Skip to content
/ bluesky-pds-cdk Public

AWS CDK template for hosting a Bluesky Personal Data Server (PDS)

License

MIT license
2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

clareliguori/bluesky-pds-cdk

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

46 Commits
guides
guides
 
 
infra
infra
 
 
ops
ops
 
 
pipeline
pipeline
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

bluesky-pds-cdk

This repository contains an AWS CDK template for self-hosting a fully containerized, serverless Bluesky Personal Data Server (PDS) on AWS.

Architecture

flowchart LR
  A(Bluesky) --> B("PDS load balancer
  #40;ALB#41;")
  B --> C

  subgraph Fargate task
    direction TB
    C("PDS
    container") --- D("Litestream
    container")
  end

  C --> E("Blob store
  S3 bucket")
  D --> F("Database backup
  S3 bucket")
Loading

This architecture was designed with resiliency, observability, and security in mind. A single AWS Fargate task sits behind a load balancer that spans two AZs, running in its own VPC. The load balancer terminates TLS, and redirects HTTP to HTTPS. Amazon ECS ensures that only one task is running at a time. In case of an unhealthy task, ECS will terminate the task and start a new one in either of the two AZs.

The Fargate task runs two containers:

  1. The main PDS container uses the official PDS image, copied into a private Amazon ECR repository. The PDS uses an Amazon S3 bucket for its blob store. It also uses AWS Secrets Manager to generate and store its admin password and JWT secret key, and AWS KMS for its PLC rotation key. Amazon SES is used to send emails from the PDS.
  2. A sidecar container that uses Litestream to continuously replicate the PDS on-disk SQLite databases to S3. On task launch, the sidecar starts before the PDS and restores the database files from S3 to the local disk (a shared volume with the PDS container).

For monitoring, container logs are sent to Amazon CloudWatch. Alarms are configured in CloudWatch on load balancer metrics.

Deploy your PDS

See the deployment guide for instructions on how to deploy a Bluesky PDS using this CDK template.

Also see the cost guide to get a rough idea on the cost for self-hosting a PDS using this CDK template, as well as other options for self-hosting on AWS.

Note that Bluesky currently treats federating to self-hosted PDSs as an experimental phase, and is intended for developers and individuals hosting personal or test accounts. Bluesky recommends that you do not migrate your main account yet. See the AT Protocol PDS Admins Discord for the latest guidance.

About

AWS CDK template for hosting a Bluesky Personal Data Server (PDS)

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages