Your Web News in One Place

An Interest In:

Web News this Week

Search Archive

Some of Our Sources

View All Sources

Help Webnuz

Referal links:

Sign up for GreenGeeks web hosting
January 15, 2023 05:23 am GMT

Lemmy 0.16.7 on OpenBSD 7.2

Summary

Lemmy is one of Fediverse implementations, which focuses on link aggregators. It also works as a platform for forums and microblogging.

On technical aspects, used are Rust Actix, an actor-model web framework good at concurrency, and InfernoJS, a blazingly fast client framework inspired by React. Therefore, it runs comfortably fast.

This post shows how to install Lemmy and configure it on OpenBSD, a solid operating system.
As to Rust's platform support, OpenBSD stands in Tier 3, the lowest in Target Tier Policy, and, however, it works !!

Environment

  • OS: OpenBSD 7.2
  • Database: PostgreSQL 14.5 (released on Aug 11, 2022)
  • Object Storage: MinIO - AWS S3-compatible (Optional)
  • Web Server: relayd
  • Apps
    • Lemmy: 0.16.7
    • based on Rust 1.63 + Actix 0.13 + Actix Web 4
    • Lemmy-UI: 0.16.7
    • based on InfernoJS 7.4
    • Image hosting: pict-rs 0.3.2

Tutorial

PostgreSQL

Install PostgreSQL server and configure it (if undone)

This post should help.

Create database

Start psql:

$ psql -U <your-postgres-user>

Run to create role:

create user lemmy with encrypted password '(...)';

The output was:

CREATE ROLE

Then run to create database belonging to the role:

create database lemmy with owner lemmy \    ENCODING 'UTF-8' template template0 LC_COLLATE 'C' LC_CTYPE 'C';

The output was:

CREATE DATABASE

MinIO (Optional)

This post may help.

Lemmy server

Suppose directories will be created as below:

/var+-- /lemmy    +-- /lemmy    +-- /lemmy-ui    +-- /pict-rs

Prepare Rust packages

$ doas pkg_add rust

The output was:

quirks-6.42 signed on 2023-01-13T18:22:41Zrust-1.63.0p0:libssh2-1.10.0p0: okrust-1.63.0p0: ok

Add a Lemmy user

Run:

$ doas useradd -d /var/lemmy -m _lemmy

Then act as the user:

$ doas su - _lemmy

The login shell is perhaps ksh.

You must be in the home directory:

$ pwd/var/lemmy

Build Lemmy server

First, get the source of lemmy server:

$ git clone https://github.com/LemmyNet/lemmy.git --recursive --branch 0.16.7 --single-branch

The output was:

Cloning into 'lemmy'...remote: Enumerating objects: 39173, done.remote: Counting objects: 100% (84/84), done.remote: Compressing objects: 100% (38/38), done.remote: Total 39173 (delta 57), reused 46 (delta 46), pack-reused 39089Receiving objects: 100% (39173/39173), 10.10 MiB | 14.84 MiB/s, done.Resolving deltas: 100% (27466/27466), done.Note: switching to '31530e1be409930c6be3e15106991ae35cd6a847'.You are in 'detached HEAD' state. You can look around, make experimentalchanges and commit them, and you can discard any commits you make in thisstate without impacting any branches by switching back to a branch.(...)Submodule 'crates/utils/translations' (https://github.com/LemmyNet/lemmy-translations.git) registered for path 'crates/utils/translations'Cloning into '/var/lemmy/lemmy/crates/utils/translations'...remote: Enumerating objects: 2208, done.        remote: Counting objects: 100% (546/546), done.        remote: Compressing objects: 100% (151/151), done.        Receiving objects: 100% (2208/2208), 678.71 KiB | 4.06 MiB/s, done.remote: Total 2208 (delta 439), reused 464 (delta 395), pack-reused 1662        Resolving deltas: 100% (1820/1820), done.Submodule path 'crates/utils/translations': checked out '454debaede4cc932ac15fea9bf620cf1daf1ae4c'

Go inside:

$ cd lemmy

You are now in /var/lemmy/lemmy and have lemmy server code written in Rust.

Wait, please. You cannot compile it on OpenBSD soon. There are two (or three) problems to be fixed beforehand.

Fix cargo build failed due to ssl

First, you have to modify Cargo.lock:

$ nvim Cargo.lock

to delete the lines about three packages. They were in 2481-2512 lines in my case:

  (...)- [[package]]      - name = "openssl"- (...)- [[package]]- name = "openssl-probe"- (...)- [[package]]- name = "openssl-sys"- (...)- dependencies = [- (...)- ]  (...)

Otherwise, the error below will occur in running cargo build:

error: failed to run custom build command for `openssl-sys v0.9.72`Caused by:  process didn't exit successfully: `/var/lemmy/lemmy/target/release/build/openssl-sys-e37967ef67b14e0e/build-script-main` (exit status: 101)  --- stdout  cargo:rustc-cfg=const_fn  cargo:rerun-if-env-changed=X86_64_UNKNOWN_OPENBSD_OPENSSL_LIB_DIR  X86_64_UNKNOWN_OPENBSD_OPENSSL_LIB_DIR unset  cargo:rerun-if-env-changed=OPENSSL_LIB_DIR  OPENSSL_LIB_DIR unset  cargo:rerun-if-env-changed=X86_64_UNKNOWN_OPENBSD_OPENSSL_INCLUDE_DIR  X86_64_UNKNOWN_OPENBSD_OPENSSL_INCLUDE_DIR unset  cargo:rerun-if-env-changed=OPENSSL_INCLUDE_DIR  OPENSSL_INCLUDE_DIR unset  cargo:rerun-if-env-changed=X86_64_UNKNOWN_OPENBSD_OPENSSL_DIR  X86_64_UNKNOWN_OPENBSD_OPENSSL_DIR unset  cargo:rerun-if-env-changed=OPENSSL_DIR  OPENSSL_DIR unset  cargo:rerun-if-env-changed=OPENSSL_NO_PKG_CONFIG  (...)  cargo:rerun-if-env-changed=PKG_CONFIG_ALL_DYNAMIC  cargo:rustc-link-lib=ssl  cargo:rerun-if-env-changed=PKG_CONFIG_x86_64-unknown-openbsd  cargo:rustc-link-lib=crypto  (...)  cargo:rerun-if-env-changed=PKG_CONFIG_SYSROOT_DIR  cargo:rerun-if-changed=build/expando.c  OPT_LEVEL = Some("3")  TARGET = Some("x86_64-unknown-openbsd")  HOST = Some("x86_64-unknown-openbsd")  CC_x86_64-unknown-openbsd = None  CC_x86_64_unknown_openbsd = None  HOST_CC = None  CC = None  CFLAGS_x86_64-unknown-openbsd = None  CFLAGS_x86_64_unknown_openbsd = None  HOST_CFLAGS = None  CFLAGS = None  CRATE_CC_NO_DEFAULTS = None  DEBUG = Some("false")  CARGO_CFG_TARGET_FEATURE = Some("fxsr,sse,sse2")  running: "cc" "-O3" "-ffunction-sections" "-fdata-sections" "-fPIC" "-m64" "-Wall" "-Wextra" "-E" "build/expando.c"  exit status: 0  cargo:rustc-cfg=osslconf="OPENSSL_NO_BUF_FREELISTS"  (...)  cargo:rustc-cfg=osslconf="OPENSSL_NO_SEED"  cargo:conf=OPENSSL_NO_BUF_FREELISTS,OPENSSL_NO_COMP,OPENSSL_NO_KRB5,OPENSSL_NO_PSK,OPENSSL_NO_SRP,OPENSSL_NO_SSL3_METHOD,OPENSSL_NO_SEED  cargo:rustc-cfg=libressl  cargo:rustc-cfg=libressl251  (...)  cargo:rustc-cfg=libressl332  cargo:libressl_version_number=3060000f  --- stderr  thread 'main' panicked at '  This crate is only compatible with OpenSSL (version 1.0.1 through 1.1.1, or 3.0.0), or LibreSSL 2.5  through 3.4.1, but a different version of OpenSSL was found. The build is now aborting  due to this version mismatch.  ', /home/nabbisen/.cargo/registry/src/github.com-1ecc6299db9ec823/openssl-sys-0.9.72/build/main.rs:295:5  note: run with `RUST_BACKTRACE=1` environment variable to display a backtracewarning: build failed, waiting for other jobs to finish...
Fix cargo build failed due to rust-fmt

Next, switch back to you own user and install the package:

$ exit$ doas pkg_add rust-rustfmt

The output was:

quirks-6.42 signed on 2023-01-13T18:22:41Zrust-rustfmt-1.63.0p0: ok

Then, switch to _lemmy again:

$ doas su - _lemmy$ cd lemmy

and edit Cargo.toml:

$ nvim Cargo.toml

to add the dependency to rustfmt:

  (...)  [dependencies]  (...)+  rustfmt = "*"

Besides, in my case, the actual version was "0.10.0".

