How to build Misskey on CentOS

新しい手順を公開しました。

Misskey v12.75.1 を CentOS Stream 8 上に建てた時の記録

手順

作業用ユーザーの追加

useradd hoge
passwd hoge

visudo で適当に権限を与える。
以下 hoge ユーザーで作業します。

セットアップのために SELinux を無効化する

sudo setenforce 0
sudo vi /etc/selinux/config
    SELINUX=disabled

dnf のモジュール確認

sudo dnf update
dnf module list

私の環境のモジュールリスト

Name                 Stream          Profiles 
389-ds               1.4                      
ant                  1.10 [d]        common [d]
container-tools      rhel8 [d]       common [d]
container-tools      1.0             common [d]
container-tools      2.0             common [d]
container-tools      3.0             common
freeradius           3.0 [d]         server [d]
gimp                 2.8 [d]         common [d], devel
go-toolset           rhel8 [d]       common [d]
httpd                2.4 [d]         common [d], devel, minimal      
idm                  DL1             adtrust, client, common [d], dns, server
idm                  client [d]      common [d]
inkscape             0.92.3 [d]      common [d]
javapackages-runtime 201801 [d]      common [d]
jmc                  rhel8 [d]       common [d], core
libselinux-python    2.8             common
llvm-toolset         rhel8 [d]       common [d]
mailman              2.1 [d]         common [d]
mariadb              10.3 [d]        client, galera, server [d]
mariadb              10.5            client, galera, server [d]
maven                3.5 [d]         common [d]
maven                3.6             common [d]
mercurial            4.8 [d]         common [d]
mod_auth_openidc     2.3
mysql                8.0 [d]         client, server [d]
nginx                1.14 [d]        common [d]
nginx                1.16            common [d]
nginx                1.18            common [d]
nodejs               10 [d]          common [d], development, minimal, s2i
nodejs               12              common [d], development, minimal, s2i
nodejs               14              common [d], development, minimal, s2i
parfait              0.5             common
perl                 5.24            common [d], minimal
perl                 5.26 [d]        common [d], minimal
perl                 5.30            common [d], minimal
perl-App-cpanminus   1.7044 [d]      common [d]
perl-DBD-MySQL       4.046 [d]       common [d]
perl-DBD-Pg          3.7 [d]         common [d]
perl-DBD-SQLite      1.58 [d]        common [d]
perl-DBI             1.641 [d]       common [d]
perl-FCGI            0.78 [d]        common [d]
perl-IO-Socket-SSL   2.066 [d]       common [d]
perl-YAML            1.24 [d]        common [d]
perl-libwww-perl     6.34 [d]        common [d]
php                  7.2 [d]         common [d], devel, minimal
php                  7.3             common [d], devel, minimal
php                  7.4             common [d], devel, minimal
pki-core             10.6
pki-deps             10.6
pmdk                 1-fileformat-v6
postgresql           9.6             client, server [d]
postgresql           10 [d]          client, server [d]
postgresql           12              client, server [d]
postgresql           13              client, server [d]
python27             2.7 [d]         common [d]
python36             3.6 [d][e]      build, common [d]
python38             3.8 [d]         build, common [d]
python39             3.9 [d]         build, common [d]
redis                5 [d]           common [d]
redis                6               common [d]
rhn-tools            1.0 [d]         common [d]
ruby                 2.5 [d]         common [d]
ruby                 2.6             common [d]
ruby                 2.7             common [d]
rust-toolset         rhel8 [d]       common [d]
satellite-5-client   1.0 [d]         common [d], gui 
scala                2.10 [d]        common [d]
squid                4 [d]           common [d]
subversion           1.10 [d]        common [d], server
subversion           1.14            common [d], server
swig                 3.0 [d]         common [d], complete
swig                 4.0             common [d], complete
varnish              6 [d]           common [d]
virt                 rhel [d][e]     common [d]

