In the past few days, I’ve seen a number of people having trouble getting Lemmy set up on their own servers. That motivated me to create Lemmy-Easy-Deploy
, a dead-simple solution to deploying Lemmy using Docker Compose under the hood.
To accommodate people new to Docker or self hosting, I’ve made it as simple as I possibly could. Edit the config file to specify your domain, then run the script. That’s it! No manual configuration is needed. Your self hosted Lemmy instance will be up and running in about a minute or less. Everything is taken care of for you. Random passwords are created for Lemmy’s microservices, and HTTPS is handled automatically by Caddy.
Updates are automatic too! Run the script again to detect and deploy updates to Lemmy automatically.
If you are an advanced user, plenty of config options are available. You can set this to compile Lemmy from source if you want, which is useful for trying out Release Candidate versions. You can also specify a Cloudflare API token, and if you do, HTTPS certificates will use the DNS challenge instead. This is helpful for Cloudflare proxy users, who can have issues with HTTPS certificates sometimes.
Try it out and let me know what you think!
Really awesome work. We need more Lemmy servers!
After trying to do it with docker or ansible manually for hours and failing, this was soo helpful. So thank you.
As someone who spent hours figuring out how to deploy through Ansible, how dare you /s But seriously thank you for putting in the work to make creating an instance more attainable for people.
This was the only tool that I was able to get running. I recommend it to anyone curious about running their own instance. I tried both the official Ansible and Docker instructions, and neither worked.
I used this and the developer is very helpful. Works great. Helped me even upgrade to 0.18.0.
I appreciate the effort, but for software as experimental as Lemmy I would argue making things 1-click “simple” will inevitably lead to people breaking their instances in the future, when some migration will be required.
I would strongly suggest people figure things on their own.
You kind Sir/Lady/Gentleperson are making the fediverse a better place with this help. Thanks a bunch, gonna definitely ease my attempts at eventually self-hosting!
Wow, I’ll definitely look into this, thanks! Even if I don’t use it, it still may be useful just reading through it.
Hi @ubergeek77@lemmy.ubergeek77.chat
I must be doing something wrong here because unlike many others I can’t seem to get this working! Please can you offer some advice?
I have amended the config.env file to change the HOSTNAME, SITE NAME and ADMIN USER but left everything else the same.
I then ran ./deploy.sh and everything seems to have worked because it presented me with the admin login credentials and basic instructions to shutdown and start the instance. I tried simply typing the IP address of the docker container in to a browser but that didn’t work and TBH I didn’t expect it to. I then typed the URL into the browser and I’m getting a “ERR_TOO_MANY_REDIRECTS” error message. I read through the trouble shooting on your Github but the only reference to too many redirects mentions a Cloudflare API token, I’m not using Cloudflare nut I am using nginx proxy manager to point my URL to the docker container.
I hope some of this makes sense.
Hey there, please note that running behind a reverse proxy is not supported. You can do it if you want, but you are kinda on your own, sorry.
If it helps, you will probably need to disable Caddy’s TLS in the config, and you will need to make sure that the request reaches Caddy via the correct host. You can’t reverse proxy directly to port 80 over an IP, it needs to think it’s coming from an actual domain.
You can also check out my advanced configuration page to learn how to override the Caddyfile template and roll your own config that is more compatible for your use case.
Good luck!
Thank you so much for replying.
I think this is above my skill level, but I will have a read through your advanced configuration page and see if I can understand it.
Thanks again, but I think I’m going to need more than luck!! LOL
You’re welcome!
If you’re not already, I recommend trying to host this on a cloud VPS service, such as Vultr, Linode, or DigitalOcean. This would give you a reliable, always online Lemmy instance, which means you won’t miss any federation data. Even a cheap $5 VPS instance would be enough to get you started, though a $10 would give you more breathing room.
If you’re hosting at home, it’s generally not a good idea to do that, especially for an application like Lemmy. Most consumer grade network equipment at home might not be equipped to deal with the unrelenting 24/7 flood of data coming in due to federation. And if your power or internet ever goes out, you will be missing any comments, posts, or votes that were sent out during your downtime.
