Wildebeest is an ActivityPub and Mastodon-compatible server whose goal is to allow anyone to operate their Fediverse server and identity on their domain without needing to keep infrastructure, with minimal setup and maintenance, and running in minutes.
Wildebeest runs on top Cloudflare's Supercloud, uses Workers and Pages, the D1 database to store metadata and configurations, Zero Trust Access to handle authentication and Images for media handling.
Currently, Wildebeest supports the following features:
- Authentication and automatic profile creation.
- Message signing & notification.
- Inbox and Outbox notes (text, mentions and images), follow, announce (reblog), accept (friend), like.
- Server to server federation.
- Web client for content exploration (read-only).
- Compatibility with other Mastodon clients (Mobile iOS/Android and Web).
Cloudflare will continue to evolve this open-source project with additional features over time and listen to the community feedback to steer our priorities. Pull requests and issues are welcome too.
Wildebeest is a full-stack app running on top of Cloudflare Pages using a Pages Functions. We are of course assuming that you have a Cloudflare account (click here if you don't) and have at least one zone using Cloudflare. If you don't have a zone, you can use Cloudflare Registrar to register new a new domain or transfer an existing one.
Some features, like data persistence, access controls, media storage, are handled by other Cloudflare products:
- D1 for the database.
- Workers KV for object caching.
- Zero Trust Access to handle user authentication and SSO on any identity provider.
- Images for media handling.
Most of our products offer a generous free plan that allows our users to try them for personal or hobby projects that aren’t business-critical. However you need to activate one of the Images plans.
To activate Images, please login into your account, select Images on the left menu, and then select the plan that best fits your needs.
Before we begin, you also need to create an API token in your Cloudflare account. To do that, login into your account, and press the Create Token button under My Profile (top right corner) / API Tokens.
Now press Create Custom Token and add the following permissions:
- D1, account level, edit permission.
- Cloudflare Pages, account level, edit permission.
- Access: Apps and policies, account level, edit permission.
- Access: Organizations, Identity Providers and Groups, account level, read permission.
- Workers KV Storage, account level, edit permission.
- DNS, zone level, edit permission.
- Cloudflare Images, account level, edit permission.
You can limit the token to the specific zone where you will using Wildebeest if you want. Don't set a TTL.
Now Continue to Summary, review your settings, and Create Token. Take note of your token and store it in your password manager, you're going to need it later.
You also need to take note of your Zone and Account IDs. To find them, login into your account and select the zone (domain) where you plan to use Wildebeest. Then, on the Overview page you will the following information:
We're all set now, let's start the installation process.
Wildebeest uses Deploy to Workers to automate the installation process.
Click here to start the installation.
Please pay attention to all the steps involved in the installation process.
- Authorize Workers to use your Github account.
- Enter the Account ID and the API token that you created previously.
- The script will then fork this repo into your personal Github account.
- Enable Github Actions
- Create two secrets (CF_ZONE_ID and CF_DEPLOY_DOMAIN) under the Github Actions settings. See section below for detailed intructions.
The installation script will now build and deploy your project to Cloudflare Pages and a Terraform script to configure the D1, KV, DNS and Access settings automatically for you.
In the installation script above, after you Enable Github Actions, you need to create two secrets under your forked repo Settings / Secrets / Actions. They are:
- CF_ZONE_ID - Use the Zone ID that you got from the requirements above.
- CF_DEPLOY_DOMAIN - The full FQDN domain where you want to deploy your Wildebeest server. Example: social.example.com
This step is critical. If you miss it, your deployment will fail.
If you followed all the steps, you should see a successful Github Actions build.
You can also confirm in the Cloudflare dashboard that the Pages project, DNS entry, KV namespace, D1 database and Access rule were all created and configured.
Almost there, only two last steps missing:
The installation process automatically created a Zero Trust Access application called wildebeest-your-github-user
for you. Now you need to update the policy that defines who can have access to your Wildebeest instance.
Go to https://one.dash.cloudflare.com/access and select your account, then select Access / Applications and Edit the wildebeest-your-github-user
application. Now edit the existing policy on the next screen.
Add an include rule to the policy with the list of Emails that you want to allow and then click Save policy
Open your browser and go to your newly deployed Wildebeest domain https://social.example.com/start-instance
(replace social.example.com with your domain). Fill in the title, administrator Email and description. Press Configure.
Go to https://social.example.com/api/v1/instance
(replace social.example.com with your domain) and double-check your configuration. It should show:
{
"description": "My personal Wildebeest instance (powered by Cloudflare)",
"email": "john@social.example.com",
"title": "my fediverse",
"registrations": false,
"version": "4.0.2",
"rules": [],
"uri": "social.example.com",
"short_description": "I can only show you the door, you're the one that has to walk through it"
}
That's it, you're ready to start using your Wildebeest Mastodon compatible instance.
Wildebeest is Mastodon API compatible, which means that you should be able to use most of the Web, Desktop, and Mobile clients with it. However, this project is a work in progress, and nuances might affect some of their functionality.
This is the list clients that we have been using successfully while developing and testing Wildebeest:
- Pinafore web client (source).
- Mastodon official mobile client for iOS (source) and Android (source).
Wilebeest also provides a read-only web client in your instance URL, where you can explore the timelines (local and federated), posts and profiles. We will continue to improve this web client and eventually add suport to posting content as well.
Since Wildebeest is a Cloudflare app running on Pages, you can seamlessly enable additional Cloudflare services to protect or improve your server.
If you want to receive Email at your @social.example.com domain, you can enable Email Routing for free and take advantage of sophisticated Email forwarding and protection features. Simply log in to your account, select the Wildebeest zone and then click on Email to enable.
Sometimes things go south. The GitHub Actions deployment can fail for some reason, or some configuration changed or was accidentally removed.
If you attempted to deploy Wildebeest in your account and something failed, or you simply want to reinstall everything from scratch again, you need to do manual checkups and cleaning before you start over.
- Go to your zone DNS settings and delete the CNAME record that points to
wildebeest-username.pages.dev
- Go to your account Pages section and delete the
wildebeest-username
project. - Go to your account Workers / KV section and delete the
wildebeest-username-cache
namespace. - Go to your account Workers / D1 and delete the
wildebeest-username
database. - Launch Zero Trust, select your account, go to Access / Applications and delete the
wildebeest-username
application. - Delete your GitHub wildebeest forked repo.
You can now start a clean install.