Running your own Mastodon instance with Docker

This is on a Ubuntu 22.04 server. Install the necessary Docker packages first.

sudo apt install docker-compose-v2

Add a mastodon user with UID and GID 991.

sudo groupadd -g 991 mastodon
sudo useradd -u 991 -g 991 -m -d /srv/mastodon -s /bin/false mastodon

Now cd to /srv/mastodon, clone the Mastodon repository and check out the current version.

git clone https://github.com/mastodon/mastodon.git .
git checkout v4.2.8

Build the Mastodon image and set correct ownership of the public directory.

docker compose build
sudo chown -R mastodon: /srv/mastodon/public

Now run the Mastodon setup step.

copy .env.production.sample .env.production
docker compose run --rm web rake mastodon:setup

Fill in the necessary details but leave the Redis password blank. Make sure the (sub)domain you want to use has a proper DNS record. The setup outputs a set of variables, copy and paste those into .env.production after having deleted the old content. Since this file contains credentials you could chmod 400 it so only the user firing up the Docker setup has read access.

Start the Mastodon stack.

docker compose up -d

And verify all containers come up healthy. Now you can put your Mastodon instance behind a reverse proxy. I’m running Apache myself and the configuration below works for me. Bear in mind it relies on a working Let’s Encrypt certificate, you will have to create one yourself.

<VirtualHost *:80>
        ServerName mastodon.yoursite.net
        ServerAdmin yourname@yoursite.net
        AssignUserID mastodon mastodon # Only applicable when using MPM-ITK

        DocumentRoot /srv/mastodon

        <Directory />
                Options FollowSymLinks
                AllowOverride None
        </Directory>

        Redirect permanent / https://mastodon.yoursite.net/

        ErrorLog ${APACHE_LOG_DIR}/mastodon.yoursite.net.error.log

        # Possible values include: debug, info, notice, warn, error, crit,
        # alert, emerg.
        LogLevel warn

        CustomLog ${APACHE_LOG_DIR}/mastodon.yoursite.net.access.log combined

</VirtualHost>


<VirtualHost *:443>
        ServerName mastodon.yoursite.net
        ServerAdmin yourname@yoursite.net
        AssignUserID mastodon mastodon # Only applicable when using MPM-ITK

        ProxyPreserveHost On
        ProxyPass /api/v1/streaming http://localhost:4000/
        ProxyPass / http://localhost:3000/
        ProxyPassReverse / http://localhost:3000/

        RequestHeader set X-Forwarded-Proto "https"

        SSLEngine on
        SSLProxyEngine on
        SSLCertificateFile      /etc/letsencrypt/live/mastodon.yoursite.net/cert.pem
        SSLCertificateKeyFile   /etc/letsencrypt/live/mastodon.yoursite.net/privkey.pem
        SSLCertificateChainFile /etc/letsencrypt/live/mastodon.yoursite.net/chain.pem

        # intermediate configuration, tweak to your needs
        SSLProtocol             all -SSLv3 -TLSv1 -TLSv1.1
        SSLCipherSuite          ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305
        SSLHonorCipherOrder     off
        SSLCompression    off

        # HSTS (mod_headers is required) (15768000 seconds = 6 months)
        Header always set Strict-Transport-Security "max-age=15768000"

        ErrorLog ${APACHE_LOG_DIR}/mastodon.yoursite.net.error.log
        CustomLog ${APACHE_LOG_DIR}/mastodon.yoursite.net.access.log combined
</VirtualHost>

Reload Apache and visit your Mastodon instance with the admin account you created. The result of these steps can be found here: https://mastodon.autostatic.net

References:

Running your own Mastodon instance with Docker

Balancing act

At the moment everything seems a bit like a balancing act. First on a physical level, as I’m currently recovering from surgery one of the things I have to learn again is to find my balance, literally. While recovering I can’t do very much hobby stuff in the analogue domain so I swayed a bit to the digital domain again.

About 6 years ago I bought a Mixbus 32C license but found myself using Ardour more and more. During the pandemic I took a subscription and from then on I basically started using Ardour exclusively. Still remember the first time I opened up Ardour back in the 00’s, to me it was intimidating, daunting, what did all those buttons and sliders do? But like with more things in life, sometimes you just fathom the seeming complexity of something, call it an eye opener, and then you’re like, why didn’t I start using Ardour right from the beginning?

