Hi, I’m just starting out with self hosting and I am currently working on a project meant to serve a small town that I live in. What I would like to do is host a small social media site from a Rapsberry Pi 5. I’m not expecting to have a lot of people using it so I’m not pressured about the hardware requirements at this point in time.

I have a few questions before I go any further.

  1. Is it possible to set up a PieFed instance as text only? I’m not interested in moderating images or videos. Also, I’m also running this from a residential connection so I don’t want to affect my home traffic. All aspects of this project are meant to be as minimal as possible to access more people.

  2. My ISP blocks ports. I intend to call them soon and talk to them about unblocking ports. If I am unable to do that, my backup plan to simply run an instance that is unfederated. It will act as a message board for my town. Can I set PieFed to a custom port for traffic? For example using piefed.domainname.com:8080 as the address for people to reach my server.

  3. Does the registration for new users require any SSL? I’m not entirely sure if that would be affected the same as federation without SSL.

  4. Would mail related services be affected by blocked ports? Would I be able to use another email address not associated with my domain name and PieFed instance?

Thanks for any help or information.

  • tatersOP
    link
    fedilink
    English
    122 days ago

    I decided to start over today with a fresh OS install on my Pi. I did everything according to a checklist I started so nothing new has changed from my knowledge. I am getting errors trying to get past the

    export DOCKER_BUILDKIT=1  
    docker-compose up --build  
    

    part of the INSTALL.md for the docker instructions.

    I’ve saved a copy of my terminal but I’m not sure where a good spot to paste it is since it’s long. There were a lot of permission error 13’s so I tried

    sudo docker-compose up --build  
    

    and things started to download and proceed up until a point before another error showed up.

    Step 1/14 : FROM --platform=$BUILDPLATFORM python:3-alpine AS builder  
    failed to parse platform : "" is an invalid component of "": platform specifier component must match "^[A-Za-z0-9_-]+$": invalid argument  
    ERROR: Service 'celery' failed to build : Build failed  
    

    I’m quite confident I did nothing different this time so I don’t know what would be causing issues today. I can provide you with the outputs from my terminal if that will help you.

    • Rimu
      link
      fedilink
      English
      122 days ago

      I have only tried building the docker image on my laptop, which has a different CPU architecture than a Pi. On your system the buildplatform variable is empty for some reason. You could try editing the file Dockerfile to have --platform=linux/arm64/v8 or maybe try removing it entirely so the line is just FROM python:3-alpine AS builder.

      Do you have a quite old version of docker? Try running docker version to check.

      • tatersOP
        link
        fedilink
        English
        019 days ago

        You’re right, it was outdated. It seems I got mixed up after a fresh OS install on my Pi. I used APT to download and install docker which is extremely outdated. I now have proper repositories set up for both docker and nginx and everything is up to date. I didn’t need to make any changes to the dockerfile with the proper version.

        I’m having issues getting nginx, pyfedi.service and celery.service to work.

        Below are some snippets from my notes which should lay out all the steps I’ve taken, hopefully that will explain where I am currently at.

        <br>
        Steps from fresh OS Install:

        ## Apt software  
        sudo apt install ddclient gufw -y  
        
        # ddclient -> Account/Password/Domain Address  
        # gufw  
        
        ## Repository Software  
        # Docker -> Install-> https://docs.docker.com/engine/install/debian/  
        # nginx -> Install -> https://nginx.org/en/linux_packages.html#Debian  
                -> sudo nano /etc/nginx/nginx.conf  
                   -> Add line -> include /etc/nginx/sites-enabled/DOMAINNAME;  
                -> sudo nano /etc/nginx/sites-enabled/DOMAIN -> Copy DOMAINNAME reverse proxy settings from USB  
                -> sudo nginx -t  
                -> sudo service nginx restart  
        
        ## Docker Images  
        # PieFed -> Install: Easy/Docker -> https://codeberg.org/rimu/pyfedi/src/branch/main/INSTALL.md  
          ->Edit file entries  
            -env.docker  
             -> SECRET_KEY='k3avh6fp'  
             -> SERVER_NAME='pi.DOMAINNAME.ca:5000'  
            -compose.yaml  
             -> ports: - '8030:5000' -> - '5000:5000'  
        
        ## Running In Production  
        # Virtual Environment -> Gunicorn & Celery  
          -> python -m venv ~/home/USERNAME/pyfedi/venv  
          -> source ~/home/USERNAME/pyfedi/venv/bin/activate  
          -> pip3 install gunicorn celery  
          -> deactivate  
        # Copy file celery_worker.default.py -> celery_worker.py  
          -> Change -> DATABASE_URL -> postgresql+psycopg2://piefed:piefed@db/piefed  
          -> Change -> SERVER_NAME -> pi.DOMAINNAME.ca:5000  
        # Create Background Service Files -> Copy EACH from USB  
          -> sudo nano /etc/systemd/system/pyfedi.service  
          -> sudo nano /etc/systemd/system/celery.service  
          -> sudo nano /etc/default/celeryd  
        # Enable/Start Background Services  
          -> sudo systemctl enable pyfedi.service  
          -> sudo systemctl enable celery.service  
          -> sudo systemctl start pyfedi.service  
          -> sudo systemctl start celery.service  
        

