How to build Misskey on CentOS

Misskey v12.38.0 を CentOS 8 上に建てた時の記録

手順

作業用ユーザーの追加


useradd hoge
passwd hoge

visudo で適当に権限を与える。
以下 hoge ユーザーで作業します。

セットアップのために SELinux を無効化する


sudo setenforce 0
sudo vi /etc/selinux/config
    SELINUX=disabled

dnf のモジュール確認


sudo dnf update
dnf module list

私の環境のモジュールリスト


Name                          Stream               Profiles                                         Summary
389-ds                        1.4                                                                   389 Directory Server (base)
ant                           1.10 [d]             common [d]                                       Java build tool
container-tools               rhel8 [d][e]         common [d]                                       Common tools and dependencies for container runtimes
container-tools               1.0                  common [d]                                       Common tools and dependencies for container runtimes
freeradius                    3.0 [d]              server [d]                                       High-performance and highly configurable free RADIUS server
gimp                          2.8 [d]              common [d], devel                                gimp module
go-toolset                    rhel8 [d]            common [d]                                       Go
httpd                         2.4 [d]              common [d], devel, minimal                       Apache HTTP Server
idm                           DL1                  common [d], adtrust, client, dns, server         The Red Hat Enterprise Linux Identity Management system module
idm                           client [d]           common [d]                                       RHEL IdM long term support client module
inkscape                      0.92.3 [d]           common [d]                                       Vector-based drawing program using SVG
javapackages-runtime          201801 [d]           common [d]                                       Basic runtime utilities to support Java applications
jmc                           rhel8                common, core                                     Java Mission Control is a profiling and diagnostics tool for the Hotspot JVM
libselinux-python             2.8                  common                                           Python 2 bindings for libselinux
llvm-toolset                  rhel8 [d]            common [d]                                       LLVM
mailman                       2.1 [d]              common [d]                                       Electronic mail discussion and e-newsletter lists managing software
[commands]
mariadb                       10.3 [d]             client, server [d], galera                       MariaDB Module
maven                         3.5 [d]              common [d]                                       Java project management and project comprehension tool
mercurial                     4.8 [d]              common [d]                                       Mercurial -- a distributed SCM
mod_auth_openidc              2.3                                                                   Apache module suporting OpenID Connect authentication
mysql                         8.0 [d]              client, server [d]                               MySQL Module
nginx                         1.14 [d]             common [d]                                       nginx webserver
nginx                         1.16                 common                                           nginx webserver
nodejs                        10 [d]               common [d], development, minimal, s2i            Javascript runtime
nodejs                        12                   common, development, minimal, s2i                Javascript runtime
parfait                       0.5                  common                                           Parfait Module
perl                          5.24                 common [d], minimal                              Practical Extraction and Report Language
perl                          5.26 [d]             common [d], minimal                              Practical Extraction and Report Language
perl-App-cpanminus            1.7044 [d]           common [d]                                       Get, unpack, build and install CPAN modules
perl-DBD-MySQL                4.046 [d]            common [d]                                       A MySQL interface for Perl
perl-DBD-Pg                   3.7 [d]              common [d]                                       A PostgreSQL interface for Perl
perl-DBD-SQLite               1.58 [d]             common [d]                                       SQLite DBI driver
perl-DBI                      1.641 [d]            common [d]                                       A database access API for Perl
perl-FCGI                     0.78 [d]             common [d]                                       FastCGI Perl bindings
perl-YAML                     1.24 [d]             common [d]                                       Perl parser for YAML
php                           7.2 [d]              common [d], devel, minimal                       PHP scripting language
php                           7.3                  common, devel, minimal                           PHP scripting language
pki-core                      10.6                                                                  PKI Core module for PKI 10.6 or later
pki-deps                      10.6                                                                  PKI Dependencies module for PKI 10.6 or later
postgresql                    9.6                  client, server [d]                               PostgreSQL server and client module
postgresql                    10 [d]               client, server [d]                               PostgreSQL server and client module
postgresql                    12                   client, server                                   PostgreSQL server and client module
python27                      2.7 [d]              common [d]                                       Python programming language, version 2.7
python36                      3.6 [d][e]           common [d], build                                Python programming language, version 3.6
redis                         5 [d]                common [d]                                       Redis persistent key-value database
rhn-tools                     1.0 [d]              common [d]                                       Red Hat Satellite 5 tools for RHEL
ruby                          2.5 [d]              common [d]                                       An interpreter of object-oriented scripting language
ruby                          2.6                  common                                           An interpreter of object-oriented scripting language
rust-toolset                  rhel8 [d]            common [d]                                       Rust
satellite-5-client            1.0 [d][e]           common [d], gui                                  Red Hat Satellite 5 client packages
scala                         2.10 [d]             common [d]                                       A hybrid functional/object-oriented language for the JVM
squid                         4 [d]                common [d]                                       Squid - Optimising Web Delivery
subversion                    1.10 [d]             common [d], server                               Apache Subversion
swig                          3.0 [d]              common [d], complete                             Connects C/C++/Objective C to some high-level programming languages
varnish                       6 [d]                common [d]                                       Varnish HTTP cache
virt                          rhel [d][e]          common [d]                                       Virtualization module

