Hi, I'm just starting out with self hosting and I am currently working on a project meant to serve a small town that I live in. What I would like to do is host a small social media site from a Rapsberry Pi 5. I'm not expecting to have a lot of people using it so I'm not pressured about the hardware requirements at this point in time.
I have a few questions before I go any further.
-
Is it possible to set up a PieFed instance as text only? I'm not interested in moderating images or videos. Also, I'm also running this from a residential connection so I don't want to affect my home traffic. All aspects of this project are meant to be as minimal as possible to access more people.
-
My ISP blocks ports. I intend to call them soon and talk to them about unblocking ports. If I am unable to do that, my backup plan to simply run an instance that is unfederated. It will act as a message board for my town. Can I set PieFed to a custom port for traffic? For example using piefed.domainname.com:8080 as the address for people to reach my server.
-
Does the registration for new users require any SSL? I'm not entirely sure if that would be affected the same as federation without SSL.
-
Would mail related services be affected by blocked ports? Would I be able to use another email address not associated with my domain name and PieFed instance?
Thanks for any help or information.
You can convert an instance to run locally over http without SSL, yes. All you need to do is change your SERVER_NAME environment variable to
127.0.0.1:5000or whatever your IP address is. Federation won't work but that's ok for this scenario.I ran piefed.social without cloudflare for a few weeks, until the network activity caused by federation required better caching. I used Nginx to listen on port 443 (and to integrate with Lets Encrypt for SSL) and forward requests through to port 5000. This is the setup I documented in the "the hard way" installation instructions. Hopefully your ISP does not use CGNAT and you'll simply be able to open a port on your router and send it through to your Pi.
You don't really really need email to work because you can create accounts manually through the admin area. Other than during registration the other other function email is used for is notifications about replies, new posts, etc which isn't crucial.
So after a few attempts, I was able to get PieFed working by accessing it through pi.MyDomainName.ca:5000
I changed the SERVER_NAME in .env.docker to match the address above, but with my actual domain name. I also changed the port numbers from 8030:5000 to 5000:5000 in the compose.yaml
I am running into an issue when I attempt to use the login information after the database initialization steps. I get the error "The CSRF tokens do not match." above the username field on the login screen. I'm not sure what that means exactly.
Other than that, using the docker was fairly straight forward except for some information I forgot to put in correctly the first couple times.
Congrats :)
Does your SERVER_NAME include :5000 on the end? It probably should.
CSRF is a type of hack where the attacker sends fake requests to a web app, from another domain. If PieFed thinks a normal form submission is coming from another domain then that makes me think your reverse proxy (Nginx? Caddy?) needs to add a header that tells PieFed what the domain of the original request was, before it was forwarded on to PieFed. Or are you not using a reverse proxy at all?
Yeah, I had :5000 at the end, otherwise I would have gotten an error with the initial website connection from a browser saying the domain did not match. That's how I figured out to change the port in the compose.yaml from an earlier attempt.
I did not create a reverse proxy. I got excited at getting the site to load that I missed that. I'll try that in a couple days when I'm free again.
Docker decided to randomly disappear my PieFed image an hour after I finished working on it. The PyFedi folder and all it's contents have vanished. A very quick search showed that it has happened to other people with other images. So it's a thing maybe? Strange but fortunately it was all fresh and nothing was lost.