GitHub - cloudflare/wildebeest: Wildebeest is an ActivityPub and Mastodon-compatible server

Wildebeest is an ActivityPub and Mastodon-compatible server whose goal is to allow anyone to operate their Fediverse server and identity on their domain without needing to keep infrastructure, with minimal setup and maintenance, and running in minutes.

Wildebeest runs on top Cloudflare's Supercloud, uses Workers and Pages, the D1 database to store metadata and configurations, Zero Trust Access to handle authentication and Images for media handling.

Currently, Wildebeest supports the following features:

• Authentication and automatic profile creation.
• Message signing & notification.
• Inbox and Outbox notes (text, mentions and images), follow, announce (reblog), accept (friend), like.
• Server to server federation.
• Web client for content exploration (read-only).
• Compatibility with other Mastodon clients (Mobile iOS/Android and Web).

Cloudflare will continue to evolve this open-source project with additional features over time and listen to the community feedback to steer our priorities. Pull requests and issues are welcome too.

Requirements

Wildebeest is a full-stack app running on top of Cloudflare Pages using Pages Functions. We are of course assuming that you have a Cloudflare account (click here if you don't) and have at least one zone using Cloudflare. If you don't have a zone, you can use Cloudflare Registrar to register new a new domain or transfer an existing one.

Some features, like data persistence, access controls, media storage, are handled by other Cloudflare products:

• D1 for the database.
• Workers KV for object caching.
• Zero Trust Access to handle user authentication and SSO on any identity provider.
• Images for media handling.

Most of our products offer a generous free plan that allows our users to try them for personal or hobby projects that aren’t business-critical. However the Images one doesn't have a free tier, so for setting up your instance you need to activate one of the paid Images plans.

Images plan

To activate Images, please login into your account, select Images on the left menu, and then select the plan that best fits your needs.

API token

Before we begin, you also need to create an API token in your Cloudflare account. To do that, login into your account, and press the Create Token button under My Profile (top right corner) / API Tokens.

Now press Create Custom Token and add the following permissions:

• D1, account level, edit permission.
• Cloudflare Pages, account level, edit permission.
• Access: Apps and policies, account level, edit permission.
• Access: Organizations, Identity Providers and Groups, account level, read permission.
• Workers KV Storage, account level, edit permission.
• DNS, zone level, edit permission.
• Cloudflare Images, account level, edit permission.
• Workers Scripts, account level, edit permission.

You can limit the token to the specific zone where you will using Wildebeest if you want. Don't set a TTL.

Now Continue to Summary, review your settings, and Create Token. Take note of your token and store it in your password manager, you're going to need it later.

Zone and Account IDs

You also need to take note of your Zone and Account IDs. To find them, login into your account and select the zone (domain) where you plan to use Wildebeest. Then, on the Overview page you will the following information:

We're all set now, let's start the installation process.

Getting started

Wildebeest uses Deploy to Workers to automate the installation process.

Click here to start the installation.

Please pay attention to all the steps involved in the installation process.

• Authorize Workers to use your GitHub account.
• Enter your Account ID (from the previous section) and the API token that you created previously.
• Configure your instance/project with the Zone ID, Domain, Title, Admin Email and Description.
• Fork the repository into your personal GitHub account.
• Enable GitHub Actions.
• Deploy.

Authorizations and API Token

The first two steps are authorizing Workers to use your GitHub account and entering your Account ID and the API token you created in the requirements section.

Instance configuration

Configure your instance/project with the Zone ID (see the requirements above), Domain (the full FQDN domain of your zone, where you want to deploy your Wildebeest server), Title, Admin Email and Description.

Now click Fork the repository.

Then enable GitHub Actions and confirm by clicking Workflows enabled.

And finally click Deploy.

The installation script will now build and deploy your project to Cloudflare Pages and will run a Terraform script to configure the D1, KV, DNS, Images and Access settings automatically for you.

Finish installation

If you followed all the steps, you should see a successful GitHub Actions build.

You can also confirm in the Cloudflare dashboard that the Pages project, DNS entry, KV namespace, D1 database and Access rule were all created and configured.

Almost there, only one last step missing:

Configure the access rule

The installation process automatically created a Zero Trust Access application called wildebeest-your-github-user for you. Now you need to create a policy that defines who can have access to your Wildebeest instance.

Go to https://one.dash.cloudflare.com/access and select your account, then select Access / Applications and Edit the wildebeest-your-github-user application.

Now click Add a policy. Name the policy wildebeest-policy, set the action to Allow, and add an include rule with the list of Emails that you want to allow and then click Save policy

You're ready

Open your browser and go to your newly deployed Wildebeest domain https://social.example/ (replace social.example with your domain). You should see something like this:

Go to https://social.example/api/v1/instance (replace social.example with your domain) and double-check your configuration. It should show: