Running an instance¶
Some notes on running a production instance.
Django admin¶
The normal Django admin can be found at /admin
.
Executing the Django shell¶
Assuming included installation instructions were used, do the following:
sudo su - socialhome
workon socialhome
cd socialhome
python manage.py shell_plus
Confirming user emails via the shell¶
You can manually confirm user emails via the shell by running the following:
from allauth.account.models import EmailAddress
EmailAddress.objects.filter(email=<email>).update(verified=True)
This will allow the user to log in without clicking the confirmation email link.
Admin user¶
To make a user an admin, log in to the shell and execute the following to set the user as superuser:
from socialhome.users.models import User
User.objects.filter(username=<username>).update(is_staff=True, is_superuser=True)
Backups¶
Three places should be backed up from the Socialhome instance to ensure recovery in the event of a disaster.
The database
Local settings in
.env
(assuming you are using this way to configure the application)The path
socialhome/media/
which contains for example image uploadsThe Redis database (example instructions)
Give your instance some visibility¶
If you want some public visibility to your instance, consider registering it at some lists that track nodes in “The Federation”. Here are a few:
Why not also contribute to the numbers of the federated social web? Turn on SOCIALHOME_SILKY to expose some activity counts.
Log files¶
There are two main logs where Socialhome sends information during runtime.
Circus process log
Rotated log files in
/var/log/upstart/socialhome-circus.log
. The location will differ if not using an Upstart based system.This log contains the output of all the processes required to run Socialhome, if using the recommended way of running Socialhome using Circus. Any errors for example when starting uWSGI or the worker processes will be found here.
Application log
See SOCIALHOME_LOG_TARGET configuration value. This log contains logging entries from the application itself. Useful for debugging federation issues or other problems with the actual code.
Deleting users and locking remote profiles¶
To delete users and their content, a Django management command has been provided. This command can also be used to delete local content of remote profiles and optionally lock the profile so any new content is rejected. This makes it possible to lock out spam accounts for example. For locally created content, an automatic retraction will be sent to remotes.
NOTE! Any deletion is permanent. There is no possibility to get the data back, except by restoring database and uploaded file backups. Be sure before using the command and be extra sure about the UUID’s passed in!
To delete a local user, run the command as follows:
python manage.py delete_users_and_profiles --users <uuid>
To delete a remote profile, run the command as follows:
python manage.py delete_users_and_profiles --profiles <uuid>
To only delete remote profile content and then lock the profile, run as follows:
python manage.py delete_users_and_profiles --profiles <uuid> --lock-remote-profiles
Multiple uuid
’s can be passed in by separating them with commas. A confirmation dialog is produced for each user or profile to be deleted.
Policy documents¶
Terms of Service and Privacy policy documents are good to have. These tell people visiting your site what rules you operate with. Socialhome provides default templates you can activate with a few clicks.
To review and enable the policy documents, log in as admin and access the admin pages through the navigation bar cogs menu. Scroll down and locate “Policy documents”. There are two types of documents, the Terms of Service and Privacy Policy. Each one can be edited in draft mode and then published. Further updates in draft mode will not overwrite the last published version, until published.
To publish the documents, open them, review the text and then change the status below the document to “published”. Click Save - this version is now published. To edit in draft mode, switch the status back and the current edited revision will not show to users. You can also send email updates to users from the policy documents list. Select the policy documents you wish the send an email about, choose “Send email” from the actions list and confirm.
Published policy documents are shown to both authenticated and unauthenticated users via the navigation bar cogs menu.
Matrix protocol support¶
Note! Extremely alpha, work on progress, non-functional
After getting excited about Cerulean, work has started to integrate the Matrix protocol into Socialhome. While for Diaspora and ActivityPub protocols, Socialhome is fully in server mode, for Matrix we will be taking a different route. Making Socialhome into a full homeserver would be overkill to integrate Socialhome with the Matrix network, so instead Socialhome will become a multi-person client towards other Matrix servers.
To run Socialhome with Matrix support, you will need to also run a Dendrite server. This should be a dedicated instance for Socialhome alone as it will be tightly integrated. NOTE! Currently only Denrite v0.3.11 has been properly tested against.
