2017-04-08 04:04:27 +02:00
|
|
|
#!/bin/bash
|
|
|
|
|
2018-04-06 21:01:26 +02:00
|
|
|
#=================================================
|
|
|
|
# GENERIC START
|
|
|
|
#=================================================
|
|
|
|
# IMPORT GENERIC HELPERS
|
|
|
|
#=================================================
|
2017-04-08 04:04:27 +02:00
|
|
|
|
2018-04-06 21:01:26 +02:00
|
|
|
source _common.sh
|
|
|
|
source /usr/share/yunohost/helpers
|
2017-04-08 04:04:27 +02:00
|
|
|
|
2018-04-06 21:01:26 +02:00
|
|
|
#=================================================
|
|
|
|
# MANAGE SCRIPT FAILURE
|
|
|
|
#=================================================
|
|
|
|
|
|
|
|
# Exit if an error occurs during the execution of the script
|
|
|
|
ynh_abort_if_errors
|
|
|
|
|
|
|
|
|
|
|
|
#=================================================
|
|
|
|
# RETRIEVE ARGUMENTS FROM THE MANIFEST
|
|
|
|
#================================================
|
2017-04-08 04:04:27 +02:00
|
|
|
|
|
|
|
domain=$YNH_APP_ARG_DOMAIN
|
|
|
|
admin_mastodon=$YNH_APP_ARG_ADMIN
|
2017-05-08 11:06:33 +02:00
|
|
|
admin_mastodon_mail=$(ynh_user_get_info $admin_mastodon 'mail')
|
2017-04-13 17:19:53 +02:00
|
|
|
admin_pass=$YNH_APP_ARG_PASSWD
|
2017-04-15 04:20:28 +02:00
|
|
|
language=$YNH_APP_ARG_LANGUAGE
|
2017-04-08 04:04:27 +02:00
|
|
|
|
2018-04-06 21:01:26 +02:00
|
|
|
path_url="/"
|
|
|
|
|
2017-04-08 04:04:27 +02:00
|
|
|
app=$YNH_APP_INSTANCE_NAME
|
|
|
|
|
2018-04-06 21:01:26 +02:00
|
|
|
#=================================================
|
|
|
|
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
|
|
|
|
#=================================================
|
2017-04-08 04:04:27 +02:00
|
|
|
|
2018-04-06 21:01:26 +02:00
|
|
|
final_path=/var/www/$app
|
|
|
|
test ! -e "$final_path" || ynh_die "This path already contains a folder"
|
2017-04-08 04:04:27 +02:00
|
|
|
|
2018-04-06 21:01:26 +02:00
|
|
|
[[ ${#admin_pass} -gt 7 ]] || ynh_die "Password is too weak, must be longer than 7 characters"
|
2017-04-08 04:04:27 +02:00
|
|
|
|
2018-04-06 21:01:26 +02:00
|
|
|
# Normalize the url path syntax
|
|
|
|
path_url=$(ynh_normalize_url_path $path_url)
|
|
|
|
|
|
|
|
# Check web path availability
|
|
|
|
ynh_webpath_available $domain $path_url
|
|
|
|
# Register (book) web path
|
|
|
|
ynh_webpath_register $app $domain $path_url
|
|
|
|
|
|
|
|
#=================================================
|
|
|
|
# STORE SETTINGS FROM MANIFEST
|
|
|
|
#=================================================
|
2017-04-08 04:04:27 +02:00
|
|
|
|
|
|
|
ynh_app_setting_set $app domain $domain
|
|
|
|
ynh_app_setting_set $app admin $admin_mastodon
|
2017-04-13 17:19:53 +02:00
|
|
|
ynh_app_setting_set $app pass $admin_pass
|
2017-04-15 04:20:28 +02:00
|
|
|
ynh_app_setting_set $app language $language
|
2018-04-06 21:01:26 +02:00
|
|
|
ynh_app_setting_set $app path $path_url
|
2017-04-08 04:04:27 +02:00
|
|
|
|
|
|
|
|
2018-04-06 21:01:26 +02:00
|
|
|
#=================================================
|
|
|
|
# STANDARD MODIFICATIONS
|
|
|
|
