GNU social is a federated social network.
Installation with docker
Installation without docker
Installation can be done in multiple ways, but the simplest is using
docker
and docker-compose
. The compose file currently includes all
the necessary services for running the app. Running the database and
webserver outside of docker
containers is currently not supported,
unless the app is installed without docker
.
In order to host your GNU social instance, you'll need a domain, a
server with a constant IP and both docker
and docker-compose
installed on your system.
Alternatively, for local hosting or development, behind a NAT, use a
dynamic DNS solutions. I recommend you go to
https://gnudip.datasystems24.net or another GnuDIP host and register.
Then clone https://notabug.org/someonewithpc/gnudip.git, inspect and
run the ./install.sh
script. This allows you to have a domain that
dynamically points to your IP address.
Next, if you want to setup SSL (which you should in most cases, exceptions being wanting to use the Tor network), you'll need a certificate. There are multiple approaches to achieve this, among which are using a proxy server capable of either proxying an HTTP connection to HTTPS or an HTTPS connection to HTTPS, or creating a certificate signed by Let's Encrypt. For the former, follow the instructions of your proxy provider.
If you're not using a proxy, you can use the
bin/bootstrap_certificates
script to generate and install
certificates signed by Let's Encrypt. To do this, you should add the
server's IP, if it's static, as an A
DNS record with your DNS
provider (normally, your domain registrar); the A
record doesn't
need to be at the root of your domain, meaning it's name can be a
subdomain. For dynamic IPs, create a CNAME
record pointing to the
hostname you created with the GnuDIP host, above. A CNAME
cannot be
created for a domain root, so you must use a subdomain. Then, run the
aforementioned script and fill in the details.
Edit the docker-compose.yaml
file and comment the certbot
service
to disable it. In the future, this will be handled by the
bin/configure
script.
Run the bin/configure
script and enter the information as asked.
This will generate all the required .env
files used by
docker-compose
to configure the application.
Simply run docker-compose up
from the root of the project (the
folder where the .git
folder is). In this form, the application can
be stopped by pressing C-c
(CTRL
+ C
); pressing it again will
force the containers to stop immediately. However, this form will show
you all logs, but in most cases, you won't want to see those all the
time. For that, run docker-compose up -d
from the same directory;
The application can then be stopped with docker-compose down
.
The following software packages are required for this software to run correctly.
Your PHP installation must include the following PHP extensions for a functional setup of GNU social:
NOTE: Some distros require manual enabling in the relevant php.ini for some modules.
For some functionality, you will also need the following extensions:
You may also experience better performance from your site if you configure a PHP cache/accelerator. Most distributions come with "opcache" support. Enable it in your php.ini where it is documented together with its settings.
Installing the basic GNU Social web component is relatively easy, especially if you've previously installed PHP/MariaDB packages.
Unpack the tarball you downloaded on your Web server. Usually a command like this will work:
tar zxf gnusocial-*.tar.gz
...which will make a gnusocial-x.y.z subdirectory in your current directory. (If you don't have shell access on your Web server, you may have to unpack the tarball on your local computer and FTP the files to the server.)
Move the tarball to a directory of your choosing in your Web root directory. Usually something like this will work:
mv gnusocial-x.y.z /var/www/gnusocial
This will often make your GNU Social instance available in the gnusocial path of your server, like "http://example.net/gnusocial". "social" or "blog" might also be good path names. If you know how to configure virtual hosts on your web server, you can try setting up "http://social.example.net/" or the like.
If you have "rewrite" support on your webserver, and you should, then please enable this in order to make full use of your site. This will enable "Fancy URL" support, which you can read more about if you scroll down a bit in this document.
Make your target directory writeable by the Web server, please note however that 'a+w' will give all users write access and securing the webserver is not within the scope of this document.
chmod a+w /var/www/gnusocial/
On some systems, this will work as a more secure alternative:
chgrp www-data /var/www/gnusocial/
chmod g+w /var/www/gnusocial/
If your Web server runs as another user besides "www-data", try that user's default group instead. As a last resort, you can create a new group like "gnusocial" and add the Web server's user to the group.
Create a database to hold your site data. Something like this should work (you will be prompted for your database password):
mysqladmin -u "root" -p create social
Note that GNU Social should have its own database; you should not share the database with another program. You can name it whatever you want, though.