        <br>
        /etc/nginx/sites-enabled/DOMAIN file:

        upstream app_server {  
            # fail_timeout=0 means we always retry an upstream even if it failed  
            # to return a good HTTP response  
        
            # for UNIX domain socket setups  
            # server unix:/tmp/gunicorn.sock fail_timeout=0;  
        
            # for a TCP configuration  
            server 192.168.40.140:5000 fail_timeout=0;  
            keepalive 4;  
        }  
        
        server {  
            listen 5000;  
            listen [::]:5000;  
            server_name pi.DOMAINNAME.ca;  
            root /home/USERNAME/pyfedi/app;  
        
            keepalive_timeout 30;  
            ssi off;  
        
            location / {  
                # Proxy all requests to Gunicorn  
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;  
                proxy_set_header X-Forwarded-Proto $scheme;  
                proxy_set_header Host $http_host;  
                proxy_redirect off;  
                proxy_http_version 1.1;  
                proxy_set_header Connection "";  
                proxy_pass http://app_server;  
                ssi off;  
            }  
        
            # Serve static files directly with nginx  
            location ~* /static/ {  
                alias /home/USERNAME/pyfedi/app/static/;  
                expires max;  
                access_log off;  
            }  
        
        }  
        
        • tatersOP
          link
          fedilink
          English
          119 days ago

          To start, if I load PieFed first, then nginx I get an error like below:

          nginx error:

          × nginx.service - nginx - high performance web server  
               Loaded: loaded (/lib/systemd/system/nginx.service; enabled; preset: enabled)  
               Active: failed (Result: exit-code) since Thu 2025-01-02 17:26:07 EST; 22s ago  
             Duration: 5min 39.898s  
                 Docs: https://nginx.org/en/docs/  
              Process: 9406 ExecStart=/usr/sbin/nginx -c /etc/nginx/nginx.conf (code=exited, status=1/FAILURE)  
                  CPU: 6ms  
          
          Jan 02 17:26:06 pi nginx[9406]: nginx: [emerg] bind() to 0.0.0.0:5000 failed (98: Address already in use)  
          Jan 02 17:26:06 pi nginx[9406]: nginx: [emerg] bind() to [::]:5000 failed (98: Address already in use)  
          Jan 02 17:26:06 pi nginx[9406]: nginx: [emerg] bind() to 0.0.0.0:5000 failed (98: Address already in use)  
          Jan 02 17:26:06 pi nginx[9406]: nginx: [emerg] bind() to [::]:5000 failed (98: Address already in use)  
          Jan 02 17:26:07 pi nginx[9406]: nginx: [emerg] bind() to 0.0.0.0:5000 failed (98: Address already in use)  
          Jan 02 17:26:07 pi nginx[9406]: nginx: [emerg] bind() to [::]:5000 failed (98: Address already in use)  
          Jan 02 17:26:07 pi nginx[9406]: nginx: [emerg] still could not bind()  
          Jan 02 17:26:07 pi systemd[1]: nginx.service: Control process exited, code=exited, status=1/FAILURE  
          Jan 02 17:26:07 pi systemd[1]: nginx.service: Failed with result 'exit-code'.  
          Jan 02 17:26:07 pi systemd[1]: Failed to start nginx.service - nginx - high performance web server.  
          

          If I do the opposite and load nginx before PieFed, PieFed will make a similar complaint about sharing the same port.

          The pyfedi.service, celery.service and celeryd files all look similar to the examples from the INSTALL.md except I changed the directory names to match my name in the appropriate places.

          Here are the error messages I am getting from systemctl:

          pyfedi.service error/celery.service error:

          sudo systemctl status celery.service  
          × pyfedi.service - Gunicorn instance to serve PieFed application  
               Loaded: loaded (/etc/systemd/system/pyfedi.service; enabled; preset: enabled)  
               Active: failed (Result: exit-code) since Thu 2025-01-02 14:28:27 EST; 4h 42min ago  
             Duration: 126ms  
              Process: 6699 ExecStart=/home/USERNAME/pyfedi/venv/bin/gunicorn --config gunicorn.conf.py --preload pyfedi:app (code>  
             Main PID: 6699 (code=exited, status=1/FAILURE)  
                  CPU: 126ms  
          
          Jan 02 14:28:27 pi systemd[1]: pyfedi.service: Scheduled restart job, restart counter is at 5.  
          Jan 02 14:28:27 pi systemd[1]: Stopped pyfedi.service - Gunicorn instance to serve PieFed application.  
          Jan 02 14:28:27 pi systemd[1]: pyfedi.service: Start request repeated too quickly.  
          Jan 02 14:28:27 pi systemd[1]: pyfedi.service: Failed with result 'exit-code'.  
          Jan 02 14:28:27 pi systemd[1]: Failed to start pyfedi.service - Gunicorn instance to serve PieFed application.  
          lines 1-13/13 (END)  
          