Now Ardour is my DAW of choice. It’s running on Debian 12 with a Liquorix kernel on my old, trusted BTO and I’ve never had such a stable setup before. Yes, Debian, after 14 years of Ubuntu that has become a balancing act too. The more applications are moved into Snap the more it alienates me from the OS. While I understand the concept of self-contained applications, it’s part of my job, I don’t think this concept has a real purpose on a desktop OS. It adds another layer of complexity and makes communication between applications harder. Whole different story for another time.

Ardour 8.0 has just been released and I can wholeheartedly recommend it. Installing and setting it up is a breeze and even on my old BTO it runs like a charm. The only restriction is that I can’t use too many Dragonfly Reverb plugins within a project but once I give in to my GAS to get a Framework notebook that will be resolved too.

Balancing act

Using the Tascam US-144MKII with Linux

Today I got a Tascam US-144MKII from a colleague because he couldn’t use it anymore with Mac OSX. Apparently this USB2.0 audio interface stopped working on El Capitan. Tascam claims they’re working on a driver but they’re only generating bad publicity with that announcement it seems. So he gave it to me, maybe it would work on Linux.

Tascam US-144MKII
Tascam US-144MKII

First thing I did was plugging it in. The snd_usb_122l module got loaded but that was about it. So much for plug and play. There are reports though that this interface should work so when I got home I started digging a bit deeper. Apparently you have to disable the ehci_hcd USB driver, which is actually the USB2.0 controller driver, and force the US-144MKII to use the uhci_hcd USB1.1 driver instead so that it thinks it’s in USB1.1 mode. This limits the capabilities of the device but my goal for today was to get sound out of this interface, not getting the most out of it.

I quickly found out that on my trusty XPS13 forcing USB1.1 was probably not going to work because it only has USB3.0 ports. So I can disable the ehci_hcd driver but then it seems the xhci_hcd USB3.0 driver takes over. And disabling that driver effectively disables all USB ports. So I grabbed an older notebook with USB2.0 ports and disabled the ehci_hcd driver by unbinding it since it’s not compiled as a module. Unbinding a driver is done by writing the system ID of a device to a so-called unbind file of the driver that is bound to this device. In this case we’re interested in the system ID’s of the devices that use the ehci_hcd driver which can be found in /sys/bus/drivers/ehci-pci/:

# ls /sys/bus/pci/drivers/ehci-pci/
0000:00:1a.7  bind  new_id  remove_id  uevent  unbind
# echo -n "0000:00:1a.7" > /sys/bus/pci/drivers/ehci-pci/unbind

This will unbind the ehci_hcd driver from the device with system ID 0000:00:1a.7 which in this case is an USB2.0 controller.When plugging in the USB interface it now got properly picked up by the system and I was greeted with an active green USB led on the interface as proof.

$ cat /proc/asound/cards
 0 [Intel          ]: HDA-Intel - HDA Intel
                      HDA Intel at 0xf4800000 irq 46
 1 [US122L         ]: USB US-122L - TASCAM US-122L
                      TASCAM US-122L (644:8020 if 0 at 006/002

So ALSA picked it up as a device but it doesn’t show up in the list of sound cards when issuing aplay -l. This is because you have to tell ALSA to talk to the device in a different way then to a normal audio interface. Normally an audio interface can be addressed by using the hw plugin which is the most low-level ALSA plugin that does nothing more than talking to the driver and this is what most applications use, including JACK. The US-144MKII works differently though, its driver snd_usb_122l has to be accessed with the use of the usb_stream plugin which is part of the libasound2-plugins package and that allows you to set a PCM device name that can be used with JACK for instance. This can be done with the following .asoundrc file that you have to create in the root of your home directory:

pcm.us-144mkii {
        type usb_stream
        card "US122L"
}

ctl.us-144mkii {
        type hw
        card "US122L"
}

What we do here is creating a PCM device called us-144mkii and coupling that to the card name we got from cat /proc/asound/cards which is US122L. Of course you can name the PCM device anything you want. Almost all other examples name it usb_stream but that’s a bit confusing because that is the name of the plugin and you’d rather have a name that has some relation to the device you’re using. Also practically all examples use card numbers. But who says that the USB audio interface will always be card 0, or 1. It could also be 2, or 10 if you have 9 other audio interfaces. Other examples work around this by fixing the order of the numbers that get assigned to each available audio interface by adjusting the index parameter for the snd_usb_122l driver. But why do that when ALSA also accepts the name of the card? This also makes thing a lot easier to read, it’s now clear that we are coupling the PCM name us-144mkii to the card named US122L. And we’re avoiding having to edit system-wide settings. The ctl stanza is not strictly necessary but it prevents the following warning when starting JACK:

ALSA lib control.c:953:(snd_ctl_open_noupdate) Invalid CTL us-144mkii
control open "us-144mkii" (No such file or directory)

So with the .asoundrc in place you can try starting JACK:

$ jackd -P85 -t2000 -dalsa -r48000 -p512 -n2 -Cus-144mkii -Pus-144mkii
jackd 0.124.2
Copyright 2001-2009 Paul Davis, Stephane Letz, Jack O'Quinn, Torben Hohn and others.
jackd comes with ABSOLUTELY NO WARRANTY
This is free software, and you are welcome to redistribute it
under certain conditions; see the file COPYING for details

no message buffer overruns
JACK compiled with System V SHM support.
loading driver ..
apparent rate = 48000
creating alsa driver ... us-144mkii|us-144mkii|512|2|48000|0|0|nomon|swmeter|-|32bit
configuring for 48000Hz, period = 512 frames (10.7 ms), buffer = 2 periods
ALSA: final selected sample format for capture: 24bit little-endian in 3bytes format
ALSA: use 2 periods for capture
ALSA: final selected sample format for playback: 24bit little-endian in 3bytes format
ALSA: use 2 periods for playback

This translates to the following settings in QjackCtl:

QjackCtl Settings – Parameters
QjackCtl Settings – Parameters

QjackCtl Settings – Advanced
QjackCtl Settings – Advanced

Don’t expect miracles of this setup. You won’t be able to achieve super low-latencies but at least you can still use your Tascam US-144MKII instead of having to give it away to a colleague.

Using the Tascam US-144MKII with Linux

A week without a Mac

Got my new workstation last week. Ultimately I decided to opt for a Dell notebook system with Linux pre-installed. So that left me only one single option: the XPS 13 Developer Edition, aka Sputnik 3. After having worked with it for a week I can only say I’m very, very happy with it. Unboxing it was a joy in itself, unwrapping the amazingly sleek machine and booting it for the first time. The XPS 13 comes with Ubuntu 12.04 LTS pre-installed which is just fine for me, especially given the fact that everything seems to work flawlessly so far. I haven’t rebooted it for days for example, suspending it works brilliantly and when I open the lid the device wakes up instantly, even after having it closed for days. And even though it has an i7 CPU it can run for hours on a full battery. The touch screen is a nice bonus but I haven’t really made use of it yet, it could be quite cool for live perfomances though. I’ve tested the touch screen with seq24 and it’s quite awesome to be able to trigger sequences by pressing the sequences on your screen.

Dell XPS 13 Developer Edition

I did try a fresh install but it would take me a bit too much time to get everything working properly so in the end I opted for sticking with the default install and install the Lubuntu desktop on top of it. And the default install doesn’t get in the way so I’m all set. I’m now looking for a nice keyboard and mouse to pair with the notebook, I’d greatly appreciate any suggestions. I had already ordered a Logitech K290 but I’m sending it back because it has the function keys swapped with the media keys and I just can’t work with that. Switching tty’s with Fn+Ctrl+F[:digit:] is just impossible to do with that keyboard. I could’ve tried swapping the keys but I’ve already filled in the RMA form and repacked the keyboard so it’s going back.

Next up is configuring it for making music. I’m thinking about purchasing a new USB audio interface, preferably USB2.0, that matches well with this machine. Suggestions are very welcome. I’ve looked at the Focusrite Scarlett 2i4 but a recent thread on LAU raised some doubts. We’ll see, it’s something for later, for now I’m extremely happy with my new work horse.

A week without a Mac

New notebook: BTO P•BOOK 17CL45-GT650 i7 QUAD

Yay, got a new notebook, a BTO P•BOOK 17CL45-GT650 i7 QUAD! I visited BTO last Tuesday and placed an order for a custom built notebook and it arrived yesterday. It’s quite a monster if you ask me:

  • Intel Core i7-3630QM Quad Core Processor (6MB Cache, 2.3 GHz, Turbo Mode 3.3GHz)
  • 16GB RAM
  • 120GN SSD
  • 1TB HDD
  • Nvidia GT650M

One of the reasons I chose BTO besides the fact that they offer custom built notebooks is that they also offer the choice to have your custom built notebook come without an OS. Unfortunately it came without a license, in other words, when I first started the notebook it booted into a Windows 7 installation procedure. No biggie, created a bootable USB stick with the Ubuntu 12.04 mini ISO and wiped all partitions. 20 minutes later I could boot into a fresh Lubuntu installation. And you know what? All the essential stuff worked out of the box! So far the following things just work:

  • Network, both WiFi and wired
  • Sound
  • Webcam
  • Fn buttons
  • Display
  • Suspend to RAM

The only real challenge is probably getting the Nvidia Optimus configuration to work but I already found some very specific documentation. Yes, the BTO is actually a Clevo W170ER housing with custom hardware.


text-align: center;

BTO P•BOOK 17CL45-GT650 i7 QUAD/Clevo W170ER

Other than that the BTO was a breeze to set up and it happily runs Lubuntu 12.04. Booting into a complete desktop takes less than 15 seconds at the moment. Next up is configuring it properly for real-time, low-latency audio. If I want to get the most out of it I’ll probably have to start looking for a decent USB2.0 audio interface. The BTO has no FireWire or PCI Express ports. A sign of the times, guess FireWire is basically dead technology.

New notebook: BTO P•BOOK 17CL45-GT650 i7 QUAD

JackLinx site online

De site van het JackLinx project is online gegaan: http://www.jacklinx.nl/

Dit is het project waar ik het in een eerdere blogpost al over had gehad, de educatieve muziekomgeving onder Linux die gebruik maakt o.a. JACK, mididings, QMidiRoute, QmidiNet, Qsynth en Bash scripts:

JackLinx is an application management framework that makes it possible for children and young music students to instantly start working with a complex array of inter-connected Linux Music and Audio applications.

The targeted use scenario is the primary or high school music classroom furnished with a a set of networked desktop or laptop computers, where a music teacher directs and guides a group of music students to perform various music educational assignments and activities using the JackLinx platform.

The JackLinx platform can be used for individual musical instruction and training, for small group work over the network and for live musical performances.

JackLinx aims to be a full featured but simple and flexible music laboratory for all ages that focuses on live musicking.

Ik ben hier ontzettend enthousiast over, vooral vanwege de keuzes van de auteur (Fred de Borst) en het feit dat het optimaal gebruik maakt van de mogelijkheden van Linux audio en Linux in het algemeen (JackLinx maakt bijvoorbeeld goed gebruik van meerdere desktops).


JackLinx op Lubuntu 11.10 met Gnome MPLayer, MuseScore, 9menu en VMPK

Volgende stap is de software geschikt maken om te distribueren en deze zal misschien her en der nog wat gefinetuned moeten worden. Ik ga proberen om de ontwikkelingen zoveel mogelijk te volgen hier op mijn blog.

JackLinx site online

Nieuwe tutorials

Heb twee nieuwe tutorials gemaakt mbt. het opzetten van een server waarmee je kan (video)bellen met SIP clients en WebRTC clients zoals Google Chrome.

Installing webrtc2sip on Ubuntu 12.04
Asterisk and sipml5 interoperability

En ja, ze zijn in het Engels vanwege wat verzoeken vanuit de Doubango community. Bovendien gebeurt er in Nederland nog bar weinig op het gebied van WebRTC.

Nieuwe tutorials

Sun Type7 toetsenbord speciale toetsen

Het Sun Type7 toetsenbord dat ik gebruik op mijn werk heeft aan de linkerkant een aantal speciale toetsen. Deze hebben allemaal een keysym alleen doen ze nagenoeg niets. Heb ze nu met Openbox allemaal een functie gegeven.

    <keybind key="Help">
      <action name="Execute">
        <command>xdotool key F1</command>
      </action>
    </keybind>
    <keybind key="Cancel">
      <action name="Execute">
        <command>xkill</command>
      </action>
    </keybind>
    <keybind key="Redo">
      <action name="Execute">
        <command>xdotool key ctrl+y</command>
      </action>
    </keybind>
    <keybind key="SunProps">
      <action name="Execute">
        <command>xdotool key Menu</command>
      </action>
    </keybind>
    <keybind key="Undo">
      <action name="Execute">
        <command>xdotool key ctrl+z</command>
      </action>
    </keybind>
    <keybind key="SunFront">
      <action name="Execute">
        <command>xdotool keydown alt key Tab</command>
      </action>
    </keybind>
    <keybind key="XF86Copy">
      <action name="Execute">
        <command>xdotool key ctrl+c</command>
      </action>
    </keybind>
    <keybind key="SunOpen">
      <action name="Execute">
        <command>xdotool key ctrl+o</command>
      </action>
    </keybind>
    <keybind key="XF86Paste">
      <action name="Execute">
        <command>xdotool key ctrl+v</command>
      </action>
    </keybind>
    <keybind key="Find">
      <action name="Execute">
        <command>xdotool key ctrl+f</command>
      </action>
    </keybind>
    <keybind key="XF86Cut">
      <action name="Execute">
        <command>xdotool key ctrl+x</command>
      </action>
    </keybind>