(If you don't have shell access to your server, you may need to use a tool like phpMyAdmin to create a database. Check your hosting service's documentation for how to create a new MariaDB database.)
Create a new database account that GNU Social will use to access the database. If you have shell access, this will probably work from the MariaDB shell:
GRANT ALL on social.* TO 'social'@'localhost' IDENTIFIED BY 'agoodpassword';
You should change the user identifier 'social' and 'agoodpassword' to your preferred new database username and password. You may want to test logging in to MariaDB as this new user.
In a browser, navigate to the GNU Social install script; something like:
Enter the database connection information and your site name. The install program will configure your site and install the initial, almost-empty database.
By default, GNU Social will use URLs that include the main PHP program's name in them. For example, a user's home profile might be found at either of these URLS depending on the webserver's configuration and capabilities:
https://social.example.net/index.php/fred
https://social.example.net/index.php?p=fred
It's possible to configure the software to use fancy URLs so it looks like this instead:
https://social.example.net/fred
These "fancy URLs" are more readable and memorable for users. To use fancy URLs, you must either have Apache 2.x with .htaccess enabled and mod_rewrite enabled, -OR- know how to configure "url redirection" in your server (like lighttpd or nginx).
See the instructions for each respective webserver software:
Assuming your webserver is properly configured and have its settings applied (remember to reload/restart it), you can add this to your GNU social's config.php file: $config['site']['fancy'] = true;
You should now be able to navigate to a "fancy" URL on your server, like:
https://social.example.net/main/register
As of right now, your ability change the theme is limited to CSS stylesheets and some image files; you can't change the HTML output, like adding or removing menu items, without the help of a plugin.
You can choose a theme using the $config['site']['theme'] element in the config.php file. See below for details.
You can add your own theme by making a sub-directory of the 'theme' subdirectory with the name of your theme. Each theme can have the following files:
display.css: a CSS2 file for "default" styling for all browsers. logo.png: a logo image for the site. default-avatar-profile.png: a 96x96 pixel image to use as the avatar for users who don't upload their own. default-avatar-stream.png: Ditto, but 48x48. For streams of notices. default-avatar-mini.png: Ditto ditto, but 24x24. For subscriptions listing on profile pages.
You may want to start by copying the files from the default theme to your own directory.
A GNU social node can be configured as "private", which means it will not federate with other nodes in the network. It is not a recommended method of using GNU social and we cannot at the current state of development guarantee that there are no leaks (what a public network sees as features, private sites will likely see as bugs).
Private nodes are however an easy way to easily setup collaboration and image sharing within a workgroup or a smaller community where federation is not a desired feature. Also, it is possible to change this setting and instantly gain full federation features.
Access to file attachments can also be restricted to logged-in users only:
Add a directory outside the web root where your file uploads will be stored. Use this command as an initial guideline to create it:
mkdir /var/www/gnusocial-files
Make the file uploads directory writeable by the web server. An insecure way to do this is (to do it properly, read up on UNIX file permissions and configure your webserver accordingly):
chmod a+x /var/www/gnusocial-files
Tell GNU social to use this directory for file uploads. Add a line like this to your config.php:
$config['attachments']['dir'] = '/var/www/gnusocial-files';
To use a Sphinx server to search users and notices, you'll need to enable the SphinxSearch plugin. Add to your config.php:
addPlugin('SphinxSearch');
$config['sphinx']['server'] = 'searchhost.local';
You also need to install, compile and enable the sphinx pecl extension for php on the client side, which itself depends on the sphinx development files.
See plugins/SphinxSearch/README for more details and server setup.
StatusNet supports a cheap-and-dirty system for sending update messages to mobile phones and for receiving updates from the mobile. Instead of sending through the SMS network itself, which is costly and requires buy-in from the wireless carriers, it simply piggybacks on the email gateways that many carriers provide to their customers. So, SMS configuration is essentially email configuration.
Each user sends to a made-up email address, which they keep a secret. Incoming email that is "From" the user's SMS email address, and "To" the users' secret email address on the site's domain, will be converted to a notice and stored in the DB.
