Write.as

Write.as is a company founded in 2015. It provides platforms to publish contents in Internet, including its flagship product, Write.as, the same name application as the company. You can host your site with either Free or Pro account. The service is powered by its core applications and WriteFreely.

• Write.as Guide: https://guides.write.as/
  • Writing Posts
  • Publishing a blog
  • Customizing Write.as
  • Publicizing Posts
• How to use Write.as: https://howto.write.as/
  • Organization
  • Adding Photos
  • Show an Excerpt
  • Creating a Static Page
  • Creating a draft
  • Enable Federation

WriteFreely

WriteFreely is an open source static site generator, developed at GitHub by Write.as company. It is one of the core applications used on Write.as product. It is possible to run WriteFreely on your server. This case you are expected to manage everything by yourself. You can also create your site on public instances listed here.

• https://writefreely.org/
• https://writefreely.org/docs/
• https://blog.writefreely.org/ (hosted on Write.as)

Though almost all of the functions are common between Write.as and WriteFreely, one of the main differences between Write.as Pro and WriteFreely is that you have to find places where you upload images by yourself, as WriteFreely does not include an image uploader or an image management application.

https://guides.write.as/writing/#uploading-photos

Write.as Pro users can upload photos to Snap.as. Unlike free services such as imgur, Snap.as is developed by us and funded by you — which means your photos will have a lasting, ad-free home on the web

This should not be a big problem if you host your WriteFreely on a server as you just can upload images to it. You would have to use a FTP client or scp / rsync via SSH to upload them. Uploading to Amazon S3 or Tardigrade should work too.

There are other differences such as Email subscription, publishing via Email, cross-posting with Twitter, etc. Please check this page to see what you can get on Write.as Pro account and what you cannot on either Write.as Free account or your WriteFreely instance.

Installation guides:

• https://writefreely.org/start
• https://discuss.write.as/t/slightly-less-simple-install-how-to/303

If you are willing to host a WriteFreely instance with SSL support, I would recommend you to have a look at the latter instruction. Some of the commands seem outdated, so please check the latest information.

#fediverse #writeas #writefreely #guide

Copyright © 2021 Suguru Hirahara. This work is available under GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation. See https://blog.progressiv.dev/yq31akw3jj for copying conditions.

0. Introduction

What is “diaspora*” ?

https://www.howtoforge.com/how-to-install-diaspora-decentralized-social-media-on-debian-10/

Diaspora is an open-source, privacy-aware, and distributed social network. It consists of a group of independently deployed and owned nodes which interoperate to create the network. Diaspora is a social network that focused on three philosophy, decentralization, freedom, and privacy.

Manual installation is preferred

I assume that maybe you were looking for a way of installing diaspora* with a tool such as Docker or Ansible.

I understand you would prefer an isolated environment so that you could remove packages whenever you would like to.

However, unfortunately, neither Docker nor Ansible playbook is supported officially as of now. Technically, Docker support has been implemented here, but it lacks documentation and is mainly for development. See: https://github.com/diaspora/diaspora/pull/7870#issuecomment-429594392

Bitnami installer is officially discouraged

There is also an installer by Bitnami provided here.

However, keep in mind that it is not officially supported. It is also discouraged by the develpment team.

https://discourse.diasporafoundation.org/t/noob-using-bitnami-ports-and-security-help/3202/2

The general advice is “don’t use Bitnami or anything else that claims to be able to set up diaspora*”, because they can’t. Our official installation docs are found in the wiki, and they explain everything, including the config files.

Though it is not clear if it means that they cannot create an installer properly because of technical limitation of some sort or that they are just poor at programming, there is a lot of reports at the official forum about the bitnami installer's issue.

Basically, the only recommended way of installing diaspora* is to install packages and configure them manually, including a web server, a SSL certificate, etc.

Official instructions are for advanced users

There are instructions for installation on the official wiki page, but probably it is safe to say that they are for advanced users. There you are expected to have set up a web server and a database software and configured them already, which is a tough task for beginners.

Acknowledgement

The article is based on: https://www.howtoforge.com/how-to-install-diaspora-decentralized-social-media-on-debian-10/. I tried these commands by myself and verified it worked on Debian 10. Below I tweaked only tiny parts to improve the instruction. Huge thanks to the author of the original article!

Disclaimer

This guide is written for Debian 10. It is not tested for neither previous nor future versions. The name or version of the packages may change, so please make sure that you are installing proper packages.

For the latest information, please consult the documentations on the official wiki and the project page at GitHub. The FAQ page for server administrators is worth checking when you experience an issue.

As of now, the latest version of diaspora* is 0.7.14.0.

1. Initial server setup

Before proceeding, you should not forget to configure the basic security setting of your machine. Initial Server Setup with Debian 10 on DigitalOcean is a nice guide for beginners.

