# Mastodon full-text search

Tags: linux debian elasticsearch mastodon

Reading time: 2 minutes

Description: A short writeup on the elasticsearch setup for full-text search in a self-hosted mastodon instance on debian

# Setting up Elasticsearch

1
2
3
4


apt install openjdk-17-jre-headless
wget -O /usr/share/keyrings/elasticsearch.asc https://artifacts.elastic.co/GPG-KEY-elasticsearch
echo "deb [signed-by=/usr/share/keyrings/elasticsearch.asc] https://artifacts.elastic.co/packages/7.x/apt stable main" > /etc/apt/sources.list.d/elastic-7.x.list
apt update && apt install elasticsearch

## Limiting the jvm heap size

create a file /etc/elasticsearch/jvm.options.d/heaplimit.options with the following contents

1
2


-Xms4g
-Xmx4g

## Security

add the following to /etc/elasticsearch/elasticsearch.yml

1
2


xpack.security.enabled: true
discovery.type: single-node

## Starting the daemon

1
2


systemctl daemon-reload
systemctl enable --now elasticsearch

## User and Role setup

generate passwords for the default users, keep the output somewhere safe

1

/usr/share/elasticsearch/bin/elasticsearch-setup-passwords auto

add a new role with read, monitor, write and manage access for mastodon

1
2
3
4
5
6
7
8
9


curl -X POST -u elastic:yourelasticuserpasswordfromthecommandabove "localhost:9200/_security/role/mastodon_full_access?pretty" -H 'Content-Type: application/json' -d'
{
  "cluster": ["monitor"],
  "indices": [{
    "names": ["*"],
    "privileges": ["read", "monitor", "write", "manage"]
  }]
}
'

add a new user for mastodon and assign them the new role

1
2
3
4
5
6


curl -X POST -u elastic:yourelasticuserpasswordfromthecommandabove "localhost:9200/_security/user/mastodon?pretty" -H 'Content-Type: application/json' -d'
{
  "password" : "anewsupersafepasswordfortheuser",
  "roles" : ["mastodon_full_access"]
}
'

# Configuring Mastodon

add the following to the .env.production, replace the ES_PASS part with the password from the new user

1
2
3
4
5
6


ES_ENABLED=true
ES_HOST=localhost
ES_PORT=9200
ES_PRESET=single_node_cluster
ES_USER=mastodon
ES_PASS=anewsupersafepasswordfortheuser

restart mastodon-sidekiq and reload mastodon-web

1
2


systemctl restart mastodon-sidekiq
systemctl reload mastodon-web

# Create indices and start indexing

execute the following in the live directory as the mastodon user

1

RAILS_ENV=production bin/tootctl search deploy