Thank you again. Yeah, I’m trying this from home as opposed to a vps. It’s more as a learning exercise than a serious instance.
I’m still going to try and getting it working behind my reverse proxy, like I say, as a learning experience.
The check
$LEMMY_HOSTNAME == http*
will give a false positive if (for whatever reason) the domain name starts with httpThanks! Fix pushed.
Literally been thinking about this so thank you beautiful brained individual. Would you mind if I shouted this in the YSK group?
Thank you very much for the kind words!
Please be my guest! It would make me happy to know this was helping people join Lemmy!
Any tips on how to customize the favicon for my instance? Using the docker-compose method.
Ok nevermind to everything I just said before this edit.
Go into your instance settings and upload an icon. A favicon will be made for it automatically.
Quick update, it seems the favicon works in Chrome but not Firefox.
I use my own deployment and I’ve never had an issue with my favicon on Firefox, on both desktop and mobile. Maybe it’s a weird browser caching thing?
Do you see a favicon at lemmy.onitato.com ?
No, but I can see in your HTML the favicon is being server side rendered. It’s probably not working on Firefox because the icon is very large. Here is the URL it uses:
Try scaling it down and uploading it again? If it’s small enough it should work immediately. I wouldn’t know how large, though. My icon is pretty tiny.
A bit OT, but worth the shot: can anyone confirm whether instances deployed with this script can be found on Mastodon?
I have tried both the ansible script provided by the developers and I’ve adapted the docker-compose files to get things running on Docker Swarm. Everything seems to be working well, object storage, federation… except that I can not find any user or community from my instance if I search from Mastodon.
I saw a bug
I see this user who deployed using this script, I click the username link below his name which should lead to server.tld/u/username, but it leads to server.tld/users/username, maybe some kind of dbUser -> outside world configuration is broken?
Also the Bio is different on his local instance and the federated instance?
I will definitely try this out. I already have my domain and SSL certificate. This will work on linode right?
It will work on pretty much anything that has a public IP and a domain pointing to that IP. The only thing that won’t work “out of the box” for most users is email, as most VPS providers block port 25. If you’ve requested access to port 25 and have been approved to use it, you can edit
config.env
to turn on the email service.As for your SSL certificate, unfortunately this does not support importing your own certificate. It’s made for beginners, after all :p
But there should be no problems with Caddy simply requesting a new one for you!
I think I have successfully got the server running on my linode.
I’m glad to hear that! Thanks for letting me know, it’s nice to hear people were able to use my script to get up and running :)
Once I got it up and running, I had to figure out how to get my domain to redirect to it. Now I just gave to figure out how to start federating with other instances.
If your instance is fully reachable from the public, all you have to do is search for the community you want to federate with in your search bar. For example, if you wanted to federate with and subscribe to this community, put this in your search bar, then hit search:
https://lemmy.world/c/selfhosted
Give it a few seconds, until you either see “No results” disappear, or until you see it show up as “<community name> - 0 subscribers” in the search results. This works for kbin communities too!
You might see some people say to search it like
!selfhosted@lemmy.world
, but I have way more success with doing it with the actual links. After you’ve done that, you can click onCommunities
at the top of your instance’s page, click theAll
tab, then start subscribing with some of them.It will only start pulling “new” data though, you won’t get days or week old posts like this. But, if there is something you want to see/comment on from your instance, you can put the direct link to any post, comment, or user into your instance’s search bar, to make it “aware” of that post/comment/user. Then you can just interact like normal.
Welcome to the self-hosted Fediverse!
Hey there. Not that Lemmy has been updated, do you know how long until the script can pull the update?
Edit: I saw on GitHub you’ll have to update the script.
Wait, so pardon my noobism, but does this mean you need to federate with communities manually? Don’t instances start out as already being federated with everything?
