diff --git a/.github/ISSUE_TEMPLATE.md b/.github/ISSUE_TEMPLATE.md new file mode 100644 index 0000000..2729a6b --- /dev/null +++ b/.github/ISSUE_TEMPLATE.md @@ -0,0 +1,55 @@ +--- +name: Bug report +about: When creating a bug report, please use the following template to provide all the relevant information and help debugging efficiently. + +--- + +**How to post a meaningful bug report** +1. *Read this whole template first.* +2. *Determine if you are on the right place:* + - *If you were performing an action on the app from the webadmin or the CLI (install, update, backup, restore, change_url...), you are on the right place!* + - *Otherwise, the issue may be due to the app itself. Refer to its documentation or repository for help.* + - *When in doubt, post here and we will figure it out together.* +3. *Delete the italic comments as you write over them below, and remove this guide.* +--- + +### Describe the bug + +*A clear and concise description of what the bug is.* + +### Context + +- Hardware: *VPS bought online / Old laptop or computer / Raspberry Pi at home / Internet Cube with VPN / Other ARM board / ...* +- YunoHost version: x.x.x +- I have access to my server: *Through SSH | through the webadmin | direct access via keyboard / screen | ...* +- Are you in a special context or did you perform some particular tweaking on your YunoHost instance?: *no / yes* + - If yes, please explain: +- Using, or trying to install package version/branch: +- If upgrading, current package version: *can be found in the admin, or with `yunohost app info $app_id`* + +### Steps to reproduce + +- *If you performed a command from the CLI, the command itself is enough. For example:* + ```sh + sudo yunohost app install the_app + ``` +- *If you used the webadmin, please perform the equivalent command from the CLI first.* +- *If the error occurs in your browser, explain what you did:* + 1. *Go to '...'* + 2. *Click on '...'* + 3. *Scroll down to '...'* + 4. *See error* + +### Expected behavior + +*A clear and concise description of what you expected to happen. You can remove this section if the command above is enough to understand your intent.* + +### Logs + +*When an operation fails, YunoHost provides a simple way to share the logs.* +- *In the webadmin, the error message contains a link to the relevant log page. On that page, you will be able to 'Share with Yunopaste'. If you missed it, the logs of previous operations are also available under Tools > Logs.* +- *In command line, the command to share the logs is displayed at the end of the operation and looks like `yunohost log display [log name] --share`. If you missed it, you can find the log ID of a previous operation using `yunohost log list`.* + +*After sharing the log, please copypaste directly the link provided by YunoHost (to help readability, no need to copypaste the entire content of the log here, just the link is enough...)* + +*If applicable and useful, add screenshots to help explain your problem.* diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md new file mode 100644 index 0000000..ef70e18 --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,16 @@ +## Problem + +- *Description of why you made this PR* + +## Solution + +- *And how do you fix that problem* + +## PR Status + +- [ ] Code finished and ready to be reviewed/tested +- [ ] The fix/enhancement were manually tested (if applicable) + +## Automatic tests + +Automatic tests can be triggered on https://ci-apps-dev.yunohost.org/ *after creating the PR*, by commenting "!testme", "!gogogadgetoci" or "By the power of systemd, I invoke The Great App CI to test this Pull Request!". (N.B. : for this to work you need to be a member of the Yunohost-Apps organization) diff --git a/README.md b/README.md index 5b4ecaf..4a48e08 100644 --- a/README.md +++ b/README.md @@ -1,86 +1,64 @@ -# Glich-Soc for YunoHost -[![Integration level](https://dash.yunohost.org/integration/glitchsoc.svg)](https://dash.yunohost.org/appci/app/glitchsoc) ![](https://ci-apps.yunohost.org/ci/badges/glitchsoc.