I have Mastodon running on a VPS running Debian 11. Now I would like to add a Lemmy instance on the same server. I tried using the from scratch method from Lemmy documentation, but ran into errors that likely stemmed from minor version incompatibilities of the dependencies. I tried using the Lemmy easy deploy script but it wants to bind all traffic on port 443 for Lemmy which would break my Mastodon install. Has anyone managed to get Lemmy and Mastodon running on the same box, and if so, can you share any details of your setup?

  • veroxii@lemmy.world
    link
    fedilink
    English
    arrow-up
    18
    ·
    2 years ago

    You need a reverse proxy like nginx or traefik. Your mastodon server is using the web ports. Lemmy also wants to use the same ports. Obviously the can’t both use them.

    The solution is to let neither use the ports and set them up on some other ports.

    The reverse proxy is then set up as your main “web server”. It will then look at every request coming in and based on the domain name or url requested redirect (or rather forward or proxy) the request to the correct service… mastadon or Lemmy.

    I run dozens of services on the same server. And use traefik to sit in front and manage it all.

    • TrinityTek@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      edit-2
      2 years ago

      I have reverse proxy configured for Mastodo using Nginx. It’s the Lemmy Easy Deploy script trying to bind all traffic on port 443 where I run into problems.

      • key@lemmy.keychat.org
        link
        fedilink
        English
        arrow-up
        9
        arrow-down
        1
        ·
        2 years ago

        Don’t use that silly script. Easiest is to use the docker compose method and modify the compose file to remove the nginx container since you already have nginx. Then once you have lemmy’s containers running, add config to nginx to point to the ports lemmy/lemmy ui listen on

        • TrinityTek@lemmy.worldOP
          link
          fedilink
          English
          arrow-up
          1
          ·
          2 years ago

          This worked great! Thanks again for the advice! When the from scratch install didn’t work, multiple people suggested the easy deployment script. For my setup the Docker compose deployment was perfect and offered the opportunity for customization I needed. The easy deployment script does look pretty slick though if someone just wants a turnkey setup and wants to dedicate their whole box to it.

  • immibis@social.immibis.com
    link
    fedilink
    arrow-up
    6
    ·
    edit-2
    2 years ago

    @TrinityTek@lemmy.world @selfhosted@lemmy.world Everything on your server has a URL, like https://your.server.name.example/c/your_community_name. Unless you want all the official public URLs to everything on your server to have a port number in them (https://your.server.name.example:1234/TrinityTek) you probably want to figure this out <i>before</i> deploying anything.

    I suggest using vhosts. You can for example run Lemmy on port 8001 and Mastodon on port 8002 (both should be bound to 127.0.0.1 without HTTPS). Then you get two domain names pointing at the same server. Then you install nginx on your server, as your actual web server, and you configure it so requests for lemmy.trinitytek.com gets proxied to lemmy and mastodon.trinitytek.com gets proxied to mastodon

    • ChickenBoo@lemmy.jnks.xyz
      link
      fedilink
      arrow-up
      3
      ·
      2 years ago

      I found it easiest to get them running on docker. The documentation wasn’t FANTASTIC, but it got me there in the end.

      Then I have nginx proxy manager running in another docker container, which handles the virtual hosts for me. It’s the one actually bound to 80 and 443. Will help you get set up with SSL certs easily, too.

    • TrinityTek@lemmy.worldOP
      link
      fedilink
      arrow-up
      1
      ·
      2 years ago

      Thanks for the advice. I’m actually very experienced with vhosts, but my understanding was that vhosts are an Apache thing and Nginx uses different terminology. Unfortunately I am still very green when it comes to Nginx. What you described is exactly what I intend to implement though, and I believe my Mastodon install is already configured properly for that to work. It’s just the Lemmy Easy Deploy script that tries to bind all traffic on port 443 where I run into problems.

        • TrinityTek@lemmy.worldOP
          link
          fedilink
          arrow-up
          1
          ·
          2 years ago

          Yes, it’s very similar in Apache, but different enough for me to feel a little out of my comfort zone. I appreciate the tips.

          • immibis@social.immibis.com
            link
            fedilink
            arrow-up
            2
            ·
            2 years ago

            Here’s what I have for Pleroma.

            server {
            server_name social.immibis.com; # this is what matches the domain name
            root /var/www/social_html; # empty folder
            location / {
            proxy_pass http://localhost:4000;
            }

            # this block was from the pleroma documentation, I think. Mastodon and Lemmy might have their own recommendations. Upgrade is to enable proxying websockets. and the rest seems generally sensible for proxying.
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection “upgrade”;
            proxy_set_header Host $http_host;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            client_max_body_size 16m;
            ignore_invalid_headers off;

            # when you run Certbot it will change this to 443, insert SSL configuration, and set up a redirect on port 80
            listen [::]:80;
            listen 80;
            }

            • TrinityTek@lemmy.worldOP
              link
              fedilink
              arrow-up
              1
              ·
              2 years ago

              Thank you for sharing your config and advice! I appreciate it. I got it working along with ssl certs installed with certbot and all is well. Cheers!