Now the basic security setting has been configured, let's start installation.

First, log in as root if you are not.

$ su - root

(If you are familiar with sudo already, you can safely run these commands below with # with sudo, after adding the current user to sudo group with root user.)

Next, update system packages.

# apt update && apt upgrade -y

Since this instruction uses vim as a text editor, install vim. You'll need sudo too.

# apt install vim sudo

Of course, you could choose your favorite text editor such as emacs and nano.

2. Install dependencies

First, install the basic packages to install diaspora* with this command:

# apt install build-essential cmake gnupg2 libssl-dev libcurl4-openssl-dev libxml2-dev libxslt-dev imagemagick ghostscript curl libmagickwand-dev git libpq-dev redis-server nodejs postgresql

Start redis-server

Let's start redis-server.

# systemctl start redis-server

# systemctl enable redis-server

Start postgresql

Start postgresql too.

# systemctl start postgresql

# systemctl enable postgresql

3. Create a new user on postgresql

Here we are going to add a user on postgresql, a database software.

Since we have installed and started it already, log in to the postgresql shell with:

# sudo -i -u postgres psql

First, change the password for the default user by running this command.

postgres=# \password postgres

Then, run the command below to create a database user diaspora. Please do not forget to replace yourpassword with a new one.

postgres=# CREATE USER diaspora WITH CREATEDB PASSWORD 'yourpassword';

Those information will be required later when we configure diaspora* (step 6), so please take a note of them.

Now the database user has been added, run exit to log out from postgres shell.

postgres=# exit

4. Create a new user on Debian to install diaspora*

Now let's add a new user diaspora to Debian, with which you'll install diaspora*.

First, make sure you are on root. If you are not, run this command to log in to root user: $ su - root.

Please run this command to add diaspora.

# adduser --disabled-login diaspora

Do not forget to set a password of the user.

# passwd diaspora

Let's add the user to sudo group.

# usermod -aG sudo diaspora

5. Install ruby with rvm

Before installing diaspora*, we need to install ruby for the user.

In this instruction we are going to use RVM (Ruby Bersion Manager) to install ruby 2.6, the supported version for diaspora* as of now.

Install GPG keys

First, before installing RVM, log in to diaspora with this command:

# su - diaspora

Then, add GPG keys to proceed with RVM installation.

In order to add them, run the command on this official page here: https://rvm.io/rvm/install#install-gpg-keys.

Since the GPG keys can be revoked and replaced with new ones any time, please do not forget to check the latest information. Also, please remember not to copy and paste GPG key values from a third party website.

Install and load RVM

After installing the keys, let's install the stable RVM.

$ curl -sSL https://get.rvm.io | bash -s stable

Then, load the RVM's script with:

$ source /home/diaspora/.rvm/scripts/rvm

Install ruby 2.6

Note: the required version of ruby may change in the future. Before installing ruby, please consult the installation guide on the official wiki for the supported version.

As of now, ruby 2.6 is recommended, so let's install it with RVM:

$ rvm install 2.6

6. Install and configure diaspora*

In this step we are finally going to install diaspora*.

At first, confirm you are logged in as diaspora. If not, run this command: $ su - diaspora.

Download source code

Run this command to download the latest stable source code of diaspora*.

$ git clone -b master https://github.com/diaspora/diaspora.git

If you are willing to test/develop diaspora*, switch to develop branch.

Note: if master branch cannot be found, it is likely that it has been renamed to main branch. In this case, run instead: $ git clone -b main https://github.com/diaspora/diaspora.git.

Copy configuration files

Next, move to the source code directory, where you are going to install diaspora*.

$ cd diaspora

Here you are required to configure two configuration files, one for the database connection (database.yml) and the other for diaspora* itself (diaspora.yml).

First, let's copy example configuration files by running these two commands.

$ cp config/database.yml.example config/database.yml

$ cp config/diaspora.yml.example config/diaspora.yml

Note: in a future version, diaspora.yml.example will be replaced with dispora.toml.example. In case you cannot find diaspora.yml.example, try this command instead: $ cp config/diaspora.toml.example config/diaspora.toml.

Edit database configuration file

At first, we are going to configure database.yml. Open the file on vim with:

$ vim config/database.yml

Inside the file, there should be a postgresql section.

postgresql: &postgresql
  adapter: postgresql
  host: "localhost"
  port: 5432
  username: "diaspora"
  password: "yourpassword"
  encoding: unicode

Please replace yourpassword with your own password which you have set on the step 3 above.

After editing, save the change and close the file.

Edit diaspora* configuration file

Next, open diaspora.yml inside config folder.

$ vim config/diaspora.yml

Note: If you cannot find diaspora.yml, try this command: $ vim config/diaspora.toml.