Otherwise, rustfmt doesn't work in compiling translations in lemmy_utils. Therefore you will meet the error below in running cargo build:

error: failed to run custom build command for `lemmy_utils v0.16.7 (/var/lemmy/lemmy/crates/utils)`Caused by:  process didn't exit successfully: `/var/lemmy/lemmy/target/release/build/lemmy_utils-c59f10bc7bf13f2b/build-script-build` (exit status: 1)  --- stdout  cargo:rerun-if-changed=translations/email/en.json  cargo:rerun-if-changed=translations/email/ko.json  cargo:rerun-if-changed=translations/email/fi.json  cargo:rerun-if-changed=translations/email/pt.json  --- stderr  Error: Fmt(Os { code: 2, kind: NotFound, message: "No such file or directory" })warning: build failed, waiting for other jobs to finish...
Fix cargo build failed due to PostgreSQL libraries
$ exit$ doas pkg_add postgresql-client postgresql-contrib

The output was:

quirks-6.42 signed on 2023-01-13T18:22:41Zpostgresql-client-14.5: okpostgresql-contrib-14.5: ok

Besides, as to postgresql-client, possibly it has been already installed.

Then switch to _lemmy again:

$ doas su - _lemmy$ cd lemmy

Well, here are supplementary descriptions.

If postgresql-client is not installed, you will probably meet the error below.
The lack of libpg causes it:

$ cargo build --release(...)   Compiling lemmy_server v0.16.7 (/var/lemmy/lemmy)error: linking with `cc` failed: exit status: 1  |  = note: "cc" "-m64" "/tmp/rustcSracqC/symbols.o"   (...)   "-Wl,--gc-sections" "-pie" "-Wl,-zrelro,-znow" "-Wl,-O1" "-nodefaultlibs"  = note: ld: error: unable to find library -lpq          cc: error: linker command failed with exit code 1 (use -v to see invocation)error: could not compile `lemmy_server` due to previous error

If postgresql-contrib is not installed, it will print the error below:

$ cargo run --release(...)    Finished release [optimized] target(s) in 0.37s     Running `target/release/lemmy_server`Error: LemmyError { message: None, inner: Failed with: could not open extension control file "/usr/local/share/postgresql/extension/pgcrypto.control": No such file or directory, context: "SpanTrace" }
Compile the server

Now cargo build is ready. Let's run:

$ cargo build --release

It will work and end with success :)

(...)   Compiling pq-sys v0.4.6(...)   Compiling diesel v1.4.8   Compiling lemmy_server v0.16.7 (/var/lemmy/lemmy)    Finished release [optimized] target(s) in 14m 36s
In case of failure on missing PostgreSQL libraries (Optional)

I have met error which seemed to have something to do with missing PostgreSQL libraries.

In case that you doubt you meet the same error, using env to specify the location might solve it:

$ env PQ_LIB_DIR=/usr/local/lib \      cargo build --release

Configure (Optional)

$ cp -p config/config.hjson config/config.hjson.org

Edit as needed:

$ nvim config/config.hjson

For example, overwrite host (FQDN), database connection and pict-rs server:

-   host: lemmy-alpha+   host: <your-fqdn>  (...)+   bind: 127.0.0.1+   #port: 8536+   database: {+     # Username to connect to postgres+     user: "lemmy"+     # Password to connect to postgres+     password: "lemmy"+     # Host where postgres is running+     host: "127.0.0.1"+     # Port where postgres can be accessed+     port: 5432+     # Name of the postgres database for lemmy+     database: "lemmy"+     # Maximum number of active sql connections+     pool_size: 5+   }+   pictrs_url: "http://127.0.0.1:8080"  }
Too few pool_size may cause server failure due to SpanTrace

Be careful you may have to set "3" or greater at at pool_size in above.

