As one often does, I needed a domain and it's a nod to Bring Your Own Server pattern I've been tracking.
This is currently on a KVM-1 at Hostinger in a German data center.
Personal Data Server
The main thing that this machine does is run a PDS
Updates
- Nov 15th, 2024: Installed the server on Hostinger
- Dec 31st, 2024: Migrating accounts to my own PDS (no actual changes to the server)
- Jan 1st, 2025: Installed Tailscale as an exit node, setup Taildrive for file sharing
- TO DO: Twitter Archive to your own Bluesky AT Protocol
Installing on Hostinger
This ended up being so simple I didn't really take notes. The Bluesky PDS has a one-liner install:
wget https://raw.githubusercontent.com/bluesky-social/pds/main/installer.sh
The DNS was already on Cloudflare, so added the wildcard there. Here's my post right after I did it, from my newly created account:
I installed my own PDS on a new KVM-1 from Hostinger. I had to comment out the OS version check in the installer (Ubuntu 22.04.1 messed it up). DNS on Cloudflare. Domain from Spaceship. Took like 15min total. This is easy!
— Boris (@boris.bringyourown.computer) November 15, 2024 at 6:43 PM
I took screenshots of new account creation via invite code and Bluesky Client:
Huh. So you can, like, just create your own PDS. And invite codes. And make new accounts.
— BringYourOwn.Computer (@computer.bringyourown.computer) November 15, 2024 at 7:01 PM
[image or embed]
The one thing that isn't setup is email. This is the syntax from the docs, in the `/pds/pds.env:
PDS_EMAIL_SMTP_URL=smtps://resend:<your api key here>@smtp.resend.com:465/
PDS_EMAIL_FROM_ADDRESS=admin@your.domain
I have a Mailgun account that I use for everything that I initially
Email with Mailgun
I opened a github issue and ultimately solved my own problem. URLencode the username, so %40 instead of an @ sign. I also reset the password to be a simpler one without any special characters.
PDS_EMAIL_SMTP_URL=smtps://username%40mail.example.com:(a password without special characters)@smtp.eu.mailgun.org:465/
PDS_EMAIL_FROM_ADDRESS=username@mail.example.com
Works!
Installing Tailscale
Following the install on ubuntu steps Then, ran
tailscale up --advertise-exit-node
The idea being, can use this VPS to route traffic out of, and potentially host other things at home or office.
Got this note:
Warning: IPv6 forwarding is disabled.
Subnet routes and exit nodes may not work correctly.
See https://tailscale.com/s/ip-forwarding
Warning: UDP GRO forwarding is suboptimally configured on eth0, UDP forwarding throughput capability will increase with a configuration change.
See https://tailscale.com/s/ethtool-config-udp-gro
Ran the steps at the listed url.
Also, want to backup PDS repo content using Taildrive.
Taildrive Setup
I went ahead and used the give everyone access policy settings with nodeAttr. That let me run this on the PDS, to share the entire PDS directory:
tailscale drive share pds /pds
Then, for MacOS, turn on the File Sharing GUI options:
defaults write /Users/$(whoami)/Library/Preferences/io.tailscale.ipn.macsys.plist FileSharingConfiguration show
Going to the Tailscale menu bar item and selecting settings, there is now a "Files" tab:
To access shared folders on the Mac, you connect to the Taildrive server with the Mac Finder's built in WebDAV support.
macOS will connect to the Taildrive WebDAV server and show a Finder window with your tailnet name as a folder. Inside that folder, Taildrive will load a folder for each device in your tailnet, and any shares that are active on the devices will appear within those folders.
This all worked, but unfortunately, no "pds" folder in here! OK, well I made altariapdsbackup as a local Mac folder.
Let's see about connecting from the other end, from the Ubuntu PDS server.
Going to need to install WebDAV support: apt-get install davfs2
Then run the mount command:
mount -t davfs http://100.100.100.100:8080 /mount/tailscale
Cool, it worked, I can browse to it, and yup, my Tailnet name bmann.ca is in there as a folder. Which is, unfortunately, empty.
OK, fine, I'll go back to actually reading the policies section again. Pasted in some more policy language, hit save, and yup! All my devices are visible, with the pds folder shared.
I'll open up the blocks folder so we can see the blobs that are the images posted to my account:
Of course, the PDS software can display blobs, so I'll just use it to embed an image directly 😂