Heb voor het sturen van de keystrokes xdotool gebruikt. Een sudo apt-get install xdotool volstaat om dat te installeren. De output van de speciale Sun toetsen heb ik achterhaald met xev wat als het goed is standaard al geïnstalleerd is. Bovenstaande code kun je gebruiken in het configuratiebestand van Openbox, in mijn geval is dat ~/.config/openbox/lubuntu-rc.xml. Daarna openbox --reconfigure draaien om de boel opnieuw in te laden.

Sun toets Functie
Help Help functie van applicatie (F1)
Stop Applicatie killen (xkill)
Again Opnieuw uitvoeren (Control+y)
Props Context menu (Menu)
Undo Ongedaan maken (Control+z)
Front Applicatielijst (Alt+Tab)
Copy Kopiëren (Control+c)
Open Openen bestand (Control+o)
Paste Plakken (Control+v)
Find Zoeken (Control+f)
Cut Knippen (Control+x)
Sun Type7 toetsenbord speciale toetsen

XFCE Power Manager

Lijkt een futiliteit maar kan toch frustrerend zijn: een niet werkend toetsje op je toetsenbord. Ik wilde per sé de Sleep toets op mijn Sun Type7 toetsenbord aan de praat krijgen, op de een of andere manier werkte die niet. Ben er uiteindelijk achter gekomen dat het aan het pakket xfce4-power-manager lag. Die ving kennelijk de keysym van de Sleep toets af (XF86PowerOff) om er vervolgens niets mee te doen. Na dit pakket gedeïnstalleerd te hebben en openbox --reconfigure te hebben gedraaid werkte de Sleep toets weer naar behoren.

Edit: ga nog wel uitzoeken waarom xfce4-power-manager het niet doet, als xfce4-power-manager namelijk wel draait en ik stel als actie Shutdown in als de Power knop wordt ingedrukt dan sluit het systeem af als ik de Sleep toets indruk. Stel ik als actie Ask in dan gebeurt er niks terwijl dan het Lubuntu uitlogscherm zou moeten verschijnen.

Edit 2: Bijbehorende bugreport gevonden:
https://bugs.launchpad.net/xfce4-power-manager/+bug/1008650
Staat ook een link in naar een workaround:
http://www.who.is.free.fr/wiki/doku.php?id=xfce#power_button_event_workaround

Het script op die pagina is wel erg uitgebreid, bij mij volstaat het volgende:

#!/bin/bash
xfce4-power-manager -q
openbox --reconfigure
xfce4-power-manager

Dit bestandje heb ik fix-power-button genoemd en start ik op via $HOME/.config/lxsession/Lubuntu/autostart

XFCE Power Manager

Openbox en Java

Als ik application title matching wilde doen met Openbox dan wilde bijna geen enkele Java applicatie meer opstarten. Bleek om deze bug te gaan.

$ apt-get source openbox
$ wget
https://github.com/danakj/openbox/commit/c5468fb6cf6341205c15603eb96130fa26bfaea3.patch
-O application-title-matching.patch
$ patch -d openbox-3.5.0 -p1 < application-title-matching.patch
$ cd openbox-3.5.0
$ dpkg-source --commit
$ dch -i # Optioneel
$ debuild -S
$ cd ..
$ pbuilder-dist precise build openbox_3.5.0-2ubuntu3~precise0.dsc
$ dpkg -i ~/pbuilder/precise_result/openbox_3.5.0-2ubuntu3~precise0_amd64.deb

Nu kan ik Thunderbird, Firefox en mijn terminals weer plaatsen waar ik wil terwijl mijn Java applicaties (zoals de OpenDJ Control Panel applicatie) ook weer gewoon opstarten.

Openbox en Java