When setting up the Dendrite server currently the following assumptions are made:
the server name is the domain of the Socialhome instance (for example
domain.tld
)the homeserver is reachable via
matrix.domain.tld
port 443. Socialhome will handle the well-known delegation for you.
Once you have this Dendrite running, you can set SOCIALHOME_MATRIX_ENABLED
to true
.
Current functionality:
Client and server well-known files are automatically generated.
Register local users on the configured Matrix server.
Post local user public posts into Matrix side to their profile timeline rooms and to each hashtag room.
Configuration¶
Configuration mainly happens through environment variables. Those are passed to Django via the file .env
in the repository root. The following items of note can be changed.
After making changes to this file, don’t forget to reload the app with sudo service socialhome restart
.
ACCOUNT_SIGNUP_REQUIRE_ADMIN_APPROVAL¶
Default: False
If set to true, new signups will require admin approval. An email notification is sent to
the email designated in SOCIALHOME_CONTACT_EMAIL
. Once an admin approves the new user,
an email is sent to the user that they may start using their account.
DATABASE_URL¶
Default: postgres:///socialhome
This must be set to a proper database URL, for example postgres://socialhome:DATABASEPASSWORDHERE@127.0.0.1:5432/socialhome
.
DJANGO_ACCOUNT_ALLOW_REGISTRATION¶
Default: True
Set this to False
if you want to disable signups.
DJANGO_ALLOWED_HOSTS¶
Default: socialhome.local
Domain that is used for this instance. Must be set to the right domain. Note, it’s not a good idea to use a sub-domain wildcard for www, ie .
as per Django docs. Federated sites work better with only one absolute domain.
DJANGO_EMAIL_BACKEND¶
Default: django.core.mail.backends.console.EmailBackend
Must be set to some real email backend if you wish to send emails. See docs for backend options and additional configuration help.
The possible other email related additional settings are as follows. Please see Django documentation link above for details.
DJANGO_EMAIL_HOST
(defaultlocalhost
)DJANGO_EMAIL_PORT
(default587
)DJANGO_EMAIL_HOST_USER
(default ‘’)DJANGO_EMAIL_HOST_PASSWORD
(default ‘’)DJANGO_EMAIL_USE_TLS
(defaultTrue
)DJANGO_EMAIL_USE_SSL
(defaultFalse
)DJANGO_EMAIL_TIMEOUT
(default ‘’)DJANGO_EMAIL_SSL_KEYFILE
(default ‘’)DJANGO_EMAIL_SSL_CERTFILE
(default ‘’)DJANGO_EMAIL_SUBJECT_PREFIX
(default[Socialhome]
)DJANGO_DEFAULT_FROM_EMAIL
(defaultnoreply@socialhome.local
)DJANGO_SERVER_EMAIL
(defaults toDJANGO_DEFAULT_FROM_EMAIL
value)
Note, email is required for signing up. Users will not be able to sign up if the instance does not have working email sending.
DJANGO_SECRET_KEY¶
Default: ‘’
Must be set to a long secret string. Don’t expose it to anyone. See docs
DJANGO_SECURE_CONTENT_TYPE_NOSNIFF¶
Default: True
See docs.
DJANGO_SECURE_FRAME_DENY¶
Default: True
See docs.
DJANGO_SECURE_HSTS_INCLUDE_SUBDOMAINS¶
Default: True
See docs.
DJANGO_SECURE_SSL_REDIRECT¶
Default: True
Redirect all requests to HTTPS. See docs.
DJANGO_TIMEZONE¶
Default: UTC
FEDERATION_USER¶
If set to a valid local user name, that user’s private key will be used to sign federation get requests.
REDIS_DB¶
Default: 0
REDIS_HOST¶
Default: localhost
REDIS_PASSWORD¶
Default: ‘’
REDIS_PORT¶
Default: 6379
SENTRY_DSN¶
Default: None
Setting a Sentry project DSN will make all error level exceptions be raised to Sentry. To change the level, see below.
SENTRY_LEVEL¶
Default: ERROR
Logging level used for Sentry reporting (see above). Possible options: DEBUG
, INFO
, WARNING
, ERROR
.
SOCIALHOME_ADDITIONAL_APPS¶
Default:
None
Allows to plug in additional third-party apps, string with comma-separated values, for example
django.contrib.gis,myapp
.