Service: Bluesky Personal Data Server - EyevinnOSC/community GitHub Wiki

Getting Started

Bluesky is a decentralized microblogging social media service based on open standards (AT Protocol) and open source infrastructure so that social communication can be as open and interoperable as the web itself. The AT Protocol (Authenticated Transfer Protocol aka atproto) is a federated protocol for large-scale distributed social applications.

The three core services in a network are Personal Data Server (PDS), Relays and App Views. A personal data server is your home in the cloud. This is the server that hosts your data, distribute it, manage your identity and orchestrate requests to other services to give you your views. However, the goal of the AT protocol is to ensure that a user on one PDS can move and migrate their account to a new PDS without the server’s involvement.

In this tutorial we will describe how you can setup your own Personal Data Server based on open source made available as a service all for free.

Step 1: Create an account in Eyevinn Open Source Cloud

Navigate to www.osaas.io and click on Login/Signup. Enter your email to create an account and enter the login code you receive in your inbox. If this is the first time you logged in you need to create a tenant first.

Step 2: Create your own PDS

Navigate to Bluesky Personal Data Server by entering this text in the search bar in the top bar.

Click on the tab Service secrets and click on New Secret to create a secret for your administration password.

Click on the button “Create pds” and enter the name of your PDS and a reference to the secret you created.

Leave the input DnsName empty for now. This will be used when you add a CDN in front of the server and use a custom domain name. Press create and wait for the indicator on the instance card to turn green.

Skarmavbild-2024-11-15-kl -13 12 44-1024x538

Step 3: Create an invitation code

Now you have your own PDS up and running. To create an account on the server you need to first create an invitation code. This is done by sending an HTTP request to the PDS API. In this example we will use an HTTP API client available online.

Skarmavbild-2024-11-15-kl -13 22 51-1024x744

Use Basic auth as authentication method and admin as user and the password is the administration password that you created above. As URL you enter the URL available on the instance card and add /xrpc/com.atproto.server.createInviteCode

In the body you enter the following JSON:

{ "useCount": 1 }

The code returned in the response is the invitation code, in this case demo-blog-bluesky-social-pds-auto-prod-osaas-io-5ito3-t5umt. This is the code you are using when creating an account on this server.

Step 4: Create an account

Download the Bluesky social app on your appstore. When registering a new account select a custom hosting provider and enter the URL to the PDS created. Use the invitation code and enter email and password. Now you will have an account created with a handle @.demo-blog.bluesky-social-pds.auto.prod.osaas.io and you are ready to go!

Advanced: Custom domain and CDN

To use a custom domain name for your service you need to be able to administer a DNS domain and CDN. What you need to setup is the following:

  1. Decide and register a root domain name, e.g. my.org
  2. Decide what domain name you will use for the PDS, e.g. pds.my.org
  3. Create an SSL certificate for *.pds.my.org and pds.my.org
  4. Create a PDS in OSC as before with the addition that you set DNS_NAME to pds.my.org
  5. Setup a CDN property / distribution where origin is the URL to the PDS created above, e.g. demo-blog.bluesky-social-pds.auto.prod.osaas.io and use the SSL cert created in 3. It is important that the CDN uses the origin host in the request to the origin. Consult your CDN provider for how to configure this.
  6. Create DNS records *.pds.my.org and pds.my.org to point to the CDN distribution created in 5.

AWS Cloudfront CDN

Follow these steps to have a custom domain for you PDS using AWS Cloudfront CDN.

Sign up for an account at AWS and login. Create a hosted zone for your DNS in the Route 53 DNS service.

Skärmavbild 2024-11-16 kl 15 29 09

Go to the Certificate Manager in us-east-1 region. Request one public certificate for your domains *.your.domain and your.domain.

Skärmavbild 2024-11-16 kl 15 34 03

Go to CloudFront CDN service and create a distribution. Choose the certificate you just created and add CNAMEs for both *.your.domain and your.domain.

Skärmavbild 2024-11-16 kl 15 36 22

Configure custom origin that points to the instance in Eyevinn Open Source Cloud that you created.

Skärmavbild 2024-11-16 kl 15 37 16

Create a cache policy that includes the following headers:

  • Authorization
  • x-forwarded-host
  • Access-Control-Request-Method
  • Access-Control-Request-Headers

and all query strings.

Create an origin request policy that includes all cookies and query strings and the following headers.

  • Sec-WebSocket-Key
  • Sec-WebSocket-Version
  • Sec-WebSocket-Protocol
  • Sec-WebSocket-Accept
  • Sec-WebSocket-Extensions

Assign these policies as the default behavior.

Now go to the Route 53 DNS service and create two CNAME records *.your.domain and your.domain that points to the CDN distribution that you created.

Advanced: Configure SMTP

To enable email verification and two-factor authentication you can enter SMTP URL for a relay-service and sender email address when creating the instance.

Conclusion

Creating your own Bluesky Personal Data Server based on open source is achievable with only a few click of a button and a quick way to get your own self-hosted account to join the conversation in this open social media network.