From 51f2e913771f94a3e11b040d6bd4f3fe453aaf6b Mon Sep 17 00:00:00 2001
From: Tagada <36127788+Tagadda@users.noreply.github.com>
Date: Fri, 5 Jul 2024 21:10:09 +0200
Subject: [PATCH] Adds new env variables required by mastodon

---
 conf/.env.production.sample |  3 +++
 scripts/install             |  9 +++++++++
 scripts/upgrade             | 11 +++++++++++
 3 files changed, 23 insertions(+)

diff --git a/conf/.env.production.sample b/conf/.env.production.sample
index 4bd4d52..bf8ade3 100644
--- a/conf/.env.production.sample
+++ b/conf/.env.production.sample
@@ -80,6 +80,9 @@ OTP_SECRET=__OTP_SECRET__
 VAPID_PRIVATE_KEY=__VAPID_PRIVATE_KEY__
 VAPID_PUBLIC_KEY=__VAPID_PUBLIC_KEY__
 
+ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY=__ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY__
+ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=__ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY__
+ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=__ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT__
 
 # Registrations
 # -------------
diff --git a/scripts/install b/scripts/install
index 94f9a2f..7536183 100644
--- a/scripts/install
+++ b/scripts/install
@@ -50,6 +50,15 @@ ynh_app_setting_set --app="$app" --key=secret_key_base --value="$secret_key_base
 otp_secret=$(ynh_string_random --length=128)
 ynh_app_setting_set --app="$app" --key=otp_secret --value="$otp_secret"
 
+active_record_encryption_primary_key=$(ynh_string_random --length=32)
+ynh_app_setting_set --app="$app" --key=active_record_encryption_primary_key --value="$active_record_encryption_primary_key"
+
+active_record_encryption_deterministic_key=$(ynh_string_random --length=32)
+ynh_app_setting_set --app="$app" --key=active_record_encryption_deterministic_key --value="$active_record_encryption_deterministic_key"
+
+active_record_encryption_key_derivation_salt=$(ynh_string_random --length=32)
+ynh_app_setting_set --app="$app" --key=active_record_encryption_key_derivation_salt --value="$active_record_encryption_key_derivation_salt"
+
 #=================================================
 # INSTALL DEPENDENCIES
 #=================================================
diff --git a/scripts/upgrade b/scripts/upgrade
index 76db4f9..3b5ee1e 100644
--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -24,6 +24,17 @@ fi
 #Remove previous added repository
 ynh_remove_extra_repo
 
+if ynh_compare_current_package_version --comparison lt --version 2024.05.01~ynh1; then
+	active_record_encryption_primary_key=$(ynh_string_random --length=32)
+	ynh_app_setting_set --app="$app" --key=active_record_encryption_primary_key --value="$active_record_encryption_primary_key"
+
+	active_record_encryption_deterministic_key=$(ynh_string_random --length=32)
+	ynh_app_setting_set --app="$app" --key=active_record_encryption_deterministic_key --value="$active_record_encryption_deterministic_key"
+
+	active_record_encryption_key_derivation_salt=$(ynh_string_random --length=32)
+	ynh_app_setting_set --app="$app" --key=active_record_encryption_key_derivation_salt --value="$active_record_encryption_key_derivation_salt"
+fi
+
 #=================================================
 # STOP SYSTEMD SERVICE
 #=================================================