💾 Archived View for 9til.de › journal › honk.gemini captured on 2023-11-14 at 07:44:59. Gemini links have been rewritten to link to archived content
-=-=-=-=-=-=-
I'm always searching to self-host anything I can. The other day I
stumbled upon Honk via
Honk is a minimal ActivityPub server compatible with Mastodon for a
single user.
I installed it on a small VPS server at ScaleWay which offers small
ARM instances for €2.99/month. So here is the datail on how I did it
if someone wants to setup a honk instance.
DISCLAIMER: My way to setup it is probably not the safest or the
cleanest so don't hesitate to contact me for improvements.
I picked the smallest ARM instances which are plenty enough for such a
service. Chose Debian Buster as the OS, I would have chosen OpenBSD if
it was available but setup seems a bit hard and I wanted something
quick to test.
After the instance has booted, I ran the usuals apt update && apt
upgrade and rebooted the machine.
Honk is written in Go and stores its data in SQLite. We will also need
NGinx to serve it and certbot to have https.
```shell
$ sudo apt install golang sqlite libsqlite-dev nginx\
python-certbot-nginx git mercurial
```
Clone the mercurial honk repository:
```shell
$ hg clone https://humungus.tedunangst.com/r/honk && cd honk && hg pull
```
To compile Honk run a simple make.
We then need to initialize Honk amd create your user:
```shell
$ ./honk init
username: (the username you want)
password: (the password you want)
listenaddr: /var/www/honk.sock
servername: honk.typed-hole.org
```
You can then start Honk:
```shell
$ ./honk
```
Let's put Honk views in /var/www
```shell
$ ln -s /somewhere/honk/views /var/www/honk
```
And add the nginx config for Honk.
```/etc/nginx/sites-enabled/honk
server {
server_name honk.typed-hole.org;
root /var/www/honk;
access_log /var/log/nginx/honk.log;
error_log /var/log/nginx/honk.log;
location / {
proxy_pass http://unix:/var/www/honk.sock:;
proxy_set_header Host $http_host;
}
}
```
In order to have our Honk instance served under https we need to run
certbot.
```shell
$ certbot --nginx
```
which should append the necessary config to
/etc/nginx/sites-enabled/honk. Pretty neat!
Reload nginx with:
```shell
$ service nginx reload
```
Having added the necessary entry in our DNS, you should be able to see
Honk web interface.
In order to auto-start Honk let's add a systemd service:
```/lib/systemd/system/honk.service
[Unit]
Description=Honk
ConditionPathExists=/path/to/honk/honk
After=network.target
[Service]
Type=simple
User=root
Group=root
LimitNOFILE=1024
Restart=on-failure
RestartSec=10
WorkingDirectory=/path/to/honk/
ExecStart=/path/to/honk/honk
# make sure log directory exists and owned by syslog
PermissionsStartOnly=true
ExecStartPre=/bin/touch /var/log/honk.log
ExecStartPre=/bin/chmod 755 /var/log/honk.log
[Install]
WantedBy=multi-user.target
```
Then stop the running honk if any and start the service:
```shell
$ service honk start
```
We need to secure our installation with some firewall rules. UFW is
the uncomplicated firewall.
```shell
$ sudo apt install ufw
$ ufw allow 22 80 443
$ ufw default deny
$ ufw enable
```
Printing the rules should look like:
```shell
$ ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip
To Action From
-- ------ ----
22 ALLOW IN Anywhere
80 ALLOW IN Anywhere
443 ALLOW IN Anywhere
22 (v6) ALLOW IN Anywhere (v6)
80 (v6) ALLOW IN Anywhere (v6)
443 (v6) ALLOW IN Anywhere (v6)
```
That's about it, you should have a working Honk setup :)
I find Honk really nice so far, the web interface is really usable and
works on mobile too. Just beware of your disk space if you follow
image heavy accounts as all of these will be cached. It uses less than
200MB of RAM which is super light compared to the others.
Next I'd like to create a Gemini interface, that could be nice.
You can follow my account here
If I made any mistakes or you have comments, don't hesitate to contact
me julien@typed-hole.org I'll hapilly fix them or help if I can.
Happy honking!
---
Served by Pollux Gemini Server.