Create an ActivityPub server

In this guide you will setup a SemApps-powered ActivityPub server, you will create an actor and communicate with another Mastodon actor.

Setup a new Moleculer project

You will need to have NodeJS installed on your computer.

First install the moleculer-cli tool globally.

npm install -g moleculer-cli

Then initialize a new project based on this template with this command:

moleculer init assemblee-virtuelle/semapps-template-activitypub my-activitypub-server

Choose Yes to all questions:

? Do you need a local instance of Jena Fuseki (with Docker)? Yes
Create 'semapps' folder...
? Would you like to run 'npm install'? Yes

You can now go to the newly-created directory:

cd my-activitypub-server

Launch your local Jena Fuseki instance

Jena Fuseki is a semantic triple store. It is where your app's data will be stored.

You need docker and docker-compose installed on your machine.

docker-compose up

Jena Fuseki is now available at the URL http://localhost:3030.

Please login - by default, the login is admin and the password is also admin.

Start by creating a new dataset and name it localData (case sensitive). Your data will be stored there.

Create a HTTPS tunnel to your localhost

Since we will want to communicate with a Mastodon instance later on this guide, we need to provide a publicly-accessible server, and we need it to handle HTTPS.

Luckily, this can be done easily with the localhost.run service. All you need to do is run the following command:

ssh -R 80:localhost:3000 alice@ssh.localhost.run

This will create a publicly-accessible URL like https://alice-d57621c5.localhost.run which will point to port 3000 of your local computer.

note

You could also use a software like Ngrok, but the free version generates a different domain name on every session, which can make federated testing more difficult.

Now, to ensure all the URLs generated by your server will use this domain, edit the SEMAPPS_HOME_URL variable in the .env file at the root of your repository:

SEMAPPS_HOME_URL=https://alice-d57621c5.localhost.run
caution

Make sure to use the HTTPS URL, and not the HTTP one, it is required by the ActivityPub protocol !

Run Moleculer in dev mode

All the configurations are done, you can launch the server:

npm run dev

Your instance of SemApps is now available at http://localhost:3000, and of course also at https://alice-d57621c5.localhost.run

Create an ActivityPub actor

On the first start, the ActivityPub service will create 3 LDP container in the /activities, /actors and /objects path.

You can create an ActivityPub actor by POSTing to the /actors container with a tool like Insomnia, Postman or the RESTClient add-on for Firefox.

POST /actors HTTP/1.1
Host: alice-d57621c5.localhost.run
Content-Type: application/json
Accept: */*
Slug: alice
{
"@context": "https://www.w3.org/ns/activitystreams",
"type": "Person",
"preferredUsername": "alice"
}

The Slug header allows you to specify the URI of the actor.

In return, you will receive informations about the created actor:

{
"@context": [
"https://www.w3.org/ns/activitystreams",
"https://w3id.org/security/v1"
],
"id": "https://alice-d57621c5.localhost.run/actors/alice",
"type": "Person",
"preferredUsername": "alice",
"inbox": "https://alice-d57621c5.localhost.run/actors/alice/inbox",
"outbox": "https://alice-d57621c5.localhost.run/actors/alice/outbox",
"followers": "https://alice-d57621c5.localhost.run/actors/alice/followers",
"following": "https://alice-d57621c5.localhost.run/actors/alice/following",
"publicKey": {
"owner": "https://alice-d57621c5.localhost.run/actors/alice",
"publicKeyPem": "-----BEGIN PUBLIC KEY-----\nMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAy1cCXaqr99REmt2X9b3F\nOFJxuXXvhN+qe9qzyx9nVUtCPLUsAdEcstnUtvny9VOOyMoYa87yx21ns8PxQINE\nfKNlkHWc6zQrTfy8blEvcD7WGHLe2cWX9y5Lc604YsUhyWsmiBMAu2CPK80rQC/6\nXH4wKt2ad7GLO9lSlM2WNNUFehHgDHlNouNBUaxlpGVgcOpjjMSO/iQv6Xjbrfab\n/oukG47D7H+J66PE7R8kyjD9/tX5WwGkthLlzDAxoCNP4+DzBa2D5Wuu/dDJ50jc\nkDMnC07gjg2Zgs4PcKW5DF7ZOKBHtyUxgnabHjEYxSc7amy+enYONjNEzar2dkPD\nJL0OtRbMq28/J0/UCDEpH5hrTdi/7ja6aLlxX9Aqt6bc7TX0MQzVF7yCOJ4sjDDX\nnAF4fimUp2unedAgfexlacEky5HbDuBrEw6DiEmwgSrbhd8paS01haow5TSNSxgV\nUN/xPPb0XUqvuoeaAfoEuuPgRtsQ/zGoSVklx2h+dEbmPuS010pYQEwbucTFaGMH\nvE6aBs7UeMxmHKNkpqziU/G6DlVzrAp91vd3+BRwceyEtoY8ZczDrPSAyD+g9gSG\neRGQFBwpYuattfc6bzR4NdTv2S4pcdvP9q/an8GAMzFb0OwBYTXF1TQ4UtCylvpp\nruuVqWmyIXzM7v6gi1u3alsCAwEAAQ==\n-----END PUBLIC KEY-----\n"
}
}