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/glitchsoc.maintain.svg) -[![Install Glich-Soc with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=glitchsoc) - -*[Lire ce readme en français.](./README_fr.md)* - -> *This package allows you to install Glich-Soc quickly and simply on a YunoHost server. -If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/install) to learn how to install it.* - -## Overview -Glich-Soc is a free, open-source microblogging social network. It is a decentralized alternative to commercial platforms like Twitter and avoids the risks of a single company monopolizing your communication for commercial purposes. - -**Shipped version:** 3.3.0 - -## Important points to read before installing - -1. **Glich-Soc** require a dedicated **root domain**, eg. glitchsoc.domain.tld -1. The user choosen during the installation is automatically created in Glich-Soc with admin rights -1. At the end of the installation a mail is sent to the user with the automatically generated password -1. It seems important to close the inscriptions for your Glich-Soc, so that it remains a private body. We invite you to block remote malicious instances from the administration interface. You can also add text on your home page. - -## Screenshots - -![](https://framalibre.org/sites/default/files/mastodon.png) - -## Configuration - -### Install - -#### Using *screen* in case of disconnect -``` -$ sudo apt-get install screen -$ screen -$ sudo yunohost app install https://github.com/YunoHost-Apps/glitch-soc_ynh.git -``` -Recover after disconnect: -``` -$ screen -d -$ screen -r -``` - -### Update - -#### Using *screen* highly recommended - -`$ sudo yunohost app upgrade glitchsoc -u https://github.com/YunoHost-Apps/glitch-soc_ynh --debug ` - -### Administrate with tooctl - -`$ (cd /var/www/glitchsoc/live && sudo -u glitchsoc RAILS_ENV=production PATH=/opt/rbenv/versions/glitchsoc/bin bin/tootctl --help)` - -## Documentation - - * Official documentation: https://glitch-soc.github.io/docs/ - -## YunoHost specific features - -#### Multi-users support - -LDAP authentication is activated. All YunoHost users can authenticate. - -#### Supported architectures - -* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/glitchsoc.svg)](https://ci-apps.yunohost.org/ci/apps/glitchsoc/) -* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/glitchsoc.svg)](https://ci-apps-arm.yunohost.org/ci/apps/glitchsoc/) - -## Links - - * Report a bug: https://github.com/YunoHost-Apps/glitch-soc_ynh/issues - * App website: https://glitch-soc.github.io/docs/ - * Upstream app repository: https://github.com/glitch-soc/mastodon - * YunoHost website: https://yunohost.org/ --- + + +# Glitch-Soc for YunoHost + +[![Integration level](https://dash.yunohost.org/integration/glitchsoc.svg)](https://dash.yunohost.org/appci/app/glitchsoc) ![](https://ci-apps.yunohost.org/ci/badges/glitchsoc.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/glitchsoc.maintain.svg) +[![Install glitchsoc with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=glitchsoc) + +*[Lire ce readme en français.](./README_fr.md)* + +> *This package allows you to install glitchsoc quickly and simply on a YunoHost server. +If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/install) to learn how to install it.* + +## Overview + +A libre and federated social network, fork of Mastodon. + +**Shipped version:** 3.4.0-rc2~ynh1 + + + + + + +## Disclaimers / important information + +Glitch-Soc is beta software, and under active development. Use at your own risk! + +* This app require a dedicated domain or subdomain. +* The user choosen during the installation is created in Glitch-Soc with admin rights. +* LDAP authentication is activated. All YunoHost users can authenticate. +* Single sign-on doesn't work. + +It seems important to close the inscriptions for your Glitch-Soc, so that it remains a private body. We invite you to block remote malicious instances from