From 7c514de666445863ada99a9cb054c26dd5f34ee4 Mon Sep 17 00:00:00 2001 From: Erik Stambaugh Date: Sun, 28 Jan 2024 19:31:03 -0800 Subject: [PATCH] Update README --- README.md | 54 +++++++++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 51 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 5aab28f..ddd7953 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,22 @@ -The intent here is to create an all-in-one social server build +Provisions, builds, and configures a full Mastodon server, with all the trimmings. + +There's a lot of rote work involved in setting up a Mastodon server, and this simplifies things a lot. + +THIS IS NOT YET READY FOR PRODUCTION USE! But it's getting close! + +## What does it do? + +It configures... +* A server in AWS EC2 +* DNS zone data at AWS Route53 as well as nameserver configuration at the registrar +* SES to deliver outbound mail, setting everything up to verify your domain +* SSH keys for the instance, and AWS SSM to manage SSH connections without having to open port 22 +* nginx reverse proxy +* certbot to manage TLS certificates automatically +* an S3 bucket for media storage +* Mastodon +* fediblockhole to auto-block bad servers by default +* Probably some other stuff I'm forgetting ## Requirements @@ -10,7 +28,37 @@ The intent here is to create an all-in-one social server build * Python 3.6+ for credentials * python3-bs4 (BeautifulSoup 4) -Your AWS account needs to be moved from the SES sandbox into production in the region you're deploying to. This is -requested through the AWS console. +## Setup + +You need a working set of AWS credentials to set up the server. Head to `aws.amazon.com` and click the sign-up +button. AWS is a paid service and you will be charged for the resources this sets up. + +* `./configure` and answer the questions it asks you +* `make` + +Once SES is configured, you need to manually go to the AWS console and request that your account be moved from the +sandbox to production, before it will deliver mail. + +At present the server it configures will not be open to the public. A step will be added soon to move your server +into "production" and open the port up once you're satisfied with it. + +## Roadmap + +Some missing features: + +* postfix inbound to relay main from SES back to the administrator +* SMTP and IMAP services for users: postfix/dovecot/rspamd/pigeonhole! Maybe! +* Support for migrating Mastodon to newer versions, including database upgrades +* AWS Secrets Manager support for various credentials +* Phanpy +* Synapse and Element +* Backups! (ha!) +* Vagrant and existing-server support for people not wanting to use AWS +* ActivityPub relay subscription (if desired) +Other work that still needs doing: +* Converting from docker to podman +* non-root access for Ansible +* A more configurable server topology with HA and autoscaling for larger sites +