Self-host Mastodon on a VPS.
Your own corner of the fediverse, on owned Nordic metal.
Six steps, ~90 minutes, federation-ready. Docker Compose deployment on Mastodon 4.3+ — the maintainer-recommended path.
- 01
Provision
Ravelin / Bulwark
- 02
Domain
A + AAAA records
- 03
Install
docker compose
- 04
SMTP
Relay or self
- 05
TLS + nginx
certbot
- 06
Admin + federate
First post
VPS + domain, two upfront decisions.
VPS tier. Ravelin ($23.90/mo, 8 vCPU / 16 GB / 480 GB NVMe) is the practical floor for a federation-enabled Mastodon instance. The Sidekiq queue grows with the number of remote actors you follow; 16 GB of RAM keeps it comfortable up to a few hundred follows. Bulwark ($46.90/mo, 32 GB) for instances with 50+ users or 1,000+ federated peers.
Bastion. Mastodon's federation is global, so latency to any one bastion does not dominate. Pick the jurisdiction you want the data to sit under — typically Stockholm or Reykjavík for visibility on the fediverse "where is this hosted" line in the about page.
Domain. Mastodon embeds the domain in every username. Picking it casually and changing later means every user has to migrate. Two anonymous-registration paths: Njalla (they register in their name, you control the account; crypto-paid, no-KYC), or any standard registrar via a non-KYC crypto-to-card swap. Either way, set an A record for IPv4 + AAAA for IPv6 pointing at the VPS, and a TXT record empty for now (DKIM if you self-host SMTP later).
Docker Compose, the maintainer-recommended path.
# Install Docker + Compose
apt install -y docker.io docker-compose-plugin
# Clone Mastodon
adduser --disabled-login mastodon
sudo -u mastodon -i
git clone https://github.com/mastodon/mastodon
cd mastodon
git checkout v4.3.0
# Configure
cp .env.production.sample .env.production
# Edit .env.production: LOCAL_DOMAIN, SECRET_KEY_BASE, OTP_SECRET (generate),
# SMTP_*, DB_*, REDIS_*
# Initialise DB + start
docker compose run --rm web bundle exec rake db:setup
docker compose up -d
SECRET_KEY_BASE and OTP_SECRET should be long random strings — generate with openssl rand -hex 64. DO NOT regenerate them after launch — losing them locks every existing user out.
SMTP relay + certbot, the two boring-but-required pieces.
SMTP. Mastodon sends confirmation, password-reset and notification emails. The cheapest reliable path is an SMTP relay — Sendinblue / Brevo (free tier 300/day), Mailgun (free 5K/month), Postmark. Privacy purists self-host a postfix outbound relay on the same VPS, but expect a week of deliverability headaches as fresh-IP mail gets graylisted by Gmail/Outlook. For a small instance the SMTP relay is the right trade-off.
TLS. Install certbot (apt install certbot python3-certbot-nginx) then run certbot --nginx -d your-domain.com. Let's Encrypt issues the cert in seconds; auto-renewal is set up by default. The nginx config sample for Mastodon is in dist/nginx.conf — copy to /etc/nginx/sites-available/mastodon, link to sites-enabled, reload.
Visit https://your-domain.com — the Mastodon setup screen loads. If you see "site can't be reached", the firewall is blocking 443; if you see a TLS error, certbot did not point nginx at the new cert.
First admin, first post, first federation. Within minutes.
docker compose run --rm web bin/tootctl accounts create \
admin --email you@example --confirmed --role Owner
The command returns a one-time password. Log in at https://your-domain.com, change the password, set up 2FA, edit the instance about-page and rules.
Follow a few well-connected accounts on the fediverse (the Mastodon "Explore" tab shows them). Federation propagates within minutes — posts from accounts you follow start arriving in your timeline; your own posts appear on their instances when remote actors follow you back.
Pin a rules-of-the-house post, write a "what this instance is" announcement, and the instance is live. Closed registration by default; open it later when your moderation capacity allows.
Questions, answered.
