68k Mentat

Running GoToSocial behind a Yunohost server

Introduction

I use Yunohost to host a number of personal services from my home. As a result, ports 80 and 443 (http and https) are already spoken for on my public IP address.

I have a GoToSocial server running on a Rock64 from my house. I also host a Yunohost server, which uses with my public IP address’s ports 80 and 443 and handles LetsEncrypt certification, so in order to get things running I had to hammer out a few headaches. I’ve written up my process here to hopefully make it easier for others.

My process may work in a few similar cases, such as using nginx without yunohost, or running GoToSocial on the same computer as yunohost. The purpose of these instructions is to help someone who is interested in self-hosting GoToSocial feel empowered to do so. If you need any help, please feel free to reach out to me (@franklint@gts.68kmentat.com on fedi), or pop into the GtS chatroom.

example setup

These are just example addresses and you will need to change them to match your setup

  • Yunohost runs on 192.168.0.10
  • GoToSocial will run on 192.168.0.20
  • GoToSocial will use gts.example.com as a hostname
  • GoToSocial will use port 8080 on 192.168.0.20 note: you can use whatever port you want, but will need to perform extra steps if you choose a port below 1024*

Steps

  1. Add your desired domain under the Yunohost Administration panel. Make sure that you have DNS set correctly. Yunohost has a help page with instructions on this.

  2. Install the “Redirect” app in the Yunohost Administration panel
    • Choose your gotosocial domain gts.example.com
    • set the URL path to /
    • set the destination path to http://192.168.0.20:8080
    • For Redirect type choose Proxy, invisible (NGINX proxy_pass). Everybody will be able to access it.
  3. To allow files larger than 1MB to be uploaded, create the file /etc/nginx/conf.d/gts.example.com.d/uploads.conf on your Yunohost server with the following line:
      client_max_body_size 10M;
    

    note: this is enough for the default maximum video setting of 10mb. If you want to increase or decrease this file limit, remember to also change it in your GoToSocial config file

  4. Follow the GoToSocial Installation Guide, with the following additions:
    • open port 8080 in 192.168.0.20’s firewall
    • leave port: 8080
    • change trustedProxies to 192.168.0.10
    • change letsEncrypt.enabled to false
  5. create a gotosocial user with useradd -r gotosocial

  6. grant your new user access to the /gotosocial directory with chown -R gotosocial:gotosocial /gotosocial

  7. create a systemd service at /etc/systemd/system/gotosocial.service with the following lines:
     [Unit]
     Description=GoToSocial Server
    
     [Service]
     User=gotosocial
     Group=gotosocial
     Type=exec
     Restart=on-failure
     WorkingDirectory=/gotosocial
     ExecStart=/gotosocial/gotosocial --config-path config.yaml server start
    
     [Install]
     WantedBy=default.target
    
  8. enable and start your GoToSocial server with sudo systemctl enable --now gotosocial.service