Hint: [d]efault, [e]nabled, [x]disabled, [i]nstalled

dnf の自動アップデート設定


sudo dnf install dnf-automatic dnf-utils
sudo vi /etc/dnf/automatic.conf
    apply_updates = yes
sudo systemctl enable dnf-automatic.timer
sudo systemctl start dnf-automatic.timer

swap の追加


free -m
sudo dd if=/dev/zero of=/swapfile bs=1M count=**
sudo chmod 600 /swapfile
sudo mkswap /swapfile
sudo swapon /swapfile
sudo vi /etc/fstab
    /swapfile                                 swap                    swap    defaults        0 0

Node 及び npm のインストール


sudo dnf module enable nodejs:12
sudo dnf install nodejs npm

PostgreSQL のインストール


sudo dnf module enable postgresql:12
sudo dnf install postgresql
sudo dnf install postgresql-server

PostgreSQL の設定


sudo postgresql-setup initdb
sudo systemctl start postgresql
sudo systemctl enable postgresql
sudo -u postgres psql
  postgres=# CREATE ROLE foo LOGIN CREATEDB PASSWORD '**';
  postgres=# CREATE DATABASE bar OWNER foo;
  postgres=# \q

Redis のインストール


sudo dnf install redis
sudo systemctl start redis
sudo systemctl enable redis

Nginx のインストール


sudo dnf module enable nginx:1.16
sudo dnf install nginx
sudo systemctl start nginx
sudo systemctl enable nginx

Yarn のインストール


curl --silent --location https://dl.yarnpkg.com/rpm/yarn.repo | sudo tee /etc/yum.repos.d/yarn.repo
sudo dnf install yarn

Git のインストール


sudo dnf install git

Development Tools のインストール


sudo dnf groupinstall "Development Tools"

Misskey をクローン


git clone -b fugafuga https://github.com/hogehoge/misskey.git
cd misskey
git checkout fugafuga

default.yml の設定


vi .config/default.yml
    url: https://example.com/
    port: 3000    # A port that your Misskey server should listen.
    db:
      host: localhost
      port: 5432
      db  : bar
      user: foo
      pass: **

letsencrypt の設定


wget https://dl.eff.org/certbot-auto
sudo mv certbot-auto /usr/local/bin/certbot-auto
sudo chown root /usr/local/bin/certbot-auto
sudo chmod 0755 /usr/local/bin/certbot-auto
sudo /usr/local/bin/certbot-auto --nginx
sudo crontab -e
    0 0,12 * * * root python3 -c 'import random; import time; time.sleep(random.random() * 3600)' && /usr/local/bin/certbot-auto renew -q

Nginx の設定


sudo cp /home/misskey/misskey/docs/examples/misskey.nginx /etc/nginx/conf.d/misskey.conf
sudo vi /etc/nginx/conf.d/misskey.conf
    server_name example.com;
    server_name example.com;
    ssl_certificate     /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
sudo nginx -t
sudo systemctl restart nginx

Misskey のビルド


sudo yarn install
sudo NODE_ENV=production yarn build
sudo yarn run init

Misskey の起動確認


sudo NODE_ENV=production yarn start

Misskey の起動


sudo vi /etc/systemd/system/misskey.service
sudo systemctl daemon-reload
sudo systemctl enable misskey
sudo systemctl start misskey

ServiceWorker の設定


sudo npm install web-push -g
sudo web-push generate-vapid-keys

SELinux の有効化及び設定


sudo vi /etc/selinux/config
    SELINUX=permissive
sudo touch /.autorelabel
sudo reboot

再起動時に再ラベル付けが行われ,これには時間がかかる.


sudo sealert -l "*"

sealert により出力された情報に従う.


sudo setenforce 1
sudo vi /etc/selinux/config
    SELINUX=enforcing
sudo reboot

ナビゲーション

作業用ユーザー追加
SELinux 無効化
dnf モジュール確認
dnf 自動アップデート
swap 追加
Node npm インストール
PostgreSQL インストール
PostgreSQL 設定
Redis インストール
Nginx インストール
Yarn インストール
Git インストール
Development Tools インストール
Misskey クローン
default.yml 設定
letsencrypt 設定
Nginx 設定
Misskey ビルド
Misskey 起動確認
Misskey 起動
ServiceWorker 設定
SELinux 有効化