Hint: [d]efault, [e]nabled, [x]disabled, [i]nstalled

dnf の自動アップデート設定

sudo dnf install dnf-automatic dnf-utils
sudo vi /etc/dnf/automatic.conf
    apply_updates = yes
sudo systemctl enable dnf-automatic.timer
sudo systemctl start dnf-automatic.timer

swap の追加

free -m
sudo dd if=/dev/zero of=/swapfile bs=1M count=**
sudo chmod 600 /swapfile
sudo mkswap /swapfile
sudo swapon /swapfile
sudo vi /etc/fstab
    /swapfile                                 swap                    swap    defaults        0 0

Node 及び npm のインストール

sudo dnf module enable nodejs:14
sudo dnf install nodejs npm

PostgreSQL のインストール

sudo dnf module enable postgresql:13
sudo dnf install postgresql
sudo dnf install postgresql-server

PostgreSQL の設定

sudo postgresql-setup initdb
sudo systemctl start postgresql
sudo systemctl enable postgresql
sudo -u postgres psql
  postgres=# CREATE ROLE foo LOGIN CREATEDB PASSWORD '**';
  postgres=# CREATE DATABASE bar OWNER foo;
  postgres=# \q

Redis のインストール

sudo dnf module enable redis:6
sudo dnf install redis
sudo systemctl start redis
sudo systemctl enable redis

Nginx のインストール

sudo dnf module enable nginx:1.18
sudo dnf install nginx
sudo systemctl start nginx
sudo systemctl enable nginx

Yarn のインストール

curl --silent --location https://dl.yarnpkg.com/rpm/yarn.repo | sudo tee /etc/yum.repos.d/yarn.repo
sudo dnf install yarn

Git のインストール

sudo dnf install git

Development Tools のインストール

sudo dnf groupinstall "Development Tools"

Misskey をクローン

git clone -b fugafuga https://github.com/hogehoge/misskey.git
cd misskey
git checkout fugafuga

default.yml の設定

vi .config/default.yml
    url: https://example.com/
    port: 3000    # A port that your Misskey server should listen.
    db:
      host: localhost
      port: 5432
      db  : bar
      user: foo
      pass: **

letsencrypt の設定

sudo dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
sudo dnf --enablerepo=epel install snapd
sudo systemctl start snapd.service
sudo systemctl enable --now snapd.socket
sudo snap install core; sudo snap refresh core
ln -s /var/lib/snapd/snap /snap
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
sudo certbot --nginx
sudo certbot renew --dry-run
sudo crontab -e
    0 0,12 * * * root python3 -c 'import random; import time; time.sleep(random.random() * 3600)' && /usr/local/bin/certbot-auto renew -q

Nginx の設定

sudo cp /home/misskey/misskey/docs/examples/misskey.nginx /etc/nginx/conf.d/misskey.conf
sudo vi /etc/nginx/conf.d/misskey.conf
    server_name example.com;
    server_name example.com;
    ssl_certificate     /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
sudo nginx -t
sudo systemctl restart nginx

Misskey のビルド

sudo yarn install
sudo NODE_ENV=production yarn build
sudo yarn run init

Misskey の起動確認

sudo NODE_ENV=production yarn start

Misskey の起動

sudo vi /etc/systemd/system/misskey.service
sudo systemctl daemon-reload
sudo systemctl enable misskey
sudo systemctl start misskey

ServiceWorker の設定

sudo npm install web-push -g
sudo web-push generate-vapid-keys

SELinux の有効化及び設定

sudo dnf install setroubleshoot-server
sudo vi /etc/selinux/config
    SELINUX=permissive
sudo touch /.autorelabel
sudo reboot

再起動時に再ラベル付けが行われ,これには時間がかかる.

sudo sealert -l "*"

sealert により出力された情報に従う.

sudo setenforce 1
sudo vi /etc/selinux/config
    SELINUX=enforcing
sudo reboot

ナビゲーション

作業用ユーザー追加
SELinux 無効化
dnf モジュール確認
dnf 自動アップデート
swap 追加
Node npm インストール
PostgreSQL インストール
PostgreSQL 設定
Redis インストール
Nginx インストール
Yarn インストール
Git インストール
Development Tools インストール
Misskey クローン
default.yml 設定
letsencrypt 設定
Nginx 設定
Misskey ビルド
Misskey 起動確認
Misskey 起動
ServiceWorker 設定
SELinux 有効化