minor README improvements · vicwalker.dev.br/pds-mirror@27a648d

vicwalker.dev.br / pds-mirror

fork atom

Mirror from bluesky-social/pds

fork atom

minor README improvements

Jake Gold 2 years ago 27a648db 30d03d06

+13 -14

1 changed file

expand all

README.md

+13 -14

README.md

··· 27 27 28 28 ### Launch your server 29 29 30 - Launch a server on any cloud provider, for example [Digital Ocean](https://digitalocean.com/) and [Vultr](https://vultr.com/) are two popular choices. 31 - 30 + Launch a server on any cloud provider, [Digital Ocean](https://digitalocean.com/) and [Vultr](https://vultr.com/) are two popular choices. 32 31 33 - **Requirements** 34 - * Public internet access 32 + **Server Requirements** 35 33 * Public IPv4 address 36 - * Public access on ports 80/tcp and 443/tcp 34 + * Public DNS name 35 + * Public internet access permitted on port 80/tcp and 443/tcp 37 36 38 - **Recommendations** 37 + **Server Recommendations** 39 38 | | | 40 39 | ---------------- | ---------------- | 41 40 | Operating System | Ubuntu 22.04 LTS | ··· 46 45 47 46 ### Install your server 48 47 49 - Install your Ubuntu 22.04 server, and then ensure that you can ssh to it. It is recommended that you only allow port 22 (ssh) traffic from your own public IP address. You can check your current public IP address using [ifconfig.me](https://ifconfig.me/). 48 + Install your Ubuntu 22.04 server, and then ensure that you can ssh to it. 49 + 50 + **NOTE:** It is a good security practice to restrict inbound ssh access (port 22/tcp) to your own computer's public IP address. You can check your current public IP address using [ifconfig.me](https://ifconfig.me/). 50 51 51 52 ### Open your firewall 52 53 53 54 One of the most common sources of misconfiguration is not opening firewall ports correctly. Please be sure to double check this step. 54 55 55 - It may be helpful to use a remote [port scanning](https://dnschecker.org/port-scanner.php) service to verify that access is permitted. 56 + It may be helpful to use a remote [port scanning](https://dnschecker.org/port-scanner.php) service to verify that access is permitted. Once your server is fully configured, this service should display the ports as open. 56 57 57 - #### Open ports on your cloud and local firewalls 58 + #### Open ports on your cloud provider's firewall 58 59 59 60 In your cloud provider's console, the following ports should be open to access from the public internet. 60 61 61 62 * 80/tcp (Used only for TLS certification verification) 62 63 * 443/tcp (Used for all application requests) 63 64 64 - #### Open ports using ufw 65 + #### Open ports on your Linux firewall 65 66 66 - If your VM is running a Linux firewall managed with `ufw`, you will also need to open these same ports on your VM itself. 67 + If your server is running a Linux firewall managed with `ufw`, you will also need to open these same ports on the server itself. 67 68 68 69 ```bash 69 70 $ sudo ufw allow 80/tcp ··· 141 142 curl https://raw.githubusercontent.com/bluesky-social/pds/main/sqlite-compose.yaml >compose.yaml 142 143 ``` 143 144 144 - Download the `postgres-compose.yaml` to run your PDS with a remote PostgreSQL database. 145 + Or, download the `postgres-compose.yaml` to run your PDS with a remote PostgreSQL database. 145 146 146 147 ```bash 147 148 curl https://raw.githubusercontent.com/bluesky-social/pds/main/postgres-compose.yaml >compose.yaml ··· 191 192 1. Download the Bluesky app 192 193 1. Enter the URL of your PDS (e.g. `https://example.com/`) 193 194 1. Create an account 194 - 195 -