  • Voroxpete@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    5
    ·
    2 years ago

    This is what containers were made for my friend. I’m sure that both Lemmy and Mastodon have Docker images available. If not you can always run your installs in LXC containers instead.

    • TrinityTek@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      2 years ago

      I just got it working. I used a Docker install for Lemmy but not for Mastodon and setup reverse proxy manually. I still have some fine tuning to do, but it works! Woot!

      • Voroxpete@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        1
        ·
        2 years ago

        I would personally recommend putting them both in Docker containers, but I’m glad it’s working for you.

        • TrinityTek@lemmy.worldOP
          link
          fedilink
          English
          arrow-up
          1
          ·
          2 years ago

          Thanks for the suggestion. What would be the benefit of switching to a docker install of Mastodon?

          • Voroxpete@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            1
            ·
            2 years ago

            Basically the whole point of docker is that it keeps all the fiddly junk involved in actually running an application separated off into its own little box where it can’t affect the host system. So by taking one of those applications and putting it directly on the host system you’re sort of undoing all that.

            The idea is that the docker host basically shouldn’t do anything other than run docker itself. That way there’s minimal chance of anything getting screwy. Also using docker installs for all your critical apps means that you can use Watchtower to auto update them, which is a nice bonus.

            • TrinityTek@lemmy.worldOP
              link
              fedilink
              English
              arrow-up
              1
              ·
              2 years ago

              Thanks for the perspective! I am a reluctant newcomer to Docker so I appreciate it. Time for me to get with the times and embrace Docker since that’s the most popular installation method for many of my favorite self hosted platforms these days. It might take a while for me to really get used to it though. Since I have this setup and working it will probably remain as is, but I’ll make a point to do a pure Docker setup on a similar build in the future.

  • GreenDot 💚@le.fduck.net
    link
    fedilink
    English
    arrow-up
    4
    ·
    2 years ago

    I’m running both, via docker.

    Here’s the basic setup:

    NGiNX is standard installation, using certbot to manage the SSL certificates for the domains. Setup is via Nginx virtual hosts (servers), separate for Lemmy and Mastodon. Lemmy and Mastodon run each in their Docker containers, with different listning ports on localhost.

                      lemmy.domain.tld+------------------------+
                   +------------------+                        |
                   |                  |         Lemmy          |
                   |                  |         127.0.0.1:3000 |
                   |                  +------------------------+
                   |
    +--------------+----+
    |NGiNX with SSL     |   mastodon.domain.tld
    |and separate VHOSTS+--------------+-----------------------+
    |                   |              |          Mastodon     |
    +-------------------+              |          127.0.0.1:3001
                                       +------------------------
    
    
  • Meow.tar.gz@lemmy.goblackcat.com
    link
    fedilink
    English
    arrow-up
    3
    ·
    2 years ago

    Yes, I am running them both on an Arch server using docker containers. So far no issues at all. Each service runs on its own private internal network so they’re isolated. I just have the lemmy-ui listening on port 1236 and mastodon-web listens on port 443.

    • TrinityTek@lemmy.worldOP
      link
      fedilink
      arrow-up
      1
      ·
      2 years ago

      Interesting point. I hadn’t given that any consideration but if my Mastodon/Lemmy plans don’t work out I might give it a shot.

      • eh@nerdbin.social
        link
        fedilink
        arrow-up
        2
        ·
        2 years ago

        jsyk, with how ActivityPub works changing the software that’s running from under it will break federation with you in all sorts of subtle ways. When you pick a thing to run under a domain you’re effectively locked into running that software under that domain. And of course there is some cryptographic verification as well so you change the keys (or you wipe or forget to back up the database) you may as well burn that domain from federating ever again.

        • TrinityTek@lemmy.worldOP
          link
          fedilink
          arrow-up
          1
          ·
          2 years ago

          Thanks for pointing that out! In this case I am using subdomains so hopefully I won’t run into any issues with that. I recently bought fdr8.us with the intention of creating subdomains under it for my federated projects. Mastodon.fdr8.us and Lemmy.fdr8.us are now live. If I do a kbin instance it will probably follow the same format.

    • Dusty@l.dusty-radio.com
      link
      fedilink
      English
      arrow-up
      1
      ·
      2 years ago

      I tried kbin and don’t really understand it to be honest. I looked at their documentation and it doesn’t really explain much other than how to create an account on an instance.

      Going to kbin.social and creating an account didn’t get me much farther. I don’t undrestand how to “subscribe” to (for example) the lemmy communities I follow her, or the users I follow on mastodon. And the “magazines” thing I really don’t get.

      Maybe I’m too dumb for it or something.

      • Arotrios@kbin.social
        link
        fedilink
        arrow-up
        3
        ·
        edit-2
        2 years ago

        Nope don’t feel bad - it’s totally understandable. Kbin is new, so the documentation is lacking.

        Almost all content on Kbin, including users, has a follow / subscribe button in the sidebar beneath the magazine or user description. There’s also a block button. These buttons can be used on almost all Kbin content, so it’s very powerful - after spending about a week adding subs, my Kbin feed is far more active than Reddit was, even at its height.