When I set "2", the server couldn't return response to client (of curl) and I got the error below:

$ cargo run --release    Finished release [optimized] target(s) in 0.34s     Running `target/release/lemmy_server`(...)2023-01-14T07:23:24.946120Z  INFO blocking operation: lemmy_server::code_migrations: Running user_updates_2020_04_02(...)2023-01-14T07:23:24.953272Z  INFO lemmy_server::scheduled_tasks: Updating active site and community aggregates ...Starting http server at 0.0.0.0:85362023-01-14T07:23:24.977263Z  INFO lemmy_server::scheduled_tasks: Done.2023-01-14T07:23:24.977313Z  INFO lemmy_server::scheduled_tasks: Updating banned column if it expires ...2023-01-14T07:23:24.977616Z  INFO lemmy_server::scheduled_tasks: Reindexing table concurrently post_aggregates ...(...)2023-01-14T07:23:54.980299Z  WARN background_jobs_actix::server: Not restarting ticker, arbiter is dead2023-01-14T07:23:54.980444Z  INFO Worker{worker.id=ef80d3fd-8ffb-4a12-8917-f82d1a26dc90 worker.queue=default worker.operation.id=417634dd-b934-4c31-bde3-ed38c515a22a worker.operation.name=closing}: background_jobs_actix::worker: Worker closing(...)2023-01-14T07:23:55.003481Z  INFO Worker{worker.id=145bad22-bc83-4ba8-9155-0a77b86cf4b5 worker.queue=default worker.operation.id=432facee-ed0c-471c-bb7f-d19389fa53a8 worker.operation.name=closing}: background_jobs_actix::worker: Worker closing2023-01-14T07:23:55.003562Z  WARN background_jobs_actix::worker: Not restarting worker, Arbiter is dead2023-01-14T07:23:55.003643Z  INFO Worker{worker.id=4626ccc8-48a9-41ac-b128-9c23b62b33cb worker.queue=default worker.operation.id=32df578b-c3ea-4fad-bdeb-02ffeb295f5b worker.operation.name=closing}: background_jobs_actix::worker: Worker closing2023-01-14T07:23:55.003717Z  WARN background_jobs_actix::worker: Not restarting worker, Arbiter is deadError: LemmyError { message: None, inner: timed out waiting for connection, context: "SpanTrace" }

Run Lemmy server

Now you are ready to start the server. Let's run:

$ cargo run --release

In my case, it started with

2023-01-14T07:24:11.308525Z  INFO blocking operation: lemmy_server::code_migrations: Running user_updates_2020_04_02(...)

It was followed by "Starting http server at 0.0.0.0:8536":

(...)2023-01-14T07:24:11.315945Z  INFO lemmy_server::scheduled_tasks: Updating active site and community aggregates ...Starting http server at 0.0.0.0:85362023-01-14T07:24:11.339697Z  INFO actix_server::builder: Starting 1 workers2023-01-14T07:24:11.340446Z  INFO actix_server::server: Actix runtime found; starting in Actix runtimefederation enabled, host is lemmy-alpha2023-01-14T07:24:11.342172Z  INFO lemmy_server::scheduled_tasks: Done.(...)

Yay. Building Lemmy server is completed !!

Go on to the next step:

Lemmy-UI server

Prepare Node.js

Switch back to your own user:

$ exit

Then run:

$ doas pkg_add yarn

The output was:

quirks-6.42 signed on 2023-01-13T18:22:41Zyarn-1.22.18:brotli-1.0.9p0: okyarn-1.22.18:gmake-4.3: okyarn-1.22.18:flock-20110525p1: okyarn-1.22.18:icu4c-71.1v0: okyarn-1.22.18:openssl-1.1.1q: okyarn-1.22.18:libcares-1.18.1: okyarn-1.22.18:node-16.17.1v0: okyarn-1.22.18: ok--- +node-16.17.1v0 -------------------You may wish to add /usr/local/lib/node_modules/npm/man to /etc/man.conf--- +openssl-1.1.1q -------------------You may wish to add /usr/local/lib/eopenssl11/man to /etc/man.conf

Build Lemmy-UI server

Switch to _lemmy:

$ doas su - _lemmy

Then get the source:

$ git clone https://github.com/LemmyNet/lemmy-ui.git --recursive --branch 0.16.7 --single-branch