#=================================================
|
2017-04-08 04:04:27 +02:00
|
|
|
|
|
|
|
|
2018-04-06 21:01:26 +02:00
|
|
|
#=================================================
|
|
|
|
# INSTALL DEPENDENCIES
|
|
|
|
#=================================================
|
2017-04-08 04:04:27 +02:00
|
|
|
|
2018-04-06 21:01:26 +02:00
|
|
|
# TODO: add in a clean way backports and yarn
|
2017-04-08 04:04:27 +02:00
|
|
|
|
2017-06-07 20:42:42 +02:00
|
|
|
# Import debian archive pubkey, need on ARM arch
|
|
|
|
arch=$(uname -m)
|
|
|
|
if [[ $arch = arm* ]]; then
|
2018-04-06 21:01:26 +02:00
|
|
|
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 8B48AD6246925553
|
|
|
|
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 7638D0442B90D010
|
2017-06-07 20:42:42 +02:00
|
|
|
fi
|
|
|
|
|
2017-04-11 15:22:54 +02:00
|
|
|
# Install source.list debian package backports & yarn
|
2018-04-06 21:01:26 +02:00
|
|
|
cp ../conf/backports.list /etc/apt/sources.list.d/
|
|
|
|
curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add -
|
|
|
|
cp ../conf/yarn.list /etc/apt/sources.list.d/
|
2017-04-08 04:04:27 +02:00
|
|
|
ynh_package_update
|
2017-04-11 15:22:54 +02:00
|
|
|
|
2017-04-08 04:04:27 +02:00
|
|
|
# Creates the destination directory and stores its location.
|
|
|
|
ynh_app_setting_set $app final_path $final_path
|
|
|
|
|
|
|
|
# Install de Node.js
|
2018-04-06 21:01:26 +02:00
|
|
|
# TODO: use https://github.com/YunoHost-Apps/Experimental_helpers/blob/master/ynh_install_nodejs/ynh_install_nodejs
|
|
|
|
(
|
|
|
|
cd /opt
|
|
|
|
curl -sL https://deb.nodesource.com/setup_6.x | bash -
|
|
|
|
apt-get -y install nodejs
|
|
|
|
)
|
|
|
|
|
|
|
|
# TODO: use the same mecanism with other files
|
|
|
|
ynh_install_app_dependencies \
|
|
|
|
`# debian packages ` \
|
|
|
|
imagemagick libpq-dev libxml2-dev libxslt1-dev file curl apt-transport-https pkg-config libprotobuf-dev protobuf-compiler libicu-dev libidn11-dev \
|
|
|
|
`# redis ` \
|
|
|
|
redis-server redis-tools \
|
|
|
|
`# postgresql ` \
|
|
|
|
postgresql postgresql-contrib postgresql-server-dev-9.4 \
|
|
|
|
`# Ruby ` \
|
|
|
|
autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm3 libgdbm-dev \
|
|
|
|
`# ffmpeg from backports ` \
|
|
|
|
ffmpeg \
|
|
|
|
`# Yarn ` \
|
|
|
|
yarn
|
|
|
|
|
|
|
|
#=================================================
|
|
|
|
# CREATE A DATABASE
|
|
|
|
#=================================================
|
|
|
|
|
|
|
|
# TODO: use non-official https://github.com/YunoHost-Apps/Experimental_helpers/blob/master/postgres/postgres
|
|
|
|
# TODO: this commands doesn't looks like a requirement, you may fully remove it
|
2017-04-11 12:00:33 +02:00
|
|
|
# Set UTF8 encoding by default
|
2018-04-06 21:01:26 +02:00
|
|
|
su -c "psql" postgres <<< \
|
2017-04-29 16:00:41 +02:00
|
|
|
"update pg_database set datistemplate='false' where datname='template1';"
|
2018-04-06 21:01:26 +02:00
|
|
|
su -c "psql" postgres <<< \
|
2017-04-29 16:00:41 +02:00
|
|
|
"drop database template1;"
|
2018-04-06 21:01:26 +02:00
|
|
|
su -c "psql" postgres <<< \
|
2017-04-29 16:00:41 +02:00
|
|
|
"create database template1 encoding='UTF8' template template0;"
|
2018-04-06 21:01:26 +02:00
|
|
|
su -c "psql" postgres <<< \
|
2017-04-29 16:00:41 +02:00
|
|
|
"update pg_database set datistemplate='true' where datname='template1';"
|
2017-04-08 04:04:27 +02:00
|
|
|
|
2017-04-10 04:55:10 +02:00
|
|
|
# Create DB without password
|
2017-04-11 13:54:13 +02:00
|
|
|
ynh_psql_create_db_without_password "$app"
|
2018-04-06 21:01:26 +02:00
|
|
|
systemctl restart postgresql
|
|
|
|
|
|
|
|
#=================================================
|
|
|
|
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
|
|
|
#=================================================
|
2017-04-11 13:54:13 +02:00
|
|
|
|
2018-04-06 21:01:26 +02:00
|
|
|
# TODO: dont su as $app, work root and set corrects rights at the end of install
|
2017-04-28 18:02:28 +02:00
|
|
|
# Download all sources rbenv, ruby and mastodon
|
2018-04-06 21:01:26 +02:00
|
|
|
(
|
|
|
|
su $app
|
|
|
|
git clone https://github.com/rbenv/rbenv.git $final_path/.rbenv
|
|
|
|
git clone https://github.com/rbenv/ruby-build.git $final_path/.rbenv/plugins/ruby-build
|
|
|
|
git clone https://github.com/tootsuite/mastodon.git $final_path/live
|
|
|
|
)
|
|
|
|
|
|
|
|
#=================================================
|
|
|
|
# NGINX CONFIGURATION
|
|
|
|
#=================================================
|
|
|
|
|
|
|
|
# TODO: use official helper
|
|
|
|
# Modify Nginx configuration file and copy it to Nginx conf directory
|
|
|
|
sed -i "s@__PATH__@$app@g" ../conf/nginx.conf*
|
|
|
|
sed -i "s@__FINALPATH__@$final_path@g" ../conf/nginx.conf*
|
|
|
|
cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf
|
|
|
|
|
|
|
|
#=================================================
|
|
|
|
# CREATE DEDICATED USER
|
|
|
|
#=================================================
|
|
|
|
|
|
|
|
# TODO: use official helper
|
|
|
|
# TODO: AFAIK, no app should change should be in /opt don't use it
|
|
|
|
# Create user unix
|
|
|
|
adduser $app --home /opt/$app --gecos "First Last,RoomNumber,WorkPhone,HomePhone" --disabled-password --disabled-login
|
2017-04-10 16:01:13 +02:00
|
|
|
|
2017-05-08 15:33:08 +02:00
|
|
|
# Switch branch to tagged release
|
2017-04-30 00:53:56 +02:00
|
|
|
cd $final_path/live
|
2017-10-11 21:43:29 +02:00
|
|
|
version=$(curl -s https://api.github.com/repos/tootsuite/mastodon/releases/latest | grep tag_name | cut -d\" -f4)
|
2017-04-29 23:58:25 +02:00
|
|
|
|
2018-04-06 21:01:26 +02:00
|
|
|
(
|
|
|
|
su $app
|
|
|
|
cd ~/live
|
|
|
|
git checkout $version
|
|
|
|
)
|
2017-04-10 21:13:13 +02:00
|
|
|
|
2017-04-08 04:04:27 +02:00
|
|
|
# Install de rbenv
|
2018-04-06 21:01:26 +02:00
|
|
|
(
|
|
|
|
su $app
|
|
|
|
cd ~/.rbenv
|
|
|
|
src/configure && make -C src
|
|
|
|
echo 'export PATH="/opt/mastodon/.rbenv/bin:/opt/mastodon/live/bin:$PATH"' >> ~/.profile
|
|
|
|
echo 'export PATH="/opt/mastodon/.rbenv/bin:/opt/mastodon/live/bin:$PATH"' >> ~/.bashrc
|
|
|
|
echo 'eval "\$(rbenv init -)"' >> ~/.profile
|
|
|
|
)
