This repository contains configuration files for running a Mastodon server at ocalaavenue.net. These configurations are based on those from the official Mastodon repository: mastodon/mastodon.
This setup uses webroot authentication, which allows certificate renewal without stopping the server. Certbot writes challenge files to /var/www/certbot, which nginx serves automatically.
Before the first certificate issuance, create the webroot directory structure:
sudo mkdir -p /var/www/certbot/.well-known/acme-challenge
sudo chmod -R 755 /var/www/certbotFor the first time obtaining a certificate:
sudo certbot certonly --webroot -w /var/www/certbot -d ocalaavenue.netsudo certbot certificatessudo certbot renew --dry-runsudo certbot renewThe renewal process will work automatically without stopping nginx or any other services. After renewal, you may need to reload nginx to use the new certificates:
docker compose exec nginx nginx -s reloadOr restart the nginx container:
docker compose restart nginxCertbot typically sets up automatic renewal via systemd timer or cron. To verify:
sudo systemctl status certbot.timerOr check cron:
sudo crontab -l -u root | grep certbotTo automatically reload nginx after certificate renewal (so you don't have to manually reload each time), create a post-renewal hook:
sudo mkdir -p /etc/letsencrypt/renewal-hooks/deploy
sudo tee /etc/letsencrypt/renewal-hooks/deploy/reload-nginx.sh << 'EOF'
#!/bin/bash
docker compose -f /home/ubuntu/mastodon-docker-compose/compose.yaml exec -T nginx nginx -s reload
EOF
sudo chmod +x /etc/letsencrypt/renewal-hooks/deploy/reload-nginx.shThis will automatically reload nginx whenever certbot successfully renews a certificate, ensuring the new certificate is used immediately without manual intervention.
docker exec db pg_dump -Fc -U postgres postgres > dumps/202604161211.dump
Server Specifications (ocalaavenue.net)
- VPS: Amazon Lightsail (4 GB RAM, 2 vCPUs, 80 GB SSD)
- Domain Name Registrar: Amazon Route 53
- Object Storage: Amazon S3
- Mail Server: Gmail (not working now)