        Kbin breaks down your content into Magazines, Microblogs, and Threads. Magazines are synonymous with Communities on Lemmy, or subreddits on reddit. Microblogs are where the Mastodon Toots go, and how you interact with instances based on that architecture. Threads are just like posts on reddit, and can be text only, a link, a pic, or a video (although it seems video is still under development).

        The best place to start getting subscriptions are in the magazines section:

        https://kbin.social/magazines

        …which lists all of the currently federated communities. Putting a domain search into the search bar will bring up all magazines in the instance on that domain:

        https://kbin.social/magazines?q=lemmy.world

        This domain searching is extremely powerful, especially when you use the domain section (which can be hard to find) - you can get a breakdown of any domain currently federated on kbin by using the following link:

        https://kbin.social/d/lemmy.world

        …where you’d put the domain you’re interested in in place of ‘lemmy.world’. You can then subscribe to the entire instance through that feed, or block it f you’d like. This also works for standard domains as well:

        https://kbin.social/d/imgur.com

        So it will scan all content and links for that domain that’s federated on kbin.social.

        Tag searching is also another undocumented gem, as it searches across both Mastodon and Lemmy instances for relevant tags:

        https://kbin.social/t/cat
        https://kbin.social/t/dog

        There are already some really nice greasemonkey add-ons that I highly recommend here that help make the navigational experience friendlier.

        I hope that helps - I see a lot of potential in this platform, and with a bit of polishing I think it’s a better app than Reddit or Twitter ever were.

        • Dusty@l.dusty-radio.com
          link
          fedilink
          arrow-up
          1
          ·
          2 years ago

          Thank you for that.

          I did find one glaring issue on kbin that will keep me from using it in the future.

          I had apparently opened an account whoknowswhen, and figured I’d remove it and start again. When I went to delete the account, it didn’t actually delete it, instead it keeps me logged in and just put this at the top >Your request to delete the account has been submitted.

          That seems like a bit of an issue, as I shouldn’t have to wait for it to be submitted (which also appears to mean approved) before deleting an account. Until that’s fixed, I’ll stick with lemmy and mastodon separately.

          • losttourist@kbin.social
            link
            fedilink
            arrow-up
            1
            ·
            2 years ago

            The developer of kbin, @ernest, has said that automated processing of account deletion requests is on the roadmap but currently it’s a manual process.

            As you can imagine, for a piece of software that two months ago was in alpha status with fewer than 100 regular users and then suddenly became one of the most-used systems on the Fediverse, there are still a lot of rough edges to be cleaned up.

  • FancyGUI@lemmy.fancywhale.ca
    link
    fedilink
    English
    arrow-up
    2
    ·
    2 years ago

    Definitely look into sandboxed environments and reverse proxy. You’ll probably fall into services, then containers and then some sort of orchestration layer. But honestly, check reverse proxies out, they’re amazing!

  • Daedric@lemmy.aguiarvieira.pt
    link
    fedilink
    English
    arrow-up
    2
    ·
    2 years ago

    No, because finding Lemmy dockers compatible with arm64 is hard.

    Easy Lemmy bundles Caddy and it makes it difficult to adapt.

  • TrinityTek@lemmy.worldOP
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    2 years ago

    Thanks for talking through it with me, everyone. I got it working with a Docker compose install of Lemmy and a non-Docker Mastodon install. Reverse proxy was configured manually in nginx. Mastodon.fdr8.us and Lemmy.fdr8.us are now live! I have some fine tuning to do still and a lot of setup, but I’m happy that they are working. Cheers!

      • TrinityTek@lemmy.worldOP
        link
        fedilink
        English
        arrow-up
        1
        ·
        2 years ago

        I didn’t plan it that way. I installed Mastodon first and didn’t use a Docker install. I configured Nginx and reverse proxy and then tried a non-Docker Lemmy install from scratch. That failed, and I believe the reason was some minor version differences in the dependencies. That’s when I asked for advice and got a few recommendations to try the Lemmy Easy Deployment script. I would prefer to have done the from scratch install if there was current documentation and dependencies were available, but if there is I wasn’t finding it. The Docker compose Lemmy install method worked well enough though so I’m happy with that.

        • lemmy@lemmy.nsw2.xyz
          link
          fedilink
          English
          arrow-up
          2
          ·
          edit-2
          2 years ago

          Ah, I know what you mean. I managed to get them both setup in docker containers on the same server, but I’ll admit getting Lemmy up was a pain. The documentation is vague on some steps, but it’s FOSS so I can’t complain.

          • Here is my pastebin with notes for my Lemmy docker compose which is modified from their example. You’ll notice it has an nginx web service. You can technically forego that and put it in your final reverse proxy. I chose not to so that it stays similar to their example.
          • For Mastodon, I am using the Linuxserver container. Their documentation is straightforward IMO, but then again I’m used to their setup.
          • With the two ports exposed for both services, you can then put it behind a reverse proxy.

          Hope this helps!