Composition: the NordBastion polar-bear mascot in tactical Nordic armour standing at a glowing town-square plinth, a cluster of small lit lantern-instances orbiting it like a fediverse constellation, aurora-magenta federation threads connecting them across a fjord-night, the mastodon-mammoth silhouette resting calmly beside the mascot
Use case · Mastodon instance · Updated 2026

Your community.
On your jurisdiction. Federated by default.

A Mastodon instance is a small town square you maintain. A Ravelin at $23.90/mo runs the Docker Compose stack — Mastodon 4.x + Postgres + Redis + Sidekiq — for ~100 active users, federated to the wider fediverse, defederation calls yours alone.

Pick the right tier Jump to the Docker Compose recipe
TL;DR
  • 01

    Ravelin at $23.90/mo runs Mastodon 4.x + Postgres + Redis + Sidekiq comfortably for ~100 active users; Bulwark for 1000+. Garrison fits a personal-instance setup.

  • 02

    KYC-free signup keeps your admin identity out of the threat model. Crypto billing, no card on file linking the instance back to a legal name.

  • 03

    Nordic jurisdiction (no DMCA-style auto-takedown), unmetered uplink that absorbs the 100–300 GB/day a healthy federated instance pushes outbound.

Why bother

Why self-host the instance at all.

Joining an existing Mastodon instance is the right choice for 95% of users — pick a well-run one, post, follow, done. Running your own instance is a different proposition: you become the admin of a small town square, and the people who join sign up to your moderation calls and your uptime. The point is sovereignty, not scale.

Self-hosting is also the only way to be sure the instance survives the operator. Public-good instances built by volunteers have a half-life — burnout, funding gaps, a single admin moving on — and the user accounts move with the instance domain. Running your own means your handle, your followers and your archive are anchored to a domain and a database you control.

The Docker Compose deployment makes the operational story tractable: Mastodon ships an official compose template, Postgres and Redis are commodities, Sidekiq is a queue you read with a dashboard. The hard parts that remain are mail-relay deliverability and moderation — both of which we will name explicitly below rather than wave away.

The right question is not "join or self-host" in the abstract — it is "do I want a voice in a town square I own, or rent a desk in one someone else owns". If the answer is the first one, the rest of this page is the recipe.

Sizing

The right NordBastion tier for the job.

For a community instance up to ~100 actively-posting daily users with healthy outward federation, the Ravelin ($23.90/mo, 8 vCPU, 16 GB, 480 GB NVMe) is the sweet spot. Eight cores cover the Sidekiq worker pool comfortably under federation bursts; 16 GB of RAM holds Postgres buffers, Redis, the web tier and a couple of Sidekiq queues without ever touching swap.

Beyond ~300 active users, or once Sidekiq processed-jobs/sec sits north of 100 sustained, the Bulwark tier earns its keep — more cores for Sidekiq parallelism, more RAM for Postgres shared buffers, and the freedom to dedicate a couple of cores to Elasticsearch if your community wants full-text search across the federated timeline.

For a single-user or close-friends-only personal instance (under ~10 active accounts, federation kept narrow), a Garrison ($11.90/mo, 4 vCPU, 8 GB, 240 GB NVMe) is perfectly viable — particularly for Pleroma/Akkoma or Sharkey, which are lighter than Mastodon. The constraint is media storage growth rather than CPU; budget for media offload to external object storage from day one.

What none of these are: an Instagram-scale instance with first-party photo CDN. Mastodon is not engineered for that workload; the protocol shines for federated small-and-medium communities, and our tier guidance reflects that real shape.

Setup

From fresh VPS to first federated post. Six steps, about ninety minutes.

A skeleton sketch — the upstream joinmastodon.org admin guide remains the canonical reference for environment variables and tuning knobs.

  1. 01

    Docker + Compose

    The official Docker engine + the Compose v2 plugin. Skip the legacy distribution package; the upstream repo is closer to current.

    curl -fsSL get.docker.com \
  | sh
apt install \
  docker-compose-plugin
  2. 02

    Clone Mastodon

    The repo ships the canonical docker-compose.yml. Pin to the most recent stable v4.x tag rather than tracking main.

    git clone \
  https://github.com/mastodon/mastodon
cd mastodon
git checkout v4.3.0
  3. 03

    Generate .env.production

    The setup wizard interactively writes the secrets, DB credentials and SMTP block. Pick your transactional-mail provider here — do not leave it for later.

    docker compose run --rm \
  web bin/setup
# writes .env.production
  4. 04

    TLS via Caddy or nginx

    Caddy is the lowest-friction option — one Caddyfile line, automatic Let's Encrypt. nginx + certbot remains the classical path if you prefer.

    # Caddyfile
social.example.org {
  reverse_proxy localhost:3000
}
  5. 05

    Bring the stack up

    Web tier, Sidekiq, Streaming, Postgres and Redis come up together. Tail the logs and watch federation traffic start within seconds of the first follow.

    docker compose up -d
docker compose logs -f web sidekiq
  6. 06

    Create the admin

    Promote the first user to admin via the tootctl CLI. The admin UI then exposes registration mode (open/approval-required/invite-only) — pick approval-required as the safe default.

    docker compose exec web \
  bin/tootctl accounts modify \
  <username> --role Owner
Why this host for this job

Why NordBastion specifically for a Mastodon instance.

KYC-free

Your admin name is not part of the instance.

A Mastodon admin receives moderation reports, takedown requests, and the occasional GDPR data-subject request. Most of those are routine; some are not, and the threat model matters. Signing up with email + crypto rather than a credit card means there is no card-issuer paper trail from "the admin of social.example.org" back to a legal name. The instance is a hosted service paid by a prepaid balance — that is the only relationship that exists.

Nordic jurisdiction

Defederation drama stays your decision.

There is no DMCA-style notice-and-staydown machinery in Sweden, Finland, Norway or Iceland that would let an external accusation force pre-emptive content removal from your instance. The hoster's answer to "make them take this down" is "respond to the legal process in your jurisdiction"; the answer to "we don't like that other instance they federate with" is "that is the admin's call". Your moderation policy is the moderation policy.

Unmetered 1 Gbps

Federation chatter does not invoice extra.

A 100-user instance federated outward to the wider fediverse pushes 100–300 GB per day of ActivityPub deliveries — every local post fanned out to every remote follower's home instance. Most hyperscaler bills treat that as billable egress; we treat it as the cost of being on the internet. No transfer cap on any tier, no overage line on the invoice.

Verdict

Run it on a Ravelin. Pay in crypto. Pick your transactional-mail provider on day one.

Self-hosting a Mastodon instance is the highest-leverage thing a small community can do for its own continuity. For the price of a single SaaS social-tool seat you get a federated town square whose handles outlive any single platform, whose moderation calls belong to you, and whose data lives in a jurisdiction with no DMCA-style auto-takedown.

NordBastion is opinionated about the parts that matter for this specific job — KYC-free admin signup, Nordic jurisdiction, unmetered uplink, port 25 open if you choose to self-host outbound mail — and deliberately ordinary about the rest. The VPS is a VPS. Docker is Docker. Mastodon ships an official compose template; we provide the box and step out of the way.

The mail-relay question is the one to settle first. Pick an external transactional provider, configure it in .env.production at setup time, and the single biggest source of operational pain is gone before it starts.

FAQ · Mastodon on a VPS

The questions that come up first.

The eight questions actual Mastodon admins ask before docker compose up. Mail relay is question one for a reason.

What is actually the hardest part of running a Mastodon instance?

Email deliverability. The Mastodon application itself is well-engineered, the Docker Compose stack assembles in an afternoon, and Postgres tuning is a known science. The part that breaks people's instances is signup confirmations, password resets, and federation moderation notifications failing to reach Gmail / Outlook365 inboxes because the SMTP path from a fresh VPS IP is treated as guilty-until-proven-innocent. Plan for an external transactional mail relay (Mailgun, Postmark, Amazon SES) from day one — it costs $10/mo and removes 80% of the operational pain.

How big does the database actually get?

Mastodon's Postgres database grows roughly proportional to the union of "what your local users post" plus "everything from every account anyone here has ever followed on every other instance". For a 100-active-user instance with healthy outward federation, expect 20–40 GB of database after the first year and 80–150 GB after three years. Media (uploaded images / videos / boosts) lives separately and is the bigger storage problem — see the next question.

Can I offload media to S3-compatible storage?

Yes, and you should. Mastodon supports any S3-API-compatible backend via the S3_ENABLED env var. NordBastion does not currently operate first-party object storage, so the pragmatic choice is an external provider — Backblaze B2 is the standard recommendation for self-hosted instances (predictable pricing, no egress fees when paired with Cloudflare in front). With offloaded media a Ravelin's 480 GB NVMe holds Postgres and Sidekiq job queues for years; without offload, the same 480 GB fills in 12–18 months on a moderately-active instance.

Ravelin or Bulwark — when do I outgrow Ravelin?

Ravelin (8 vCPU, 16 GB, 480 GB) is comfortable up to ~100 actively-posting daily users with healthy outward federation. The bottleneck that breaks first is Sidekiq workers under inbound federation bursts (a viral post boosted by a 50k-user instance produces a transient queue spike that wants more workers, which wants more RAM). At ~300 active users or once Sidekiq processed-jobs/sec sits >100 sustained, the Bulwark tier earns its keep — more cores, more RAM headroom, and the freedom to dedicate one core to Elasticsearch if you want search.

What is defederation and how do I handle it?

Defederation is when your instance (or another instance) stops accepting messages from a peer — used in practice to block instances that host content violating your community standards. The Mastodon admin UI exposes per-instance suspend/silence/limit toggles; the social cost is real (your users lose the threads they were in with people on the blocked instance) and the moderation cost is real (somebody has to make the call). The point of running your own instance is that this is your call to make — based on your community standards, not a corporate trust-and-safety pipeline.

What is realistic moderation effort?

For an instance under ~50 users with curated signups (invite-only or admin-approved), moderation is a few minutes per week — closing spam-account reports, occasionally limiting a peer instance. For open-registration instances the effort scales superlinearly with signup volume because the spam-bot economy treats every open ActivityPub endpoint as a target. The standard defence is approval-required registrations + a clear application question — drops automated signups by 99% with negligible friction for real humans.

Does Nordic jurisdiction actually matter for a Mastodon admin?

Yes, for a specific and underrated reason: as the admin you receive moderation reports, takedown requests, and the occasional GDPR data-subject request. Sweden, Finland, Norway and Iceland have a well-defined legal framework for what a hoster and a small forum-operator owe in response — and crucially, no equivalent of the US DMCA notice-and-staydown machinery that lets a single accusation force pre-emptive takedown. You still moderate; you just do it on your terms rather than under threat of a hoster auto-acting.

Mastodon vs Pleroma vs Akkoma vs Sharkey — does it matter for hosting?

Hosting-wise: Mastodon is heaviest (Ruby on Rails + Sidekiq + Postgres + Redis + optional Elasticsearch), Pleroma/Akkoma are lighter (Elixir, single OTP release), Sharkey/Misskey-family run on Node + Postgres. A Ravelin handles any of them comfortably for ~100 users; a Sentinel can run Pleroma/Akkoma for personal-instance use where the same tier would not be enough for Mastodon. Pick on community-fit (which features matter, which UI your people prefer), not on resource curve — the difference is small at this scale.

Keep reading

Other use cases that share the same Nordic uplink.

Use case

Matrix homeserver

End-to-end encrypted Synapse on Docker Compose — the sibling federation protocol, for chat rather than microblogging.
Use case

Mail server

Mailcow on a port-25-open VPS — if you want to self-host the SMTP relay your Mastodon instance pushes confirmations through.
Use case

WireGuard VPN server

Kernel-fast VPN exit on a Sentinel — for admins who want to ssh into their instance over their own tunnel.
See the full use-cases hub