|
2017-04-08 04:04:27 +02:00
|
|
|
|
2017-04-09 03:26:55 +02:00
|
|
|
# Install ruby-build
|
2018-04-06 21:01:26 +02:00
|
|
|
# TODO: /opt/mastodon looks like /opt/$app which is WRONG.
|
|
|
|
(
|
|
|
|
su $app
|
|
|
|
/opt/mastodon/.rbenv/bin/rbenv install 2.5.0
|
|
|
|
/opt/mastodon/.rbenv/versions/2.5.0/bin/ruby -v
|
|
|
|
)
|
2017-04-08 04:04:27 +02:00
|
|
|
|
2017-04-09 16:32:12 +02:00
|
|
|
# Create symlink for ruby
|
2018-04-06 21:01:26 +02:00
|
|
|
rm /usr/bin/ruby || true
|
|
|
|
ln -s /opt/mastodon/.rbenv/versions/2.5.0/bin/ruby /usr/bin/ruby || true
|
2017-04-09 16:32:12 +02:00
|
|
|
|
2017-04-10 21:13:13 +02:00
|
|
|
# Install Mastodon
|
2018-04-06 21:01:26 +02:00
|
|
|
# TODO: /opt/mastodon looks like /opt/$app which is WRONG.
|
|
|
|
(
|
|
|
|
su $app
|
|
|
|
cd ~/live
|
|
|
|
/opt/mastodon/.rbenv/versions/2.5.0/bin/gem install bundler
|
|
|
|
bin/bundle install --deployment --without development test
|
|
|
|
yarn install --production
|
|
|
|
)
|
2017-04-08 04:04:27 +02:00
|
|
|
|
|
|
|
# Adjust Mastodon config
|
2018-04-06 21:01:26 +02:00
|
|
|
# TODO: use official helper: ynh_replace_string
|
|
|
|
cp -a $final_path/live/.env.production.sample $final_path/live/.env.production
|
|
|
|
sed -i "s@REDIS_HOST=redis@REDIS_HOST=127.0.0.1@g" "${final_path}/live/.env.production"
|
|
|
|
sed -i "s@DB_HOST=db@DB_HOST=/var/run/postgresql@g" "${final_path}/live/.env.production"
|
|
|
|
sed -i "s@DB_USER=postgres@DB_USER=${app}@g" "${final_path}/live/.env.production"
|
|
|
|
sed -i "s@DB_NAME=postgres@DB_NAME=${app}_production@g" "${final_path}/live/.env.production"
|
|
|
|
sed -i "s@LOCAL_DOMAIN=example.com@LOCAL_DOMAIN=${domain}@g" "${final_path}/live/.env.production"
|
2017-04-08 04:04:27 +02:00
|
|
|
|
2017-04-15 04:20:28 +02:00
|
|
|
language="$(echo $language | head -c 2)"
|
2018-04-06 21:01:26 +02:00
|
|
|
sed -i "s@# DEFAULT_LOCALE=de@DEFAULT_LOCALE=${language}@g" "${final_path}/live/.env.production"
|
2017-04-15 04:20:28 +02:00
|
|
|
|
2017-04-19 02:37:40 +02:00
|
|
|
paperclip_secret=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128)
|
|
|
|
secret_key_base=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128)
|
|
|
|
otp_secret=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128)
|
2018-04-06 21:01:26 +02:00
|
|
|
sed -i "s@PAPERCLIP_SECRET=@PAPERCLIP_SECRET=${paperclip_secret}@g" "${final_path}/live/.env.production"
|
|
|
|
sed -i "s@SECRET_KEY_BASE=@SECRET_KEY_BASE=${secret_key_base}@g" "${final_path}/live/.env.production"
|
|
|
|
