this repo has no description
lewis.moe
1# Tranquil PDS
2
3A Personal Data Server for the AT Protocol.
4
5Bluesky runs on a federated protocol called AT Protocol. Your account lives on a PDS, a server that stores your posts, profile, follows, and cryptographic keys. Bluesky hosts one for you at bsky.social, but you can run your own. Self-hosting means you control your data; you're not dependent on any company's servers, and your account + data is actually yours.
6
7This particular PDS thrives under harsh conditions. It is a dandelion growing through the cracks in the sidewalk concrete.
8
9It has full compatibility with Bluesky's reference PDS: same endpoints, same behavior, same client compatibility. Everything works: repo operations, blob storage, firehose, OAuth, handle resolution, account migration, the lot.
10
11Another excellent PDS is [Cocoon](https://tangled.org/hailey.at/cocoon), written in go.
12
13## What's different about Tranquil PDS
14
15It is a superset of the reference PDS, including: passkeys and 2FA (WebAuthn/FIDO2, TOTP, backup codes, trusted devices), did:web support (PDS-hosted subdomains or bring-your-own), multi-channel communication (email, discord, telegram, signal) for verification and alerts, granular OAuth scopes with a consent UI showing human-readable descriptions, app passwords with granular permissions (read-only, post-only, or custom scopes), account delegation (letting others manage an account with configurable permission levels), automatic backups to s3-compatible object storage (configurable retention and frequency, one-click restore), and a built-in web UI for account management, OAuth consent, repo browsing, and admin.
16
17The PDS itself is a single small binary with no node/npm runtime. It does require postgres, valkey, and s3-compatible storage, which makes setup heavier than the reference PDS's sqlite. The tradeoff is that these are battle-tested pieces of infra that we already know how to scale, back up, and monitor.
18
19## Quick Start
20
21```bash
22cp .env.example .env
23podman compose up -d
24just run
25```
26
27## Configuration
28
29See `.env.example` for all configuration options.
30
31## Development
32
33Run `just` to see available commands.
34
35```bash
36just test
37just lint
38```
39
40## Production Deployment
41
42### Quick Deploy (Docker/Podman Compose)
43
44Edit `.env.prod` with your values. Generate secrets with `openssl rand -base64 48`.
45
46```bash
47cp .env.prod.example .env.prod
48podman-compose -f docker-compose.prod.yml up -d
49```
50
51### Installation Guides
52
53| Guide | Best For |
54|-------|----------|
55| [Debian](docs/install-debian.md) | Debian 13+ with systemd |
56| [Alpine](docs/install-alpine.md) | Alpine 3.23+ with OpenRC |
57| [OpenBSD](docs/install-openbsd.md) | OpenBSD 7.8+ with rc.d |
58| [Containers](docs/install-containers.md) | Podman with quadlets or OpenRC |
59| [Kubernetes](docs/install-kubernetes.md) | You know what you're doing |
60
61## Thanks
62
63This project is very grateful to [@nel.pet](https://bsky.app/profile/did:plc:h5wsnqetncv6lu2weom35lg2), [@nonbinary.computer](https://bsky.app/profile/did:plc:yfvwmnlztr4dwkb7hwz55r2g), [@juli.ee](https://bsky.app/profile/did:plc:7vimlesenouvuaqvle42yhvo), [@mary.my.id](https://bsky.app/profile/did:plc:ia76kvnndjutgedggx2ibrem), and [@baileytownsend.dev](https://bsky.app/profile/did:plc:rnpkyqnmsw4ipey6eotbdnnf) for their help and their code to lean on.
64
65## License
66
67AGPL-3.0-or-later. Documentation is CC BY-SA 4.0. See [LICENSE](LICENSE) for details.
68