the administration interface. You can also add text on your home page. + + + +## Documentation and resources + +* Official app website: https://glitch-soc.github.io/docs/ + + +* Upstream app code repository: https://github.com/glitch-soc/mastodon +* YunoHost documentation for this app: https://yunohost.org/app_glitchsoc +* Report a bug: https://github.com/YunoHost-Apps/glitchsoc_ynh/issues + ## Developer info -Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/glitch-soc_ynh/tree/testing). +Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/glitchsoc_ynh/tree/testing). To try the testing branch, please proceed like that. ``` -sudo yunohost app install https://github.com/YunoHost-Apps/glitch-soc_ynh/tree/testing --debug +sudo yunohost app install https://github.com/YunoHost-Apps/glitchsoc_ynh/tree/testing --debug or -sudo yunohost app upgrade glitchsoc -u https://github.com/YunoHost-Apps/glitch-soc_ynh/tree/testing --debug +sudo yunohost app upgrade glitchsoc -u https://github.com/YunoHost-Apps/glitchsoc_ynh/tree/testing --debug ``` + +**More info regarding app packaging:** https://yunohost.org/packaging_apps \ No newline at end of file diff --git a/README_fr.md b/README_fr.md index 72e86b8..a6df7b3 100644 --- a/README_fr.md +++ b/README_fr.md @@ -1,87 +1,56 @@ -# Glich-Soc pour YunoHost +# Glitch-Soc pour YunoHost -[![Niveau d'intégration](https://dash.yunohost.org/integration/glitchsoc.svg)](https://dash.yunohost.org/appci/app/glitchsoc) ![](https://ci-apps.yunohost.org/ci/badges/glitchsoc.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/glitchsoc.maintain.svg) -[![Installer Glich-Soc avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=glitchsoc) +[![Niveau d'intégration](https://dash.yunohost.org/integration/glitchsoc.svg)](https://dash.yunohost.org/appci/app/glitchsoc) ![](https://ci-apps.yunohost.org/ci/badges/glitchsoc.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/glitchsoc.maintain.svg) +[![Installer glitchsoc avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=glitchsoc) -*[Read this readme in english.](./README.md)* +*[Read this readme in english.](./README.md)* +*[Lire ce readme en français.](./README_fr.md)* -> *Ce package vous permet d'installer Glich-Soc rapidement et simplement sur un serveur YunoHost. -Si vous n'avez pas YunoHost, consultez [le guide](https://yunohost.org/#/install) pour apprendre comment l'installer.* +> *This package allows you to install glitchsoc quickly and simply on a YunoHost server. +If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/install) to learn how to install it.* ## Vue d'ensemble -Glich-Soc est un réseau social de microblog auto-hébergé et open source. C'est une alternative décentralisée aux plates-formes commerciales comme Twitter. Glich-Soc évite ainsi les risques qu'une seule société monopolise votre communication à des fins commerciales. -**Version incluse:** 3.3.0 +Un réseau social libre et fédéré, scission de Mastodon. -## Points importants à lire avant l'installation +**Version incluse:** 3.4.0-rc2~ynh1 -1. **Glich-Soc** nécessite un **nom de domaine** dédié, par exemple : glitchsoc.domain.tld -1. L'utilisateur sélectionné pendant l'installation sera créé automatiquement dans Glich-Soc avec des droits d'administration. -1. À la fin de l'installation, un mail est envoyé à cet utilisateur avec un mot de passe généré automatiquement. -1. Pour que votre instance Glich-Soc reste privée, il est important de fermer les inscriptions. Nous vous invitons à bloquer les instances distantes indésirables depuis l'interface d'administration. Vous pouvez également ajouter un texte sur votre page d'accueil dans l'administration. -## Captures d'écran -![](https://framalibre.org/sites/default/files/mastodon.png) -## Configuration -### Installation -#### Utilisation de *screen* en cas de déconnection -``` -$ sudo apt-get install screen -$ screen -$ sudo yunohost app install https://github.com/YunoHost-Apps/glitch-soc_ynh.git -``` -Récupérer l'installation après une