There are many options you would like to change later (enabling/disabling of account creation, captcha on creating account, etc.), but for now let's just edit something important.

The critical configurations are url, certificate_authorities, and rails_environment.

url

First, look for url under environment, and replace it with the domain where you are going to host a diaspora* instance.

Since we are going to serve a diaspora* instance on HTTPS, do not forget add the domain with https://.

As said explicitly in the configuration file, you cannot change the value later. So please be careful to pick a right domain!

certificate_authorities

Next, we need to set certificate authorities.

Just under the url setting, there should be the line which starts from #certificate_authorities.

Since we are on Debian, remove # of the first one. It should be like certificate_authorities = "/etc/ssl/certs/ca-certificates.crt".

rails_environment

Then, let's set the rails environment value to production.

Under server section, there should be the line which starts with #rails_environment. Please remove the hash and set it to rails_environment = "production".

Disable captcha on registration

Since captcha does not work well, you have to disable it as of now. See: https://github.com/diaspora/diaspora/issues/6828

Under settings and captcha section, there should be option enable. Please set it to enable: false.

After those changes, the configuration file should be set as below.

configuration: ## Section
...
  environment: ## Section
...
    url: "https://example.com"
    certificate_authorities: '/etc/ssl/certs/ca-certificates.crt'
...
  server: ## Section
    rails_environment: 'production'
...
  settings: ## Section
...
    captcha: ## Section
      enable: false
...

where https://example.com should be your own domain with https://.

Install gem and ruby libraries

Here we are going to install applications required for diaspora*. On diaspora user, run these commands to install them.

$ gem install bundler

$ script/configure_bundler

$ bin/bundle install --full-index

Migrate database

Run this command to migrate the database.

$ RAILS_ENV=production bundle exec rake db:create db:migrate

Compile assets

Run this command to compile assets.

$ RAILS_ENV=production bin/rake assets:precompile

Here diaspora* has been installed on your system. Below we are going to prepare the system for running and serving it properly.

7. Set up diaspora* as a service

Now, we are going to set up diaspora* to run as a service.

First, log in as root.

$ su - root

Next, move to the directory below:

# cd /etc/systemd/system/

Inside the directory, we are going to create three files, diaspora.target, diaspora-web.service, and diaspora-sidekiq.service.

diaspora.target

Create a new file with vim.

# vim diaspora.target

Copy and paste the configuration below to the file.

[Unit]
Description=Diaspora social network
Wants=postgresql.service
Wants=redis-server.service
After=redis-server.service
After=postgresql.service

[Install]
WantedBy=multi-user.target

Save and close it.

diaspora-web.service

Next, create a new service for diaspora web interface:

# vim diaspora-web.service

Copy and paste the configuration:

[Unit]
Description=Diaspora social network (unicorn)
PartOf=diaspora.target
StopWhenUnneeded=true

[Service]
User=diaspora
Environment=RAILS_ENV=production
WorkingDirectory=/home/diaspora/diaspora
ExecStart=/bin/bash -lc "bin/bundle exec unicorn -c config/unicorn.rb -E production"
Restart=always

[Install]
WantedBy=diaspora.target

Save and close it.

diaspora-sidekiq.service

Finally, create a new service for the monitoring service:

# vim diaspora-sidekiq.service

Copy and paste the configuration:

[Unit]
Description=Diaspora social network (sidekiq)
PartOf=diaspora.target
StopWhenUnneeded=true

[Service]
User=diaspora
Environment=RAILS_ENV=production
WorkingDirectory=/home/diaspora/diaspora
ExecStart=/bin/bash -lc "bin/bundle exec sidekiq"
Restart=always

[Install]
WantedBy=diaspora.target

Save and close it.

Register services

Here we are going to set those services to run automatically on reboot.

First, reload the systemctl daemon.

# systemctl daemon-reload

Next, enable those services with this command.

# systemctl enable diaspora.target diaspora-sidekiq.service diaspora-web.service

Run diaspora.target to start the two services.

# systemctl start diaspora.target

In order to check if they are up and running, run these commands.

# systemctl status diaspora-web

# systemctl status diaspora-sidekiq

8. Install SSL certificate with certbot

Install certbot

In this instruction we are going to use certbot by EFF to obtain Let's Encrypt certificates automatically.

First, install certbot.

# apt install certbot

Obtain Let's Encrypt certificate

Then, run this command to make certbot obtain the SSL certificate.

# certbot certonly --rsa-key-size 2048 --standalone --agree-tos --no-eff-email --email example@example.com -d example.com

Please do not forget to replace the email address (example@example.com) and domain (example.com). Since you may receive important information later, such as a SSL expiration warning, you should use a reachable email address.