Eight questions a first-time Mastodon admin asks before opening the instance.
Why self-host Mastodon instead of joining mastodon.social?
Three reasons. (1) Your data is on your server. The big public instances are run by volunteers and good-faith operators, but the data lives where they decide. (2) Your rules. You write the rules-of-the-house and you moderate by them. The big instances inherit moderation decisions you may not agree with. (3) Your domain identity. @you@yourdomain reads as "you, on your own server" rather than "you, customer of public service X." For most users joining a public instance is fine; for users who want long-term identity sovereignty, self-hosting is the path.
Can a Sentinel tier really run Mastodon?
Technically yes for a single-user instance with limited federation. Realistically no for anything past 1-5 federated accounts. Mastodon's Sidekiq queue grows non-linearly with the number of remote actors you follow; at 50-100 followed accounts the queue lag on a 4 GB box becomes noticeable. Ravelin ($23.90/mo, 16 GB RAM) is the practical floor. Bulwark for an instance with 50+ users or 1,000+ federated peers.
Where do I register a domain anonymously?
Two practical paths. (1) Njalla registers the domain in their name and lists you as a customer — the registrar shielding is real. They accept crypto and have no KYC. (2) Any conventional registrar via a non-KYC crypto-to-fiat swap — buy a $15 prepaid card for XMR on a no-KYC service, register at any registrar that accepts cards, use a privacy-respecting email. The Njalla path is cleaner but slightly more expensive; the conventional path is cheaper but has more moving parts.
Is the bandwidth in Mastodon serious?
It is non-trivial but rarely a constraint on a real VPS. Federation pushes every public post to every following remote instance, multiplied by media (images, video). A small single-user instance uses ~5-10 GB/month outbound; a medium-active 50-user instance uses 100-300 GB; a popular 1,000-user instance ranges from 1-5 TB. NordBastion VPS plans have unlimited bandwidth at every tier, so this is not a cost vector.
Should I close registration or leave it open?
Default to closed (invite-only). Open registration creates immediate moderation burden — spam accounts, abuse, and the moderation labour that goes with it. Closed registration is the default Mastodon-admin recommendation and matches the way most successful smaller instances operate. You can flip it later as your moderation capacity grows.
How do I back up my Mastodon instance?
Three things to back up: (1) the Postgres database (mastodon_production), (2) the .env.production file (env settings), (3) the media files in public/system/ (user uploads — can be huge, 10s of GB). NordBastion VPS snapshots cover the whole disk in one shot and are the simplest "full instance" backup; for granular DB-only backups, pg_dump on a schedule. Take a backup before every Mastodon version upgrade.
Can I migrate users in or out of my instance?
Yes — Mastodon supports account migration both directions. A user can import their followers/following lists from a previous instance, and announce a move to a new instance that propagates redirects to their followers automatically. Posts do not migrate (they remain on the origin instance), but the social graph does. This makes self-hosting lower-risk: if you decide to stop running the instance later, your users can move out without losing their networks.
Should I run my Mastodon instance over Tor?
Cleanest is dual access — clearnet primary plus a Tor hidden service mirror. Set up the hidden service per /guides/tor-hidden-service-on-a-vps/, point both your domain and the .onion at the same nginx, and Mastodon serves both. Note: ActivityPub federation between two Tor-only instances is uncommon and may not interop with every fediverse software; clearnet primary keeps you federated, .onion adds a privacy access path for your users.
Order a Ravelin and federate.
Last reviewed · 2026-05-20 · Tested · Mastodon 4.3 · Docker Compose · Debian 12
Anonymous VPS hosting in 2026 — the cluster.
This guide is one spoke of a larger series. The pillar walks the three privacy layers end to end — the sibling spokes below dive into the specifics.
Three independent layers — signup, payment, network — explained, legal context included, common mistakes flagged.
Your own homeserver — Synapse, postgres, well-known delegation.
What “no KYC” actually means — and what it does not.
Why Sweden, Finland, Norway and Iceland — the legal floor of each.
XMR end-to-end — wallet, transfer, confirmations, change.