deconnection : -``` -$ screen -d -$ screen -r -``` -L'utilisateur admin est créé automatiquement comme : user@domain.tld +## Avertissements / informations importantes -### Mise à jour +Glitch-Soc is beta software, and under active development. Use at your own risk! -#### Utilisation de *screen* fortement recommandée +* This app require a dedicated domain or subdomain. +* The user choosen during the installation is created in Glitch-Soc with admin rights. +* LDAP authentication is activated. All YunoHost users can authenticate. +* Single sign-on doesn't work. -`$ sudo yunohost app upgrade glitchsoc -u https://github.com/YunoHost-Apps/glitch-soc_ynh --debug ` +It seems important to close the inscriptions for your Glitch-Soc, so that it remains a private body. We invite you to block remote malicious instances from the administration interface. You can also add text on your home page. -### Administration avec tooctl -`$ (cd /var/www/glitchsoc/live && sudo -u glitchsoc RAILS_ENV=production PATH=/opt/rbenv/versions/glitchsoc/bin bin/tootctl --help)` -## Documentation +## Documentations et ressources - * Documentation officielle : https://glitch-soc.github.io/docs/ +* Site official de l'app : https://glitch-soc.github.io/docs/ -## Caractéristiques spécifiques YunoHost -#### Support multi-utilisateur - -L'authentification LDAP est activée. Tous les utilisateurs YunoHost peuvent s'authentifier. - -#### Architectures supportées - -* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/glitchsoc.svg)](https://ci-apps.yunohost.org/ci/apps/glitchsoc/) -* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/glitchsoc.svg)](https://ci-apps-arm.yunohost.org/ci/apps/glitchsoc/) - -## Liens - - * Signaler un bug : https://github.com/YunoHost-Apps/glitch-soc_ynh/issues - * Site de l'application : https://glitch-soc.github.io/docs/ - * Dépôt de l'application principale : https://github.com/glitch-soc/mastodon - * Site web YunoHost : https://yunohost.org/ - ---- +* Dépôt de code officiel de l'app: https://github.com/glitch-soc/mastodon +* Documentation YunoHost pour cette app: https://yunohost.org/app_glitchsoc +* Signaler un bug: https://github.com/YunoHost-Apps/glitchsoc_ynh/issues ## Informations pour les développeurs -Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/glitch-soc_ynh/tree/testing). +Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/glitchsoc_ynh/tree/testing). Pour essayer la branche testing, procédez comme suit. ``` -sudo yunohost app install https://github.com/YunoHost-Apps/glitch-soc_ynh/tree/testing --debug -ou -sudo yunohost app upgrade glitchsoc -u https://github.com/YunoHost-Apps/glitch-soc_ynh/tree/testing --debug +sudo yunohost app install https://github.com/YunoHost-Apps/glitchsoc_ynh/tree/testing --debug +or +sudo yunohost app upgrade glitchsoc -u https://github.com/YunoHost-Apps/glitchsoc_ynh/tree/testing --debug ``` + +**Plus d'infos sur le packaging d'applications:** https://yunohost.org/packaging_apps \ No newline at end of file diff --git a/conf/.env.production.sample b/conf/.env.production.sample index f41c4dc..57dcdbf 100644 --- a/conf/.env.production.sample +++ b/conf/.env.production.sample @@ -10,10 +10,37 @@ # ---------- LOCAL_DOMAIN=__DOMAIN__ +# Use this only if you need to run mastodon on a different domain than the one used for federation. +# You can read more about this option on https://github.com/tootsuite/documentation/blob/master/Running-Mastodon/Serving_a_different_domain.md +# DO *NOT* USE THIS UNLESS YOU KNOW *EXACTLY* WHAT YOU ARE DOING. +# WEB_DOMAIN=mastodon.example.com + +# Use this if you want to have several aliases handler@example1.com +# handler@example2.com etc. for the same user. LOCAL_DOMAIN should not +# be added. Comma separated values +# ALTERNATE_DOMAINS=example1.com,example2.com + +# Use HTTP proxy for outgoing request (optional) +# http_proxy=http://gateway.local:8118 +# Access control for hidden service. +# ALLOW_ACCESS_TO_HIDDEN_SERVICE=true + +# Authorized fetch mode (optional) +# Require remote servers to authentify when fetching toots, see +# https://docs.joinmastodon.org/admin/config/#authorized_fetch +# AUTHORIZED_FETCH=true + +# Limited federation mode (optional) +# Only allow federation with specific domains, see +# https://docs.joinmastodon.org/admin/config/#whitelist_mode +# LIMITED_FEDERATION_MODE=true + # Redis # ----- REDIS_HOST=localhost REDIS_PORT=6379 +REDIS_NAMESPACE=__REDIS_NAMESPACE__ + # PostgreSQL # ---------- @@ -23,26 +50,48 @@ DB_NAME=__DB_NAME__ DB_PASS=__DB_PWD__ DB_PORT=5432 + # ElasticSearch (optional) # ------------------------ -# ES_ENABLED=true -# ES_HOST=es -# ES_PORT=9200 +#ES_ENABLED=true +#ES_HOST=localhost +#ES_PORT=9200 + # Secrets # ------- -# Make sure to use `rake secret` to generate secrets +# Generate each with the `RAILS_ENV=production bundle exec rake secret` task (`docker-compose run --rm web bundle exec rake secret` if you use docker compose) # ------- SECRET_KEY_BASE=__SECRET_KEY_BASE__ OTP_SECRET=__OTP_SECRET__ # Web Push # -------- -# Generate with `rake mastodon:webpush:generate_vapid_key` +# Generate with `rake mastodon:webpush:generate_vapid_key` (first is the private key, second is the public one) +# You should only generate this once per instance. If you later decide to change it, all push subscription will +# be invalidated, requiring the users to access the website again to resubscribe. # -------- VAPID_PRIVATE_KEY=__VAPID_PRIVATE_KEY__ VAPID_PUBLIC_KEY=__VAPID_PUBLIC_KEY__ + +# Registrations +# ------------- + +# Single user mode will disable registrations and redirect frontpage to the first profile +# SINGLE_USER_MODE=true + +# Prevent registrations with following e-mail domains +# EMAIL_DOMAIN_DENYLIST=example1.com|example2.de|etc + +# Only allow registrations with the following e-mail domains +# EMAIL_DOMAIN_ALLOWLIST=example1.com|example2.de|etc + +#TODO move this +# Optionally change default language +DEFAULT_LOCALE=__LANGUAGE__ + + # Sending mail # ------------ SMTP_SERVER=localhost @@ -59,31 +108,62 @@ SMTP_OPENSSL_VERIFY_MODE=none #SMTP_ENABLE_STARTTLS_AUTO=true #SMTP_TLS=true -# Registrations -# ------------ -# Single user mode will disable registrations and redirect frontpage to the first profile -# SINGLE_USER_MODE=true -# Prevent registrations with following e-mail domains -# EMAIL_DOMAIN_BLACKLIST=example1.com|example2.de|etc -# Only allow registrations with the following e-mail domains -# EMAIL_DOMAIN_WHITELIST=example1.com|example2.de|etc - -# Optionally change default language -DEFAULT_LOCALE=__LANGUAGE__ - # File storage (optional) # ----------------------- -# S3_ENABLED=true -# S3_BUCKET= -# AWS_ACCESS_KEY_ID= -# AWS_SECRET_ACCESS_KEY= -# S3_REGION= -# S3_PROTOCOL=http -# S3_HOSTNAME=192.168.1.123:9000 +# The attachment host must allow cross origin request from WEB_DOMAIN or +# LOCAL_DOMAIN if WEB_DOMAIN is not set. For example, the server may have the +# following header field: +# Access-Control-Allow-Origin: https://192.168.1.123:9000/ +# ----------------------- +#S3_ENABLED=true +#S3_BUCKET=files.example.com +#AWS_ACCESS_KEY_ID= +#AWS_SECRET_ACCESS_KEY= +#S3_ALIAS_HOST=files.example.com + +# Swift (optional) +# The attachment host must allow cross origin request - see the description +# above. +# SWIFT_ENABLED=true +# SWIFT_USERNAME= +# For Keystone V3, the value for SWIFT_TENANT should be the project name +# SWIFT_TENANT= +# SWIFT_PASSWORD= +# Some OpenStack V3 providers require PROJECT_ID (optional) +# SWIFT_PROJECT_ID= +# Keystone V2 and V3 URLs are supported. Use a V3 URL if possible to avoid +# issues with token rate-limiting during high load. +# SWIFT_AUTH_URL= +# SWIFT_CONTAINER= +# SWIFT_OBJECT_URL= +# SWIFT_REGION= +# Defaults to 'default' +# SWIFT_DOMAIN_NAME= +# Defaults to 60 seconds. Set to 0 to disable +# SWIFT_CACHE_TTL= + +# Optional asset host for multi-server setups +# The asset host must allow cross origin request from WEB_DOMAIN or LOCAL_DOMAIN +# if WEB_DOMAIN is not set. For example, the server may have