhost:3000 236 - } 237 - CADDYFILE 238 - ``` 239 - 240 - #### Create the PDS env configuration file 241 - 242 - You should fill in the first 5 values, but leave the rest untouched unless you have good reason to change it. 243 - 244 - See the PDS environment variables section at the end of this README for explanations of each value 245 - 246 - Your PDS will need two secp256k1 private keys provided as hex strings. You can securely generate these keys using `openssl` with the following command: 247 - 248 - **Note:** 249 - * Replace `example.com` with your domain name. 141 + or download it using curl: 250 142 251 143 ```bash 252 - PDS_HOSTNAME="example.com" 253 - PDS_JWT_SECRET="$(openssl rand --hex 16)" 254 - PDS_ADMIN_PASSWORD="$(openssl rand --hex 16)" 255 - PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX="$(openssl ecparam --name secp256k1 --genkey --noout --outform DER | tail --bytes=+8 | head --bytes=32 | xxd --plain --cols 32)" 256 - 257 - cat <<PDS_CONFIG | sudo tee /pds/pds.env 258 - PDS_HOSTNAME=${PDS_HOSTNAME} 259 - PDS_JWT_SECRET=${PDS_JWT_SECRET} 260 - PDS_ADMIN_PASSWORD=${PDS_ADMIN_PASSWORD} 261 - PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX=${PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX} 262 - PDS_DATA_DIRECTORY=/pds 263 - PDS_BLOBSTORE_DISK_LOCATION=/pds/blobs 264 - PDS_DID_PLC_URL=https://plc.directory 265 - PDS_BSKY_APP_VIEW_URL=https://api.bsky.app 266 - PDS_BSKY_APP_VIEW_DID=did:web:api.bsky.app 267 - PDS_CRAWLERS=https://bsky.network 268 - PDS_MOD_SERVICE_URL=https://mod.staging.bsky.dev 269 - PDS_MOD_SERVICE_DID=did:plc:kfiaag3o66qk75mfgwebyyns 270 - PDS_CONFIG 144 + curl https://raw.githubusercontent.com/bluesky-social/pds/main/installer.sh >installer.sh 271 145 ``` 272 146 273 - #### Start the PDS containers 274 - 275 - ##### Download the Docker compose file 276 - 277 - Download the `compose.yaml` to run your PDS, which includes the following containers: 278 - 279 - * `pds` Node PDS server running on http://localhost:3000 280 - * `caddy` HTTP reverse proxy handling TLS and proxying requests to the PDS server 281 - * `watchtower` Daemon responsible for auto-updating containers to keep the server secure and federating 147 + And then run the installer using bash: 282 148 283 149 ```bash 284 - curl https://raw.githubusercontent.com/bluesky-social/pds/main/compose.yaml | sudo tee /pds/compose.yaml 150 + sudo bash installer.sh 285 151 ``` 286 152 287 - ##### Create the systemd service 288 - 289 - ```bash 290 - cat <<SYSTEMD_UNIT_FILE >/etc/systemd/system/pds.service 291 - [Unit] 292 - Description=Bluesky PDS Service 293 - Documentation=https://github.com/bluesky-social/pds 294 - Requires=docker.service 295 - After=docker.service 296 - 297 - [Service] 298 - Type=oneshot 299 - RemainAfterExit=yes 300 - WorkingDirectory=/pds 301 - ExecStart=/usr/bin/docker compose --file /pds/compose.yaml up --detach 302 - ExecStop=/usr/bin/docker compose --file /pds/compose.yaml down 303 - 304 - [Install] 305 - WantedBy=default.target 306 - SYSTEMD_UNIT_FILE 307 - ``` 153 + ### Verifying that your PDS is online and accessible 308 154 309 - ##### Start the service 155 + You can check if your server is online and healthy by requesting the healthcheck endpoint. 310 156 311 - **Reload the systemd daemon to create the new service:** 312 - ```bash 313 - sudo systemctl daemon-reload 314 - ``` 157 + You can visit `https://example.com/xrpc/_health` in your browser. You should see a JSON response with a version. 315 158 316 - **Enable the systemd service:** 317 - ```bash 318 - sudo systemctl enable pds 319 - ``` 159 + For example: 320 160 321 - **Start the pds systemd service:** 322 - ```bash 323 - sudo systemctl start pds 324 161 ``` 325 - 326 - **Ensure that containers are running** 327 - 328 - There should be a caddy, pds, and watchtower container running. 329 - 330 - ```bash 331 - sudo systemctl status pds 332 - ``` 333 - 334 - ```bash 335 - sudo docker ps 336 - ``` 337 - 338 - ### Verify your PDS is online 339 - 340 - You can check if your server is online and healthy by requesting the healthcheck endpoint. 341 - 342 - ```bash 343 - curl https://example.com/xrpc/_health 344 162 {"version":"0.2.2-beta.2"} 345 163 ``` 346 164 347 - ### Obtain your PDS admin password 165 + ### Creating an account using pdsadmin 348 166 349 - Your PDS admin password should be in your `pds.env` file if you used the installer script. 350 - 351 - **For example:** 167 + Using ssh on your server, use `pdsadmin` to create an account if you haven't already. 352 168 353 169 ```bash 354 - $ source /pds/pds.env 355 - $ echo $PDS_ADMIN_PASSWORD 356 - a7b5970b6a5077bb41fc68a26d30adda 170 + sudo pdsadmin account create 357 171 ``` 358 - ### Generate an invite code for your PDS 359 172 360 - By default, your PDS will require an invite code to create an account. 