tranquil.farm / tranquil-pds
Our Personal Data Server from scratch! tranquil.farm
oauth atproto pds rust postgresql objectstorage fun
fork atom
Rust 72.6%
Svelte 13.6%
TypeScript 9.8%
CSS 0.7%
Nix 0.5%
Shell 0.5%
HTML 0.5%
Just 0.1%
Dockerfile 0.1%
JavaScript 0.1%
Other 1.8%
202 1 0

Clone this repository

https://tangled.org/tranquil.farm/tranquil-pds https://tangled.org/did:web:tranquil.tranquil.farm/tranquil-pds
git@tangled.org:tranquil.farm/tranquil-pds git@tangled.org:did:web:tranquil.tranquil.farm/tranquil-pds

For self-hosted knots, clone URLs may differ based on your setup.

Download tar.gz
README.md

Tranquil PDS#

A Personal Data Server for the AT Protocol.

Bluesky runs on a federated protocol called AT Protocol. Your account lives on a PDS, a server that stores your posts, profile, follows, and cryptographic keys. Bluesky hosts one for you at bsky.social, but you can run your own. Self-hosting means you control your data; you're not dependent on any company's servers, and your account + data is actually yours.

This particular PDS thrives under harsh conditions. It is a dandelion growing through the cracks in the sidewalk concrete.

It has full compatibility with Bluesky's reference PDS.

What's different about Tranquil PDS#

It is a superset of the reference PDS, including: passkeys and 2FA (WebAuthn/FIDO2, TOTP, backup codes, trusted devices), SSO login and signup, did:web support (PDS-hosted subdomains or bring-your-own), multi-channel communication (email, discord, telegram, signal) for verification and alerts, granular OAuth scopes with a consent UI showing human-readable descriptions, app passwords with granular permissions (read-only, post-only, or custom scopes), account delegation (letting others manage an account with configurable permission levels), and a built-in web UI for account management, repo browsing, and admin.

The PDS itself is a single binary with no nodeJS runtime. However, at time of writing, Tranquil requires postgres running separately. Blobs are stored on the local filesystem by default (S3 optional). Valkey is also optional (as an alternative to the built-in cache).

Quick Start#

cp example.toml config.toml
podman compose up db -d
just run

Configuration#

See example.toml for all configuration options.

NOTE

The order of configuration precedence is: environment variables, then a config file passed via --config, then /etc/tranquil-pds/config.toml, then the built-in defaults. So you can use environment variables, or a config file, or both.

Development#

Run just to see available commands.

just test
just lint

Production Deployment#

Quick Deploy (Docker/Podman Compose)#

Edit config.toml with your values. Generate secrets with openssl rand -base64 48.

cp example.toml config.toml
podman-compose -f docker-compose.prod.yaml up -d

Installation Guides#

Maintainers to ping#

Thanks#

This project is very grateful to @nonbinary.computer, @juli.ee, @mary.my.id, and @baileytownsend.dev for their help and their code to lean on.

License#

AGPL-3.0-or-later. Documentation is CC BY-SA 4.0. See LICENSE for details.