Yep. It’s all manual. There are hundreds of Lemmy instances out there, new instances have no way of discovering any of them unless you tell it how.
Federation with a community only has to happen once. After it’s connected, the instance will always receive new data and posts from that point forward. That is why the major public instances always have posts from a wide variety of instances.
But, only a single person needs to do the federation, it doesn’t have to be done by an admin. After the connection is made with a community, content from that community will start showing up on “All” for that instance for everyone.
how well do those email servers work to begin with? i just flat out disabled the postfix relay on my instance and simply configured sendgrid, which works perfectly, no delays or spam folder issues (although i did have to disable a bunch of tracking bullshit). doing so with similar services has been my go-to card in freelance webdev, because getting other mail servers to trust you can be hard, so i’m interested in the experience people are having with those. (i’d much prefer to self-host email too, but providing a good experience is the primary goal)
I haven’t actually used the embedded postfix server at all, I keep mine disabled. I only include it because it’s “included” in the official Docker deployment files, and I try to keep this deployment as close to that as possible.
I’m considering adding support for an external email service, as you mentioned, but I have nearly zero experience in using managed email services, and I’m not sure if non-technical users would be able to navigate the configuration of things I can’t do for them (i.e. on a web dashboard somewhere). And if I can’t do it for them, it means more issues for me, so I hesitate to add support for it at all.
I’d love to hear your experience in setting up sendgrid and how easy that was. And the tracking stuff you mentioned as well.
On the surface, setting up an external mail server is actually super easy. Pretty much every service supports SMTP, so all you need is to find your credentials (an endpoint, a username, and a password) and input that in your lemmy.hjson file, along with a sender address. There is a verification process with every email provider, you will usually have to set some DNS records to prove you own the domain you’re trying to send from, but once you do these two things, emails will just start flying out.
The actual process tends to be a little more tedious though. Pretty much every mail provider wants to sell you on their specific super awesome API and only mentions SMTP as a footnote, for reasons that I can only parse as an attempted vendor lock-in. They also sometimes make the verification process difficult. SendGrid, for example, immediately redirects you to their “sender identities” which are more useful for their marketing automation tooling than they are for automated emails from a website, and you also have to dig a fair bit to find the SMTP credentials. (The endpoint is
smtp.sendgrid.net
,apikey
on the username, and whatever your API key is for the password, you’ll need to set one of those up.) They also have a number of different tracking things that you’ll have to find and turn off in the UI (luckily all of them can be toggled in the same place), which would normally actually help you by providing you statistics about how many emails were opened and how many people clicked on links, but for the emails Lemmy sends, it’s useless and I didn’t want SendGrid to collect that data on my instance users, so I shut that off.Initially, I wanted to use Amazon SES, but they have an even more tedious setup: you have to talk to an actual human to have them turn it on for you, otherwise you’re stuck in sandbox mode and can only send email to verified receiver addresses. Their service works well though, I used it a lot in my freelancer days, and they do make it fairly straightforward to find the SMTP credentials, but the verification process can be slow.
I also remember using Mailgun for some project ages ago, it was pretty much the same deal as all the others: you have to pry the SMTP details out of their docs, but once you do and you verify your stuff, it works well.
Ultimately, I think the best you could do to help out users here is to provide them with documentation for a few of these services: exactly where to go, which buttons to click and whatnot. Or just stick to the embedded service for a bit, but the real issue there is the bounce rates from spammers. They made my instance send out like 60-70 verification emails for bogus addresses on gmail, yahoo, hotmail, and live.com on the first day I got federation working, and if you don’t already have a good reputation – which is what these third parties help you with – then you can easily get yourself blacklisted, either internally or externally.
I see. Thanks a lot for this!
I really don’t have the capacity to support a bunch of different email services, so it sounds like the best I can do right now is make the SMTP settings accessible without also running the postfix server. So if someone wants to run their own email somewhere else, they can configure it. But otherwise, I’ll leave it to the user to figure out what happens after an email request leaves Lemmy.
