FreeBSD + nginx + Redis + Monit 前提
- 旧 pub-relay を置き換え
- Mastodon / Misskey の デフォルトハッシュタグ同期用リレー
- 「立てたら基本放置」できる安定構成
[Mastodon / Misskey]
↓ HTTPS (POST /inbox)
[nginx]
↓ HTTP (127.0.0.1:8080)
[Activity-Relay server]
↓ Redis
[Activity-Relay worker]
- 外形監視:nginx access_log(長期保存)
- 内部ログ:Activity-Relay は直近のみ保存
- プロセス監視:Monit
pkg install -y go git redis nginx monitsysrc redis_enable=YES
service redis startgit clone https://github.com/yukimochi/Activity-Relay.git
cd Activity-Relay
go build -o relay .
install -m 0755 relay /usr/local/sbin/relayACTOR_PEM: /usr/local/etc/relay/actor.pem
REDIS_URL: redis://127.0.0.1:6379
RELAY_BIND: 127.0.0.1:8080
RELAY_DOMAIN: relay2.shrieker.net
RELAY_SERVICENAME: Shrieker Relay Service 2
# Relay actor metadata (ActivityPub)
RELAY_ICON: https://relay2.shrieker.net/icon.svg
RELAY_IMAGE: https://relay2.shrieker.net/image.svg
JOB_CONCURRENCY: 50/usr/local/etc/relay/icon.svg
/usr/local/etc/relay/image.svg
location = /icon.svg {
alias /usr/local/etc/relay/icon.svg;
add_header Content-Type image/svg+xml;
}
location = /image.svg {
alias /usr/local/etc/relay/image.svg;
add_header Content-Type image/svg+xml;
}/usr/local/etc/rc.d/activity_relay_server
#!/bin/sh
# PROVIDE: activity_relay_server
# REQUIRE: LOGIN redis
# KEYWORD: shutdown
. /etc/rc.subr
name="activity_relay_server"
rcvar="${name}_enable"
command="/usr/sbin/daemon"
pidfile="/var/run/${name}.pid"
procname="/usr/local/sbin/relay"
: ${activity_relay_server_config:="/usr/local/etc/relay/config.yaml"}
: ${activity_relay_server_log:="/var/log/activity-relay-server.log"}
command_args="-p ${pidfile} -t ${name} -o ${activity_relay_server_log} \
${procname} --config ${activity_relay_server_config} server"
load_rc_config "${name}"
: ${activity_relay_server_enable:="NO"}
run_rc_command "$1"/usr/local/etc/rc.d/activity_relay_worker
#!/bin/sh
# PROVIDE: activity_relay_worker
# REQUIRE: LOGIN redis
# KEYWORD: shutdown
. /etc/rc.subr
name="activity_relay_worker"
rcvar="${name}_enable"
command="/usr/sbin/daemon"
pidfile="/var/run/${name}.pid"
procname="/usr/local/sbin/relay"
: ${activity_relay_worker_config:="/usr/local/etc/relay/config.yaml"}
: ${activity_relay_worker_log:="/var/log/activity-relay-worker.log"}
command_args="-p ${pidfile} -t ${name} -o ${activity_relay_worker_log} \
${procname} --config ${activity_relay_worker_config} worker"
load_rc_config "${name}"
: ${activity_relay_worker_enable:="NO"}
run_rc_command "$1"chmod 0555 /usr/local/etc/rc.d/activity_relay_server /usr/local/etc/rc.d/activity_relay_worker
sysrc activity_relay_server_enable=YES
sysrc activity_relay_worker_enable=YESservice activity_relay_server start
service activity_relay_worker start普段使うのは:
service activity_relay_server restart
service activity_relay_worker restartserver {
listen 443 ssl http2;
server_name relay2.shrieker.net;
location / {
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_read_timeout 120s;
proxy_send_timeout 120s;
}
}- nginx access_log:長期保存
- relay 側ログ:直近調査用のみ
/var/log/activity-relay-server.log 640 3 200 * Z
/var/log/activity-relay-worker.log 640 3 200 * Z
check process activity_relay_server
with pidfile /var/run/activity_relay_server.pid
start program = "/usr/sbin/service activity_relay_server start"
stop program = "/usr/sbin/service activity_relay_server stop"
if failed port 8080 protocol http
request /
with timeout 10 seconds
then restart
if 5 restarts within 5 cycles then timeout
check process activity_relay_worker
with pidfile /var/run/activity_relay_worker.pid
start program = "/usr/sbin/service activity_relay_worker start"
stop program = "/usr/sbin/service activity_relay_worker stop"
if does not exist then restart
if 5 restarts within 5 cycles then timeout
- nginx access_log に
/inboxPOST → 202 - relay server / worker が常駐
- Monit status が OK
- Mastodon / Misskey 側で relay subscribe
- デフォルトハッシュタグに外部投稿が流れる
- pub-relay 互換用途として 完全に置換完了
- rc.d / newsyslog / nginx / Monit を含む確定手順
- 立てたら放置できるリレー