the +# following header field: +# Access-Control-Allow-Origin: https://example.com/ +# CDN_HOST=https://assets.example.com + +# Optional list of hosts that are allowed to serve media for your instance +# This is useful if you include external media in your custom CSS or about page, +# or if your data storage provider makes use of redirects to other domains. +# EXTRA_DATA_HOSTS=https://data.example1.com|https://data.example2.com + +# Optional alias for S3 (e.g. to serve files on a custom domain, possibly using Cloudfront or Cloudflare) # S3_ALIAS_HOST= +# Streaming API integration +# STREAMING_API_BASE_URL= + + +# External authentication (optional) +# ---------------------------------- # LDAP authentication (optional) -# ----------------------- LDAP_ENABLED=true LDAP_HOST=localhost LDAP_PORT=389 @@ -98,3 +178,109 @@ LDAP_UID_CONVERSION_ENABLED=true LDAP_UID_CONVERSION_SEARCH=., - LDAP_UID_CONVERSION_REPLACE=_ LDAP_TLS_NO_VERIFY=true + +# PAM authentication (optional) +# PAM authentication uses for the email generation the "email" pam variable +# and optional as fallback PAM_DEFAULT_SUFFIX +# The pam environment variable "email" is provided by: +# https://github.com/devkral/pam_email_extractor +# PAM_ENABLED=true +# Fallback email domain for email address generation (LOCAL_DOMAIN by default) +# PAM_EMAIL_DOMAIN=example.com +# Name of the pam service (pam "auth" section is evaluated) +# PAM_DEFAULT_SERVICE=rpam +# Name of the pam service used for checking if an user can register (pam "account" section is evaluated) (nil (disabled) by default) +# PAM_CONTROLLED_SERVICE=rpam + +# Global OAuth settings (optional) : +# If you have only one strategy, you may want to enable this +# OAUTH_REDIRECT_AT_SIGN_IN=true + +# Optional CAS authentication (cf. omniauth-cas) : +# CAS_ENABLED=true +# CAS_URL=https://sso.myserver.com/ +# CAS_HOST=sso.myserver.com/ +# CAS_PORT=443 +# CAS_SSL=true +# CAS_VALIDATE_URL= +# CAS_CALLBACK_URL= +# CAS_LOGOUT_URL= +# CAS_LOGIN_URL= +# CAS_UID_FIELD='user' +# CAS_CA_PATH= +# CAS_DISABLE_SSL_VERIFICATION=false +# CAS_UID_KEY='user' +# CAS_NAME_KEY='name' +# CAS_EMAIL_KEY='email' +# CAS_NICKNAME_KEY='nickname' +# CAS_FIRST_NAME_KEY='firstname' +# CAS_LAST_NAME_KEY='lastname' +# CAS_LOCATION_KEY='location' +# CAS_IMAGE_KEY='image' +# CAS_PHONE_KEY='phone' + +# Optional SAML authentication (cf. omniauth-saml) +# SAML_ENABLED=true +# SAML_ACS_URL=http://localhost:3000/auth/auth/saml/callback +# SAML_ISSUER=https://example.com +# SAML_IDP_SSO_TARGET_URL=https://idp.testshib.org/idp/profile/SAML2/Redirect/SSO +# SAML_IDP_CERT= +# SAML_IDP_CERT_FINGERPRINT= +# SAML_NAME_IDENTIFIER_FORMAT= +# SAML_CERT= +# SAML_PRIVATE_KEY= +# SAML_SECURITY_WANT_ASSERTION_SIGNED=true +# SAML_SECURITY_WANT_ASSERTION_ENCRYPTED=true +# SAML_SECURITY_ASSUME_EMAIL_IS_VERIFIED=true +# SAML_ATTRIBUTES_STATEMENTS_UID="urn:oid:0.9.2342.19200300.100.1.1" +# SAML_ATTRIBUTES_STATEMENTS_EMAIL="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" +# SAML_ATTRIBUTES_STATEMENTS_FULL_NAME="urn:oid:2.16.840.1.113730.3.1.241" +# SAML_ATTRIBUTES_STATEMENTS_FIRST_NAME="urn:oid:2.5.4.42" +# SAML_ATTRIBUTES_STATEMENTS_LAST_NAME="urn:oid:2.5.4.4" +# SAML_UID_ATTRIBUTE="urn:oid:0.9.2342.19200300.100.1.1" +# SAML_ATTRIBUTES_STATEMENTS_VERIFIED= +# SAML_ATTRIBUTES_STATEMENTS_VERIFIED_EMAIL= + + +# Custom settings +# --------------- +# Various ways to customize Mastodon's behavior +# --------------- + +# Maximum allowed character count +MAX_TOOT_CHARS=500 + +# Maximum number of pinned posts +MAX_PINNED_TOOTS=5 + +# Maximum allowed bio characters +MAX_BIO_CHARS=500 + +# Maximim number of profile fields allowed +MAX_PROFILE_FIELDS=4 + +# Maximum allowed display name characters +MAX_DISPLAY_NAME_CHARS=30 + +# Maximum allowed poll options +MAX_POLL_OPTIONS=5 + +# Maximum allowed poll option characters +MAX_POLL_OPTION_CHARS=100 + +# Maximum image and video/audio upload sizes +# Units are in bytes +# 1048576 bytes equals 1 megabyte +# MAX_IMAGE_SIZE=8388608 +# MAX_VIDEO_SIZE=41943040 + +# Maximum search results to display +# Only relevant when elasticsearch is installed +# MAX_SEARCH_RESULTS=20 + +# Maximum custom emoji file sizes +# If undefined or smaller than MAX_EMOJI_SIZE, the value +# of MAX_EMOJI_SIZE will be used for MAX_REMOTE_EMOJI_SIZE +# Units are in bytes +MAX_EMOJI_SIZE=51200 +MAX_REMOTE_EMOJI_SIZE=204800 diff --git a/conf/app.src b/conf/app.src index 4ac0034..906ff25 100644 --- a/conf/app.src +++ b/conf/app.