The output was:

Cloning into 'lemmy-ui'...remote: Enumerating objects: 4489, done.remote: Total 4489 (delta 0), reused 0 (delta 0), pack-reused 4489Receiving objects: 100% (4489/4489), 2.39 MiB | 5.86 MiB/s, done.Resolving deltas: 100% (3371/3371), done.Note: switching to '44f22ad3b7f7afb17cd0ac6ee293b11bbbdf6087'.You are in 'detached HEAD' state. You can look around, make experimentalchanges and commit them, and you can discard any commits you make in thisstate without impacting any branches by switching back to a branch.(...)Submodule 'lemmy-translations' (https://github.com/lemmynet/lemmy-translations) registered for path 'lemmy-translations'Cloning into '/var/lemmy/lemmy-ui/lemmy-translations'...remote: Enumerating objects: 2208, done.        remote: Counting objects: 100% (546/546), done.        remote: Compressing objects: 100% (151/151), done.        Receiving objects: 100% (2208/2208), 678.71 KiB | 2.71 MiB/s, done.remote: Total 2208 (delta 439), reused 464 (delta 395), pack-reused 1662        Resolving deltas: 100% (1820/1820), done.Submodule path 'lemmy-translations': checked out 'a099f9f02d9c8a7e24349154880b5515e3c45362'

Go inside:

$ cd lemmy-ui

Run to get the dependencies:

$ yarn install --pure-lockfile

The output was:

yarn install v1.22.18[1/5] Validating package.json...[2/5] Resolving packages...[3/5] Fetching packages...[4/5] Linking dependencies...(...)[5/5] Building fresh packages...warning Your current version of Yarn is out of date. The latest version is "1.22.19", while you're on "1.22.18".$ husky installhusky - Git hooks installedDone in 59.79s.

Then run to build:

$ yarn build:prod

The output was:

yarn run v1.22.18$ yarn clean && node generate_translations.js$ yarn run rimraf dist$ /var/lemmy/lemmy-ui/node_modules/.bin/rimraf dist$ webpack --mode=productionBrowserslist: caniuse-lite is outdated. Please run:  npx browserslist@latest --update-db  Why you should do it regularly: https://github.com/browserslist/browserslist#browsers-data-updating(...)Entrypoint main [big] 927 KiB = styles/styles.css 16.7 KiB js/server.js 910 KiB(...)Entrypoint main [big] 1.78 MiB = styles/styles.css 16.7 KiB js/client.js 1.77 MiB(...)webpack 5.72.0 compiled successfully in 35738 msDone in 37.47s.

To follow the guide printed above, run in addition:

$ npx browserslist@latest --update-db

You will be asked:

Need to install the following packages:  [email protected] to proceed? (y) y

The output was:

Browserslist: caniuse-lite is outdated. Please run:  npx browserslist@latest --update-db  Why you should do it regularly: https://github.com/browserslist/browserslist#browsers-data-updatingLatest version:     1.0.30001444Installed version:  1.0.30001298Removing old caniuse-lite from lock fileInstalling new caniuse-lite version$ yarn add -W caniuse-lite(...)caniuse-lite has been successfully updatedTarget browser changes:- and_chr 96+ and_chr 108(...)- ios_saf 12.2-12.5+ ios_saf 16.2(...)- safari 13.1+ safari 16.2(...)npm notice New major version of npm available! 8.15.0 -> 9.3.0npm notice Changelog: https://github.com/npm/cli/releases/tag/v9.3.0npm notice Run npm install -g [email protected] to update!npm notice

Now you are ready to start Lemmy UI server:

$ yarn start

The output was:

arn run v1.22.18$ yarn build:dev --watch$ yarn clean && node generate_translations.js$ yarn run rimraf dist$ /var/lemmy/lemmy-ui/node_modules/.bin/rimraf dist$ webpack --mode=development --watch[RunNodeWebpackPlugin] Starting node script: js/server.jsInferno is in development mode.httpbase: http://0.0.0.0:8536wsUri: ws://0.0.0.0:8536/api/v3/wsisHttps: falseNo JWT cookie found.http://0.0.0.0:1234assets by status 4.37 MiB [cached] 36 assetsEntrypoint main [big] 1.68 MiB = styles/styles.css 19.4 KiB js/server.js 1.66 MiBcached modules 1.19 MiB (javascript) 17.6 KiB (css/mini-extract) 937 bytes (runtime) [cached] 149 moduleswebpack 5.72.0 compiled successfully in 405 ms(...)Entrypoint main [big] 4.06 MiB = styles/styles.css 19.4 KiB js/client.js 4.04 MiBcached modules 3.35 MiB (javascript) 17.6 KiB (css/mini-extract) 1.25 KiB (runtime) [cached] 735 moduleswebpack 5.72.0 compiled successfully in 398 ms