173 + ### Creating an account using an invite code 361 174 362 - You can generate a new invite code with the following command: 175 + Using ssh on your server, use `pdsadmin` to create an invite code. 363 176 364 177 ```bash 365 - PDS_HOSTNAME="example.com" 366 - PDS_ADMIN_PASSWORD="<YOUR PDS ADMIN PASSWORD>" 367 - 368 - curl --silent \ 369 - --show-error \ 370 - --request POST \ 371 - --user "admin:${PDS_ADMIN_PASSWORD}" \ 372 - --header "Content-Type: application/json" \ 373 - --data '{"useCount": 1}' \ 374 - https://${PDS_HOSTNAME}/xrpc/com.atproto.server.createInviteCode 178 + sudo pdsadmin create-invite-code 375 179 ``` 376 180 377 - **Note:** the `useCount` field specifies how many times an invite code can be used 181 + When creating an account using the app, enter this invite code. 378 182 379 - ### Connecting to your server 183 + ### Using the Bluesky app with your PDS 380 184 381 - You can use the Bluesky app to connect to your server to create an account. 185 + You can use the Bluesky app to connect to your PDS. 382 186 383 187 1. Get the Bluesky app 384 - * [Bluesky for Web (sandbox)](https://app.bsky-sandbox.dev/) 188 + * [Bluesky for Web](https://bsky.app/) 385 189 * [Bluesky for iPhone](https://apps.apple.com/us/app/bluesky-social/id6444370199) 386 190 * [Bluesky for Android](https://play.google.com/store/apps/details?id=xyz.blueskyweb.app) 387 191 1. Enter the URL of your PDS (e.g. `https://example.com/`) 388 - 1. Create an account using the generated invite code 389 - 1. Create a post 390 192 391 - _Note: because we use on-the-fly TLS certs, it may take 10-30s for your handle to be accessible. If you aren't seeing your first post/profile, wait 30s and try to make another post._ 392 - 393 - Checkout [SANDBOX.md](./SANDBOX.md) for an overview of participating in the sandbox network. 394 - 395 - ### Manually updating your PDS 193 + _Note: because the subdomain TLS certificate is created on-demand, it may take 10-30s for your handle to be accessible. If you aren't seeing your first post/profile, wait 30s and try to make another post._ 396 194 397 - If you use use Docker `compose.yaml` file in this repo, your PDS will automatically update nightly. To manually update to the latest version use the following commands. 195 + ### Updating your PDS 398 196 399 - **Pull the latest PDS container image:** 400 - ```bash 401 - sudo docker pull ghcr.io/bluesky-social/pds:latest 402 - ``` 197 + It is recommended that you keep your PDS up to date with new versions, otherwise things may break. You can use the `pdsadmin` tool to update your PDS. 403 198 404 - **Restart PDS with the new container image:** 405 199 ```bash 406 - sudo systemctl restart pds 200 + sudo pdsadmin update 407 201 ``` 408 - 409 - ## PDS environment variables 410 - 411 - You will need to customize various settings configured through the PDS environment variables. See the below table to find the variables you'll need to set. 412 - 413 - | Environment Variable | Value | Should update? | Notes | 414 - | ----------------------------------------- | ---------------------------- | -------------- | --------------------------------------------------------------------------- | 415 - | PDS_HOSTNAME | example.com | ✅ | Public domain you intend to deploy your service at | 416 - | PDS_JWT_SECRET | jwt-secret | ✅ | Use a secure high-entropy string that is 32 characters in length | 417 - | PDS_ADMIN_PASSWORD | admin-pass | ✅ | Use a secure high-entropy string that is 32 characters in length | 418 - | PDS_REPO_SIGNING_KEY_K256_PRIVATE_KEY_HEX | 3ee68... | ✅ | See above Generate Keys section - once set, do not change | 419 - | PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX | e049f... | ✅ | See above Generate Keys section - once set, do not change | 420 - | PDS_DB_SQLITE_LOCATION | /pds/pds.sqlite | ❌ | Or use `PDS_DB_POSTGRES_URL` depending on which database you intend to use | 421 - | PDS_BLOBSTORE_DISK_LOCATION | /pds/blocks | ❌ | Only update if you update the mounted volume for your docker image as well | 422 - | PDS_DID_PLC_URL | https://plc.bsky-sandbox.dev | ❌ | Do not adjust if you intend to federate with the Bluesky federation sandbox | 423 - | PDS_BSKY_APP_VIEW_URL | https://api.bsky-sandbox.dev | ❌ | Do not adjust if you intend to federate with the Bluesky federation sandbox | 424 - | PDS_BSKY_APP_VIEW_DID | did:web:api.bsky-sandbox.dev | ❌ | Do not adjust if you intend to federate with the Bluesky federation sandbox | 425 - | PDS_CRAWLERS | https://bgs.bsky-sandbox.dev | ❌ | Do not adjust if you intend to federate with the Bluesky federation sandbox | 426 - 427 - There are additional environment variables that can be tweaked depending on how you're running your service. For instance, storing blobs in AWS S3, keys in AWS KMS, or setting up an email service. 428 - 429 - Feel free to explore those [Here](https://github.com/bluesky-social/atproto/blob/simplify-pds/packages/pds/src/config/env.ts). However, we will not be providing support for more advanced configurations.