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://github.com/glitch-soc/mastodon/archive/df326b8b5c0659edb2aca77690a892f228b0e099.tar.gz -SOURCE_SUM=9791bd00b76653908fd0d66533e5b31eecff6759f77794e8b64a4ebe2fe3ae50 +SOURCE_URL=https://github.com/glitch-soc/mastodon/archive/678e07c54485c6cc61b2ac18aa5ceaa290a6fcbd.tar.gz +SOURCE_SUM=4c970c6af2dc9652a1374c3d70c3ea5256ea4e04a76aa206ebbf9a3516fcbc64 SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md new file mode 100644 index 0000000..137b30a --- /dev/null +++ b/doc/DISCLAIMER.md @@ -0,0 +1,8 @@ +Glitch-Soc is beta software, and under active development. Use at your own risk! + +* This app require a dedicated domain or subdomain. +* The user choosen during the installation is created in Glitch-Soc with admin rights. +* LDAP authentication is activated. All YunoHost users can authenticate. +* Single sign-on doesn't work. + +It seems important to close the inscriptions for your Glitch-Soc, so that it remains a private body. We invite you to block remote malicious instances from the administration interface. You can also add text on your home page. diff --git a/issue_template.md b/issue_template.md index 07fe1ff..f7c22d8 100644 --- a/issue_template.md +++ b/issue_template.md @@ -8,7 +8,7 @@ about: When creating a bug report, please use the following template to provide 1. *Read this whole template first.* 2. *Determine if you are on the right place:* - *If you were performing an action on the app from the webadmin or the CLI (install, update, backup, restore, change_url...), you are on the right place!* - - *Otherwise, the issue may be due to Glich-Soc itself. Refer to its documentation or repository for help.* + - *Otherwise, the issue may be due to Glitch-Soc itself. Refer to its documentation or repository for help.* - *When in doubt, post here and we will figure it out together.* 3. *Delete the italic comments as you write over them below, and remove this guide.* --- diff --git a/manifest.json b/manifest.json index 9537ef6..8108fa2 100644 --- a/manifest.json +++ b/manifest.json @@ -1,29 +1,24 @@ { - "name": "Glich-Soc", + "name": "Glitch-Soc", "id": "glitchsoc", "packaging_format": 1, "description": { - "en": "A libre and federated social network.", - "fr": "Un réseau social libre et fédéré." + "en": "A libre and federated social network, fork of Mastodon.", + "fr": "Un réseau social libre et fédéré, scission de Mastodon." }, - "version": "2021-04-11-ynh3", + "version": "3.4.0-rc2~ynh1", "url": "https://github.com/glitch-soc/mastodon", + "upstream": { + "license": "free", + "website": "https://glitch-soc.github.io/docs/", + "code": "https://github.com/glitch-soc/mastodon" + }, "license": "AGPL-3.0-or-later", "maintainer": { - "name": "" + "name": "Tagada" }, - "previous_maintainer": [ - { - "name": "cyp", - "email": "cyp@rouquin.me" - }, - { - "name": "nemsia", - "email": "nemsia@nemsia.org" - } - ], "requirements": { - "yunohost": ">= 4.1.7" + "yunohost": ">= 4.2.0" }, "multi_instance": true, "services": [ diff --git a/scripts/install b/scripts/install index 47f636e..412b0f6 100644 --- a/scripts/install +++ b/scripts/install @@ -162,6 +162,9 @@ config="$final_path/live/.env.production" language="$(echo $language | head -c 2)" +redis_namespace=${app}_production +ynh_app_setting_set --app="$app" --key=redis_namespace --value="$redis_namespace" + secret_key_base=$(ynh_string_random --length=128) ynh_app_setting_set --app="$app" --key=secret_key_base --value="$secret_key_base" @@ -190,14 +193,14 @@ chown $app:$app "$final_path/live/config/settings.yml" ynh_script_progression --message="Configuring a systemd service..." # Create a dedicated systemd config -ynh_add_systemd_config --service="$app-web" --template="glitchsoc-web.service" --others_var="port_web RBENV_ROOT" -ynh_add_systemd_config --service="$app-sidekiq" --template="glitchsoc-sidekiq.service" --others_var="RBENV_ROOT" -ynh_add_systemd_config --service="$app-streaming" --template="glitchsoc-streaming.service" --others_var="port_stream ynh_node_load_PATH ynh_node" +ynh_add_systemd_config --service="$app-web" --template="glitchsoc-web.service" +ynh_add_systemd_config --service="$app-sidekiq" --template="glitchsoc-sidekiq.service" +ynh_add_systemd_config --service="$app-streaming" --template="glitchsoc-streaming.service" #================================================= # INSTALLING GLITCH-SOC #================================================= -ynh_script_progression --message="Installing Glich-Soc..." +ynh_script_progression --message="Installing Glitch-Soc..." pushd "$final_path/live" sudo -u $app $ynh_ruby_load_path bin/bundle config deployment 'true' diff --git a/scripts/upgrade b/scripts/upgrade index 3f8bc7f..27d29a7 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -23,6 +23,7 @@ path_url=$(ynh_app_setting_get --app=$app --key=path) admin=$(ynh_app_setting_get --app=$app --key=admin) final_path=$(ynh_app_setting_get --app=$app --key=final_path) language=$(ynh_app_setting_get --app=$app --key=language) +redis_namespace=$(ynh_app_setting_get --app=$app --key=db_name) db_name=$(ynh_app_setting_get --app=$app --key=db_name) db_user=$(ynh_sanitize_dbid --db_name=$app) db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd) @@ -85,6 +86,12 @@ fi # Remove paperclip_secret ynh_app_setting_delete --app=$app --key=paperclip_secret +# If redis_namespace doesn't exist, create it +if [[ -z "$redis_namespace" ]]; then + redis_namespace=${app}_production + ynh_app_setting_set --app=$app --key=redis_namespace --value=$redis_namespace +fi + # If secret_key_base doesn't exist, retrieve it or create it if [[ -z "$secret_key_base" ]]; then secret_key_base=$(grep -oP "SECRET_KEY_BASE=\K\w+" $config) @@ -156,7 +163,7 @@ if [ "$upgrade_type" == "UPGRADE_APP" ] then ynh_script_progression --message="Upgrading source files..." - # Download Glich-Soc + # Download Glitch-Soc tmpdir="$(mktemp -d)" mkdir $tmpdir/system @@ -247,14 +254,14 @@ chown $app:$app "$config" ynh_script_progression --message="Upgrading systemd configuration..." # Create a dedicated systemd config -ynh_add_systemd_config --service="$app-web" --template="glitchsoc-web.service" --others_var="port_web RBENV_ROOT" -ynh_add_systemd_config --service="$app-sidekiq" --template="glitchsoc-sidekiq.service" --others_var="RBENV_ROOT" -ynh_add_systemd_config --service="$app-streaming" --template="glitchsoc-streaming.service" --others_var="port_stream ynh_node_load_PATH ynh_node" +ynh_add_systemd_config --service="$app-web" --template="glitchsoc-web.service" +ynh_add_systemd_config --service="$app-sidekiq" --template="glitchsoc-sidekiq.service" +ynh_add_systemd_config --service="$app-streaming" --template="glitchsoc-streaming.service" #================================================= # UPGRADE GLITCH-SOC #================================================= -ynh_script_progression --message="Upgrading Glich-Soc..." +ynh_script_progression --message="Upgrading Glitch-Soc..." pushd "$final_path/live" sudo -u $app $ynh_ruby_load_path bin/bundle config deployment 'true' diff --git a/scripts/ynh_install_ruby__2 b/scripts/ynh_install_ruby__2 index fae1755..b12ab74 100644 --- a/scripts/ynh_install_ruby__2 +++ b/scripts/ynh_install_ruby__2 @@ -12,6 +12,7 @@ rbenv_install_dir="/opt/rbenv" ruby_version_path="$rbenv_install_dir/versions" # RBENV_ROOT is the directory of rbenv, it needs to be loaded as a environment variable. export RBENV_ROOT="$rbenv_install_dir" +export rbenv_root="$rbenv_install_dir" # Load the version of Ruby for an app, and set variables. #