Optionally, you may pass environment variables to customize the server:

$ env LEMMY_UI_HOST=0.0.0.0:1234 \        LEMMY_INTERNAL_HOST=127.0.0.1:8536 \        LEMMY_EXTERNAL_HOST=localhost:8536 \        LEMMY_WS_HOST=localhost:443 \        LEMMY_UI_DEBUG=false \      node dist/js/server.js

pict-rs server

Lemmy uses pict-rs to store image. It is a simple image hosting service which is open source and written in Rust, too.

Prepare for the dependencies

Switch back to your own user.
You have to install protobuf, "Protocol Buffers - Google's data interchange format":

$ exit$ doas pkg_add protobuf

The output was:

quirks-6.42 signed on 2023-01-13T18:22:41Zprotobuf-3.21.6: ok

Build pict-rs server

Switch to the _lemmy:

$ doas su - _lemmy

Get the source of the stable:

$ git clone https://git.asonix.dog/asonix/pict-rs.git --branch v0.3.2 --single-branch

The output was:

Cloning into 'pict-rs'...remote: Enumerating objects: 2707, done.remote: Counting objects: 100% (2707/2707), done.remote: Compressing objects: 100% (1932/1932), done.remote: Total 2707 (delta 1806), reused 1077 (delta 687), pack-reused 0Receiving objects: 100% (2707/2707), 2.21 MiB | 114.00 KiB/s, done.Resolving deltas: 100% (1806/1806), done.Note: switching to '4dff8de9851041911b8243a35bf9f6df4d612268'.You are in 'detached HEAD' state. You can look around, make experimentalchanges and commit them, and you can discard any commits you make in thisstate without impacting any branches by switching back to a branch.(...)

Go inside:

$ cd pict-rs

Then run to build:

$ cargo build --release

The output was:

    Updating git repository `https://github.com/asonix/rust-s3`   (...)   Compiling rustls v0.20.6   (...)   Compiling actix-web v4.1.0   (...)   Compiling pict-rs v0.3.2 (/var/lemmy/pict-rs)    Finished release [optimized] target(s) in 20m 35s

Now you can run pict-rs server with -p option to specify data directory:

$ cargo run --release -- -p data

The output was:

    Finished release [optimized] target(s) in 0.24s     Running `target/release/pict-rs -p data`2023-01-14T12:51:58.377271Z  INFO restructure{store=FileStore { path_gen: "generator", root_dir: "data" }}: pict_rs::store::file_store::restructure: new2023-01-14T12:51:58.377478Z  INFO restructure{store=FileStore { path_gen: "generator", root_dir: "data" }}: pict_rs::store::file_store::restructure: close time.busy=11.3s time.idle=197s2023-01-14T12:51:58.377627Z  INFO actix_server::builder: Starting 1 workers2023-01-14T12:51:58.377736Z  INFO actix_server::server: Actix runtime found; starting in Actix runtime

Additionally, you can specify address to listen:

$ cargo run --release -- -a 127.0.0.1:8080 -p data

Additionally, you can modify its configuration:

$ nvim pict-rs.toml

For example:

- api_key = 'API_KEY'- image_format = 'jpeg'- opentelemetry_url = 'http://localhost:4317/'+ opentelemetry_url = 'http://127.0.0.1:4317/'
Integrate pict-rs with MinIO (Optional)

pict-rs stores image files in their local directory by default.