Also, please note that there are rate limits on Let's Encrypt. You should be careful not to exceed the limit, otherwise you would need to wait one week until it becomes possible again to obtain the certificate for the same domain.

Renewals are treated specially: they don’t count against your Certificates per Registered Domain limit, but they are subject to a Duplicate Certificate limit of 5 per week.

Exceeding the Duplicate Certificate limit is reported with the error message too many certificates already issued for exact set of domains.

9. Install and configure the web server

Here, we are going to install and configure nginx to serve diaspora* with HTTPS.

First, let's install nginx.

# apt install nginx

Create a configuration file

Then, create a configuration file with vim.

# vim /etc/nginx/sites-available/diaspora

Copy and paste the configuration below. Please don't forget to replace example.com with your own domain.

upstream diaspora_server {
 server unix:/home/diaspora/diaspora/tmp/diaspora.sock;
}

server {
  listen 80;
  listen [::]:80;
  server_name example.com;
  return 301 https://example.com$request_uri;

  access_log /dev/null;
  error_log /dev/null;
}

server {
  listen 443 ssl http2;
  listen [::]:443 ssl http2;
  server_name example.com;

  access_log /var/log/nginx/dspr-access.log;
  error_log /var/log/nginx/dspr-error.log;

  ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;

  ssl_protocols TLSv1.2;
  ssl_ciphers EECDH+CHACHA20:EECDH+AESGCM:EECDH+AES;
  ssl_ecdh_curve X25519:P-521:P-384:P-256;
  ssl_prefer_server_ciphers on;
  ssl_session_cache shared:SSL:10m;

  root /home/diaspora/diaspora/public;

  client_max_body_size 5M;
  client_body_buffer_size 256K;

  try_files $uri @diaspora;

  location /assets/ {
    expires max;
    add_header Cache-Control public;
  }

  location @diaspora {
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto https;
    proxy_set_header Host $http_host;
    proxy_redirect off;
    proxy_pass http://diaspora_server;
  }
}

Activate and run nginx

Next, activate the server configuration with the command below.

# ln -s /etc/nginx/sites-available/diaspora /etc/nginx/sites-enabled/

Before enabling nginx, let's check if configuration is correct.

# nginx -t

Please correct an error if any.

After checking the configuration, restart the server and set it to run on reboot automatically.

# systemctl restart nginx

# systemctl enable nginx

Install certbot plug-in for nginx

Next, install python-certbot-nginx. This is required for certbot to renew a SSL certificate for you.

# apt install certbot python-certbot-nginx

Let's test if certbot should work properly. With --dry-run you can simulate the renewal and test if there would be something wrong.

# certbot renew --dry-run

If you get the message Congratulations, all renewals succeeded. it should be fine. From now on, certbot will take care of certificate renewal for you.

Now, your diaspora* instance should be up and ready!

Please go to your domain for diaspora* on a web browser, and you should be able to visit your diaspora* instance.

10. Maintenance

Update diaspora*

Courtesy of: https://stanislas.blog/2018/02/setup-diaspora-pod-debian-ubuntu/

If you are doing a major version update, please follow the instruction on the official wiki page.

In order to update diaspora*, log in to diaspora user with this command.

# su - diaspora

Before updating, stop the diaspora* services with this command (with sudo).

$ sudo systemctl stop diaspora.target

To update diaspora* source code, go to the diaspora* directory and get the latest source code with this command.

$ cd diaspora && git pull

In order to update dependencies, run these commands.

$ gem install bundler

$ bin/bundle --full-index

To update the database, run this command.

$ RAILS_ENV=production bin/rake db:migrate

To compile assets again, run:

$ RAILS_ENV=production bin/rake assets:precompile

To reflect those changes, start diaspora* services.

$ sudo systemctl start diaspora.target

Backup

To backup the database, run this command to make a dump of it.

$ sudo -u postgres pg_dump diaspora_production > diaspora.sql

To backup the whole folder of the diaspora* installation, this command creates a zipped archive for you.

$ tar -czvf diaspora.tar.gz /home/diaspora/diaspora

Please do not forget to download them on a safe and isolated environment.

Too difficult?

If those steps are too complex and difficult for you, you can open your account on any public instances as advised on the official wiki page.

However, before doing so, you are expected to conduct due diligence. For there could be server administrators who were going to spy on you on their diaspora* instance.

https://mastodon.technology/@ctonysem/105621677595253667

Unless #E2EE is implemented you would still have to trust someone, and there could be malicious actors too.

If you are going to use public instances, please be careful. You should conduct due diligence by yourself; who manages the server, how they are financed etc...

#fediverse #diaspora #guide

Copyright © 2021 Suguru Hirahara. This work is available under GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation. See https://blog.progressiv.dev/yq31akw3jj for copying conditions.