Does that sound fair, and like something you would have used? Essentially just an interface in
config.env
that puts the right SMTP address/credentials inlemmy.hjson
.yup, that sounds perfect
i can’t track down a non vendor-specific guide right now but if you just expose the same settings in
config.env
that you’d have in thelemmy.hjson
file that should be more than sufficient to get an external service goingThanks!
I’ve got that included in a staging version I’m preparing to release, if you wanted to take a look at the changes:
Email is vital to lemmy working. Saying this works without mail config is just silly.
I’m not sure what you mean? Most people are just self hosting instances for themselves, where email isn’t needed. My instance doesn’t have an email service.
And as I explained, if email is something you want, I have an advanced option for this. It’s not the default because there is not a public VPS host out there that lets you use port 25 without special approval.
Email config is needed for lost passwords. It’s also needed for account verification, if you run without verification you could easily become a place for people to abuse other servers and get yourself defederated.
Many web hosts have poisoned mail IPs, so setting up with a smtp config to a well known site server is required if you want your emails to be delivered.
And that is why I don’t advertise this as supporting email out of the box, and why it’s an advanced option without any support from me. The embedded postfix server is part of the official Docker Compose deployment from upstream Lemmy, and it’s part of the officially supported Ansible deployment too. Those deployment methods are what this is modeled after. That is as far as I go on email support. If upstream Lemmy started including some automatic AWS SNS configuration, I would adopt it, but they have not done so.
Everyone who has reported success to me so far are running single user instances for themselves. That is my target audience, and for that audience (and myself), email is not even close to being a hard requirement.
However, if you would like to improve this script by adding support for more robust and secure email systems, I would be happy if you submitted a PR to do just that :)
Don’t lose your passwords and leave closed registration so only people you actually want on your instance are on it. You absolutely do not need email.
You can’t have the checkbox for federation and private, the server will crash and tell you that in the lemmy log. Had that happen when I did thy to setup without email the first time.
Hey @ubergeek77@lemmy.ubergeek77.chat, I’m trying this on an Aarm64 instance and the script says it only works on v0.17.4. Is there a plan to update to 0.18?
EDIT: the script fails for 0.17.4 here:
=> ERROR [lemmy builder 6/7] RUN cargo build --release 1183.5s
Build timer continues but CPU usage drops off. Any ideas where I’ve gone wrong?
Try again with the latest version of Lemmy Easy Deploy.
I am now building multiarch images for 0.18.x, and my script will now default to my multiarch images, so there is no longer a need to build it yourself :)
I’ll give it a go on Monday, cheers!
Before this week, I would have told you no. But I have big plans for the 0.18.1 update.
The Lemmy team has completely broken ARM support with seemingly no plan to support it again. They switched to a base Docker image that only supports x86_64. This is why your build fails. I still don’t understand why they would move from a multiarch image to an x86_64-only one.
I’ve been working on this for about a week, and just yesterday I finished a GitHub Actions pipeline that builds multiarch images for x64/arm/arm64. I currently have successful builds for 0.18.1-rc.2. In a future update for my script, I will have it use these, that way ARM users don’t need to compile it anymore. I just ask for a little patience, I haven’t been able to do any work on Lemmy Easy Deploy since I’ve been working on this pipeline :)
I also do want to qualify - don’t get your hopes up until you see it running for yourself. Ultimately, I am just a DevOps guy, not a Lemmy maintainer. I haven’t tested my ARM images yet, and while I did my best to get these to build properly, I can’t fix everything. If anything else breaks due to running on ARM, it will be up to the Lemmy team to fix those issues (which is not likely anytime soon, if their updated x86_64 Dockerfiles are any indication).
But, fingers crossed everything goes smoothly! Keep an eye out for an update, I’m working hard on it, hopefully I can get it out in time for 0.18.1!
EDIT:
Of course I had to just go and open my mouth. This doesn’t look good. I may need to remove ARM support from Lemmy Easy Deploy entirely until Lemmy figures this out :/