          ----------  
          
          × celery.service - Celery Service  
               Loaded: loaded (/etc/systemd/system/celery.service; enabled; preset: enabled)  
               Active: failed (Result: exit-code) since Thu 2025-01-02 14:28:26 EST; 4h 42min ago  
              Process: 6694 ExecStart=/bin/sh -c ${CELERY_BIN} multi start -A ${CELERY_APP} ${CELERYD_NODES} --pidfile=${CELERY>  
                  CPU: 341ms  
          
          Jan 02 14:28:26 pi sh[6695]:   File "<frozen importlib._bootstrap_external>", line 940, in exec_module  
          Jan 02 14:28:26 pi sh[6695]:   File "<frozen importlib._bootstrap>", line 241, in _call_with_frames_removed  
          Jan 02 14:28:26 pi sh[6695]:   File "/home/USERNAME/pyfedi/celery_worker.py", line 3, in <module>  
          Jan 02 14:28:26 pi sh[6695]:     from app import celery, create_app  
          Jan 02 14:28:26 pi sh[6695]:   File "/home/USERNAME/pyfedi/app/__init__.py", line 7, in <module>  
          Jan 02 14:28:26 pi sh[6695]:     from flask import Flask, request, current_app, session  
          Jan 02 14:28:26 pi sh[6695]: ModuleNotFoundError: No module named 'flask'  
          Jan 02 14:28:26 pi systemd[1]: celery.service: Control process exited, code=exited, status=2/INVALIDARGUMENT  
          Jan 02 14:28:26 pi systemd[1]: celery.service: Failed with result 'exit-code'.  
          Jan 02 14:28:26 pi systemd[1]: Failed to start celery.service - Celery Service.  
          
          

          At this point I am stuck and not sure where to go from here.

          • Rimu
            link
            fedilink
            English
            219 days ago

            You seem to have followed the instructions for BOTH the easy way (docker) AND the hard way - you have PieFed running in docker AND you have it installed on the host. Is that it?

            • tatersOP
              link
              fedilink
              English
              119 days ago

              There is just one PieFed running in docker on the Pi. My labeling might be a little confusing there.

              I followed the easy instructions up until getting PieFed running in the background then skipped down to the Running PieFed in production section. I didn’t see any of the files mentioned in that section and thought to continue from there.

              • Rimu
                link
                fedilink
                English
                318 days ago

                Ahh there we go. The first half of ‘running piefed in production’ is for the hard non-docker way. The second half will need heavily modification to be appropriate for docker.

                Sorry to waste your time. I’ll split the installation instructions into two files because mashing them up together like this is very confusing.

                • tatersOP
                  link
                  fedilink
                  English
                  118 days ago

                  No worries, I’m at least learning a lot about network communication and using the terminal in linux more comfortably. In this case I learned how virtual environments work.

                  Also since it’s a Pi, I’ve been copying and swapping SD cards at certain points as a backup. It’s easy to clean up learning mistakes along the way. It’s also good practice before I do it all over again on a proper storage device.

                • tatersOP
                  link
                  fedilink
                  English
                  118 days ago

                  I’ve tried just building PieFed in docker with as few things changed as possible and I am still running getting the same message when I try to log in. The CSRF tokens do not match.

                  The only change I made was in the .env.docker file which was SERVER_NAME=‘pi.DOMAINNAME.ca:8030

                  This is what the reverse proxy in nginx looks like now:

                  upstream app_server {  
                      # fail_timeout=0 means we always retry an upstream even if it failed  
                      # to return a good HTTP response  
                  
                      # for UNIX domain socket setups  
                      # server unix:/tmp/gunicorn.sock fail_timeout=0;  
                  
                      # for a TCP configuration  
                      server 192.168.40.140:5000 fail_timeout=0;  
                      keepalive 4;  
                  }  
                  
                  server {  
                      server_name pi.DOMAINNAME.ca;  
                      root /home/USERNAME/pyfedi/app;  
                  
                      keepalive_timeout 30;  
                      ssi off;  
                  
                      location / {  
                          # Proxy all requests to Gunicorn  
                          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;  
                          proxy_set_header X-Forwarded-Proto $scheme;  
                          proxy_set_header Host $http_host;  
                          proxy_redirect off;  
                          proxy_http_version 1.1;  
                          proxy_set_header Connection "";  
                          proxy_pass http://app_server;  
                          ssi off;  
                      }  
                  
                     # Serve static files directly with nginx  
                      location ~* /static/ {  
                          alias /home/USERNAME/pyfedi/app/static/;  
                          expires max;  
                          access_log off;  
                      }  
                  
                  }  
                  
                  

                  I’ve tried changing ports, commenting out different parts and it’s still the same. I’ve even checked the port forwarding settings and I still getting the same message. I did notice when I ran netstat -tunpl I didn’t see any ports from docker for port 5000. If I understand how the reverse proxy works, I should have a connection coming in from the outside on port 8030 and be redirected by nginx to port 5000 on the local machine where PieFed is hosted? If that’s right, then nginx isn’t sending anything through 5000 locally and just through 8030 I think.