Well, there is a way to introduce MinIO bucket usage by editting pict-rc.toml as below:

- type = "file_store"+ type = "s3_store"+ + region = "https://(minio-fqdn)"+ bucket_name = "(...)"+ access_key = "(...)"+ secret_key = "(...)"

and, of course, creating MinIO bucket and service account, with bucket policy like:

{ "Version": "2012-10-17", "Statement": [  {   "Effect": "Allow",   "Action": [    "admin:*"   ]  },  {   "Effect": "Allow",   "Action": [    "s3:*"   ],   "Resource": [    "arn:aws:s3:::{bucket-name}",    "arn:aws:s3:::{bucket-name}/*"   ]  } ]}

Build network

The servers are ready !! Switch back to your own user (by executing exit).

Here is the final network archtecture in this post.
All of Lemmy familly listen to lo, the internal network, only.
[relayd] handles request/response between the external and the internal, including WebSocket Lemmy-UI uses.

[external] <--> [internal]                 relayd  <--> lemmy                         <--> lemmy-ui                              (websocket included)                         <--> pict-rs

Be slightly careful about permissions of rc.d scripts.

Lemmy (server)

Create:

$ doas nvim /etc/rc.d/lemmy

to write in it:

#!/bin/kshdaemon="target/release/lemmy_server"daemon_user="_lemmy"daemon_execdir="/var/lemmy/lemmy". /etc/rc.d/rc.subrrc_cmd $1

Lemmy-UI

Create:

$ doas nvim /etc/rc.d/lemmy_ui

to write in it:

#!/bin/kshdaemon="env LEMMY_UI_HOST=127.0.0.1:1234 LEMMY_INTERNAL_HOST=127.0.0.1:8536 LEMMY_EXTERNAL_HOST=<your-fqdb>:8536 LEMMY_WS_HOST=<your-fqdn>:443 node"daemon_user="_lemmy"daemon_flags="dist/js/server.js"daemon_execdir="/var/lemmy/lemmy-ui". /etc/rc.d/rc.subrrc_cmd $1

pict-rs

Create:

$ doas nvim /etc/rc.d/lemmy_pict_rs

to write in it:

#!/bin/kshdaemon="target/release/pict-rs"daemon_user="_lemmy"daemon_flags="-c pict-rs.toml"daemon_execdir="/var/lemmy/pict-rs". /etc/rc.d/rc.subrrc_cmd $1

relayd.conf

Configuration about httpd is optional.
When you have other services in the same machine, you may have to do manage them.

# $OpenBSD: relayd.conf,v 1.5 2018/05/06 20:56:55 benno Exp $# prefork 5#table <httpd> { "127.0.0.1" }lemmy_server_port = "8536"table <lemmy_ui> { "127.0.0.1" }lemmy_ui_port = "1234"table <lemmy_server> { "127.0.0.1" }lemmy_server_port = "8536"your_fqdn = "<your-fqdn>"cert_keypair = "<cert-keypair-name>"http protocol "https-filter" {    return error    #match request forward to <httpd>    match request header "Host" value $your_fqdn forward to <lemmy_ui>    match request url "<your-fqdn>/api/" forward to <lemmy_server>    match request url "<your-fqdn>/pictrs/" forward to <lemmy_server>    http websockets    tls keypair $cert_keypair}relay "https-proxy" {    listen on egress port https tls    protocol "https-filter"    #forward to <httpd> port http check tcp    forward to <lemmy_ui> port $lemmy_ui_port check tcp    forward to <lemmy_server> port $lemmy_server_port check tcp}http protocol "lemmy-server" {    http websockets    tls keypair $cert_keypair}relay "lemmy-server" {    listen on $your_fqdn port $lemmy_server_port tls    protocol "lemmy-server"    forward to <lemmy_server> port $lemmy_server_port check tcp}

Conclusion

Let's start the servers. Here are command lines to run them temporarily:

$ doas rcctl -f start {lemmy, lemmy_ui, lemmy_pict_rs, relayd}

* Besides, if you want to activate them, run rcctl enable beforehand, and -f option will be unnecessary.

Open your browser and access to <your-fqdn>. You will be welcomed.

lemmy-setup

After signing up, you will be guided to create an instance:

lemmy-instance-create-1
lemmy-instance-create-2

Then, voil :)

lemmy-on-openbsd

Happy swimming across the fediverse.


Original Link: https://dev.to/nabbisen/lemmy-0167-on-openbsd-72-3jkc

Share this article:    Share on Facebook
View Full Article

Dev To

An online community for sharing and discovering great ideas, having debates, and making friends

More About this Source Visit Dev To