For this to work, there must be a domain or sub-domain for which all (or most) incoming email can pass through the incoming mail filter.
Run the SQL script carrier.sql in your StatusNet database. This will usually work:
mysql -u "statusnetuser" --password="statusnetpassword" statusnet < db/carrier.sql
This will populate your database with a list of wireless carriers that support email SMS gateways.
Make sure the maildaemon.php file is executable:
chmod +x scripts/maildaemon.php
Note that "daemon" is kind of a misnomer here; the script is more of a filter than a daemon.
Edit /etc/aliases on your mail server and add the following line:
*: /path/to/statusnet/scripts/maildaemon.php
Run whatever code you need to to update your aliases database. For many mail servers (Postfix, Exim, Sendmail), this should work:
newaliases
You may need to restart your mail server for the new database to take effect.
Set the following in your config.php file:
$config['mail']['domain'] = 'yourdomain.example.net';
For info on helping with translations, see the platform currently in use for translations: https://www.transifex.com/projects/p/gnu-social/
Translations use the gettext system http://www.gnu.org/software/gettext/. If you for some reason do not wish to sign up to the Transifex service, you can review the files in the "locale/" sub-directory of GNU social. Each plugin also has its own translation files.
To get your own site to use all the translated languages, and you are tracking the git repo, you will need to install at least 'gettext' on your system and then run:
$ make translations
Some activities that StatusNet needs to do, like broadcast OStatus, SMS, XMPP messages and TwitterBridge operations, can be 'queued' and done by off-line bots instead.
Two mechanisms are available to achieve offline operations:
This plugin is enabled by default. It tries its best to do background jobs during regular HTTP requests, like API or HTML pages calls.
Since queueing system is enabled by default, notices to be broadcasted will be stored, by default, into DB (table queue_item).
Whenever it has time, OpportunisticQM will try to handle some of them.
This is a good solution whether you:
In other case, you really should consider enabling the queuedaemon for performance reasons. Background daemons are necessary anyway if you wish to use the Instant Messaging features such as communicating via XMPP.
If you want to use legacy queuedaemon, you must be able to run long-running offline processes, either on your main Web server or on another server you control. (Your other server will still need all the above prerequisites, with the exception of Apache.) Installing on a separate server is probably a good idea for high-volume sites.
Modern PHP versions in some operating systems have disabled functions related to forking, which is required for daemons to operate. To make this work, make sure that your php-cli config (/etc/php5/cli/php.ini) does NOT have these functions listed under 'disable_functions':
* pcntl_fork, pcntl_wait, pcntl_wifexited, pcntl_wexitstatus,
pcntl_wifsignaled, pcntl_wtermsig
Other recommended settings for optimal performance are:
* mysqli.allow_persistent = On
* mysqli.reconnect = On
If you're using a separate server for queues, install StatusNet somewhere on the server. You don't need to worry about the .htaccess file, but make sure that your config.php file is close to, or identical to, your Web server's version.
In your config.php files (on the server where you run the queue daemon), set the following variable:
$config['queue']['daemon'] = true;
You may also want to look at the 'Queues and Daemons' section in this file for more background processing options.
This will run the queue handlers:
These daemons will automatically restart in most cases of failure including memory leaks (if a memory_limit is set), but may still die or behave oddly if they lose connections to the XMPP or queue servers.
It may be a good idea to use a daemon-monitoring service, like 'monit', to check their status and keep them running.
All the daemons write their process IDs (pids) to /var/run/ by default. This can be useful for starting, stopping, and monitoring the daemons. If you are running multiple sites on the same machine, it will be necessary to avoid collisions of these PID files by setting a site- specific directory in config.php:
$config['daemon']['piddir'] = __DIR__ . '/../run/';
It is also possible to use a STOMP server instead of our kind of hacky home-grown DB-based queue solution. This is strongly recommended for best response time, especially when using XMPP.
There is no built-in system for doing backups in GNU social. You can make backups of a working StatusNet system by backing up the database and the Web directory. To backup the database use mysqldump https://mariadb.com/kb/en/mariadb/mysqldump/ and to backup the Web directory, try tar.
Upgrading is strongly recommended to stay up to date with security fixes and new features. For instructions on how to upgrade GNU social code, please see the UPGRADE file.