The ActivityPub service (or rather, the ActorService) has appended all the required properties for actors: the outbox, the inbox, the list of followers and following, as well as a publicKey object which will be used to verify messages sent by this actor.

note

If you look inside the /actors subdirectory, you should see two files: alice.key and alice.key.pub. The first one is the private key used to sign messages; it should never leave your server. The second is the public key that we saw just before.

Create a Mastodon user

Mastodon is federated social network to exchange Twitter-like short communications. Unlike Twitter, Mastodon can be installed on many different servers, which use the ActivityPub protocol to communicate with each others. And since ActivityPub is an universal protocol, many different softwares can exchange with Mastodon instances.

This is what we will do now: exchange informations with a Mastodon user. To do that, create an account on any of the instances that you can find on the Mastodon homepage.

For this guide, we will create an user bob on the Framapiaf instance.

Make the two actors follow each others

Send a POST request to Alice's outbox with the following informations.

POST /actors/alice/outbox HTTP/1.1
Host: alice-d57621c5.localhost.run
Content-Type: application/json
{
"@context": "https://www.w3.org/ns/activitystreams",
"actor": "https://alice-d57621c5.localhost.run/actors/alice",
"type": "Follow",
"object": "https://framapiaf.org/users/bob",
"to": "https://framapiaf.org/users/bob"
}
note

We use https://framapiaf.org/users/bob to identify Bob's account, because that's the standard URL for Mastodon actors. However we could have found this information through the Webfinger protocol. If you fetch this URL with an Accept: application/json header, you should receive all the informations about Bob.

Follow activities must usually be followed by an Accept activity to confirm that the remote actor has accepted the request. If the magic happened, you should see it on Alice's inbox: https://alice-d57621c5.localhost.run/actors/alice/inbox. Furthermore, Bob should appear here: https://alice-d57621c5.localhost.run/actors/alice/following

If you now go to Bob's Mastodon account, you should see a notification that the user @alice@alice-d57621c5.localhost.run wants to follow him. Click on the icon on the right to follow her back.

Send a Note to your followers

You're almost there ! Since the two users follow each others, you can post a message as Alice, and Bob should receive it on his Mastodon feed.

POST /actors/alice/outbox HTTP/1.1
Host: alice-d57621c5.localhost.run
Content-Type: application/json
{
"@context": "https://www.w3.org/ns/activitystreams",
"type": "Note",
"attributedTo": "https://alice-d57621c5.localhost.run/actors/alice",
"content": "Hello to all my followers !",
"to": [ "https://alice-d57621c5.localhost.run/actors/alice/followers" ]
}

The message is not sent directly to Bob (otherwise it would appear as a direct message), but to all of Alice's followers. If everything went well, this message should appear right at the top of Bob's Mastodon feed !

note

Mastodon, being a Twitter "clone", only accept two types of objects: Note and Question. Other types of ActivityPub objects are converted but you cannot be sure of the result. For more information, see this page.

Much more could be done, but with this little guide, we hope you had a taste of what it is like to own an ActivityPub server !