Skip to content

jimhawkridge/wildebeest

 
 

Repository files navigation

Wildebeest

Wildebeest is an ActivityPub and Mastodon-compatible server whose goal is to allow anyone to operate their Fediverse server and identity on their domain without needing to keep infrastructure, with minimal setup and maintenance, and running in minutes.

Wildebeest runs on top Cloudflare's Supercloud, uses Workers and Pages, the D1 database to store metadata and configurations, Zero Trust Access to handle authentication and Images for media handling.

Currently, Wildebeest supports the following features:

  • Authentication and automatic profile creation.
  • Message signing & notification.
  • Inbox and Outbox notes (text, mentions and images), follow, announce (reblog), accept (friend), like.
  • Server to server federation.
  • Web client for content exploration (read-only).
  • Compatibility with other Mastodon clients (Mobile iOS/Android and Web).

Cloudflare will continue to evolve this open-source project with additional features over time and listen to the community feedback to steer our priorities. Pull requests and issues are welcome too.

Requirements

Wildebeest is a full-stack app running on top of Cloudflare Pages using Pages Functions. We are of course assuming that you have a Cloudflare account (click here if you don't) and have at least one zone using Cloudflare. If you don't have a zone, you can use Cloudflare Registrar to register new a new domain or transfer an existing one.

Some features, like data persistence, access controls, media storage, are handled by other Cloudflare products:

Most of our products offer a generous free plan that allows our users to try them for personal or hobby projects that aren’t business-critical. However the Images one doesn't have a free tier, so for setting up your instance you need to activate one of the paid Images plans.

Images plan

To activate Images, please login into your account, select Images on the left menu, and then select the plan that best fits your needs.

images subscription

API token

Before we begin, you also need to create an API token in your Cloudflare account. To do that, login into your account, and press the Create Token button under My Profile (top right corner) / API Tokens.

create token

Now press Create Custom Token and add the following permissions:

  • D1, account level, edit permission.
  • Cloudflare Pages, account level, edit permission.
  • Access: Apps and policies, account level, edit permission.
  • Access: Organizations, Identity Providers and Groups, account level, read permission.
  • Workers KV Storage, account level, edit permission.
  • DNS, zone level, edit permission.
  • Cloudflare Images, account level, edit permission.

token permissions

You can limit the token to the specific zone where you will using Wildebeest if you want. Don't set a TTL.

Now Continue to Summary, review your settings, and Create Token. Take note of your token and store it in your password manager, you're going to need it later.

Zone and Account IDs

You also need to take note of your Zone and Account IDs. To find them, login into your account and select the zone (domain) where you plan to use Wildebeest. Then, on the Overview page you will the following information:

zone and account IDs

We're all set now, let's start the installation process.

Getting started

Wildebeest uses Deploy to Workers to automate the installation process.

Click here to start the installation.

Install Wildebeest

Please pay attention to all the steps involved in the installation process.

  • Authorize Workers to use your Github account.
  • Enter your Account ID (from the previous section) and the API token that you created previously.
  • Fork the repository into your personal Github account.
  • Enable Github Actions.
  • Open a new tab to https://github.com/your-username/wildebeest and create two secrets (CF_ZONE_ID and CF_DEPLOY_DOMAIN) under your Github Repository Actions settings. See section below for detailed instructions.
  • Deploy.

The installation script will now build and deploy your project to Cloudflare Pages and will run a Terraform script to configure the D1, KV, DNS, Images and Access settings automatically for you.

deploy to workers

Github Actions secrets

In the installation script above, after you Enable Github Actions, you need to create two secrets under your forked repo, by going to Settings / Secrets / Actions and clicking on the New repository secret button. They are:

  • CF_ZONE_ID - Use the Zone ID that you got from the requirements above.
  • CF_DEPLOY_DOMAIN - The full FQDN domain where you want to deploy your Wildebeest server. Example: social.example.com

This step is critical. If you miss it, your deployment will fail.

github actions secrets

Finish installation

If you followed all the steps, you should see a successful Github Actions build.

github actions secrets

You can also confirm in the Cloudflare dashboard that the Pages project, DNS entry, KV namespace, D1 database and Access rule were all created and configured.

Almost there, only two last steps missing:

Configure the access rule

The installation process automatically created a Zero Trust Access application called wildebeest-your-github-user for you. Now you need to update the policy that defines who can have access to your Wildebeest instance.

Go to https://one.dash.cloudflare.com/access and select your account, then select Access / Applications and Edit the wildebeest-your-github-user application. Now edit the existing policy on the next screen.

access applications

Add an include rule to the policy with the list of Emails that you want to allow and then click Save policy

access policy

Configure your server

Open your browser and go to your newly deployed Wildebeest domain https://social.example.com/start-instance (replace social.example.com with your domain). Fill in the title, administrator Email and description. Press Configure.

configuration screen

Go to https://social.example.com/api/v1/instance (replace social.example.com with your domain) and double-check your configuration. It should show:

{
	"description": "My personal Wildebeest instance (powered by Cloudflare)",
	"email": "john@social.example.com",
	"title": "my fediverse",
	"registrations": false,
	"version": "4.0.2",
	"rules": [],
	"uri": "social.example.com",
	"short_description": "I can only show you the door, you're the one that has to walk through it"
}

That's it, you're ready to start using your Wildebeest Mastodon compatible instance.

Supported clients

Wildebeest is Mastodon API compatible, which means that you should be able to use most of the Web, Desktop, and Mobile clients with it. However, this project is a work in progress, and nuances might affect some of their functionality.

This is the list clients that we have been using successfully while developing and testing Wildebeest:

Wildebeest also provides a read-only web client in your instance URL, where you can explore the timelines (local and federated), posts and profiles. Please use the existing Mastodon clients to post and manage your account.

Additional Cloudflare services

Since Wildebeest is a Cloudflare app running on Pages, you can seamlessly enable additional Cloudflare services to protect or improve your server.

Email Routing

If you want to receive Email at your @social.example.com domain, you can enable Email Routing for free and take advantage of sophisticated Email forwarding and protection features. Simply log in to your account, select the Wildebeest zone and then click on Email to enable.

Troubleshooting

Sometimes things go south. The GitHub Actions deployment can fail for some reason, or some configuration changed or was accidentally removed.

Starting over

If you attempted to deploy Wildebeest in your account and something failed, or you simply want to reinstall everything from scratch again, you need to do manual checkups and cleaning before you start over.

  • Go to your zone DNS settings and delete the CNAME record that points to wildebeest-username.pages.dev
  • Go to your account Pages section and delete the wildebeest-username project.
  • Go to your account Workers / KV section and delete the wildebeest-username-cache namespace.
  • Go to your account Workers / D1 and delete the wildebeest-username database.
  • Launch Zero Trust, select your account, go to Access / Applications and delete the wildebeest-username application.
  • Delete your GitHub wildebeest forked repo.

You can now start a clean install.

About

No description, website, or topics provided.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • TypeScript 98.2%
  • Other 1.8%