sed -i "s@OTP_SECRET=@OTP_SECRET=${otp_secret}@g" "${final_path}/live/.env.production"
|
|
|
|
|
|
|
|
sed -i "s@SMTP_LOGIN=@#SMTP_LOGIN=@g" "${final_path}/live/.env.production"
|
|
|
|
sed -i "s@SMTP_PASSWORD=@#SMTP_PASSWORD=@g" "${final_path}/live/.env.production"
|
|
|
|
sed -i "s@SMTP_SERVER=smtp.mailgun.org@SMTP_SERVER=localhost@g" "${final_path}/live/.env.production"
|
|
|
|
sed -i "s@SMTP_PORT=587@SMTP_PORT=25@g" "${final_path}/live/.env.production"
|
|
|
|
sed -i 's,SMTP_FROM_ADDRESS=notifications@example.com,SMTP_FROM_ADDRESS='${admin_mastodon}'@'${domain}',' "${final_path}/live/.env.production"
|
|
|
|
sed -i "s@#SMTP_AUTH_METHOD=plain@SMTP_AUTH_METHOD=none@g" "${final_path}/live/.env.production"
|
|
|
|
sed -i "s@#SMTP_OPENSSL_VERIFY_MODE=peer@SMTP_OPENSSL_VERIFY_MODE=none@g" "${final_path}/live/.env.production"
|
|
|
|
|
2017-04-09 03:26:55 +02:00
|
|
|
# Preconfig CSS & JS
|
2018-04-06 21:01:26 +02:00
|
|
|
(
|
|
|
|
su $app
|
|
|
|
cd ~/live
|
|
|
|
echo "SAFETY_ASSURED=1">> .env.production
|
|
|
|
RAILS_ENV=production bin/bundle exec rails db:setup
|
|
|
|
RAILS_ENV=production bin/bundle exec rails --trace assets:precompile
|
|
|
|
)
|
2017-04-08 04:04:27 +02:00
|
|
|
|
2017-04-13 01:38:09 +02:00
|
|
|
# init rbenv & create bundle
|
2018-04-06 21:01:26 +02:00
|
|
|
(
|
|
|
|
su $app
|
|
|
|
. ~/.profile
|
|
|
|
type rbenv
|
|
|
|
)
|
|
|
|
|
|
|
|
# TODO: use official helper ynh_add_systemd_config
|
|
|
|
cp ../conf/mastodon-web.service /etc/systemd/system/mastodon-web.service
|
|
|
|
chown root: /etc/systemd/system/mastodon-web.service
|
|
|
|
cp ../conf/mastodon-sidekiq.service /etc/systemd/system/mastodon-sidekiq.service
|
|
|
|
chown root: /etc/systemd/system/mastodon-sidekiq.service
|
|
|
|
cp ../conf/mastodon-streaming.service /etc/systemd/system/mastodon-streaming.service
|
|
|
|
chown root: /etc/systemd/system/mastodon-streaming.service
|
|
|
|
|
|
|
|
systemctl daemon-reload
|
|
|
|
systemctl enable /etc/systemd/system/mastodon-*.service
|
|
|
|
systemctl start mastodon-web.service mastodon-sidekiq.service mastodon-streaming.service
|
2017-04-11 15:22:54 +02:00
|
|
|
# debug
|
2018-04-06 21:01:26 +02:00
|
|
|
systemctl status mastodon-web.service mastodon-sidekiq.service mastodon-streaming.service
|
2017-04-09 03:26:55 +02:00
|
|
|
|
2017-04-30 03:00:02 +02:00
|
|
|
# Create user
|
2018-04-06 21:01:26 +02:00
|
|
|
(
|
|
|
|
su $app
|
|
|
|
cd ~/live
|
|
|
|
RAILS_ENV=production bundle exec rails c
|
|
|
|
account = Account.create!(username: '$admin_mastodon')
|
|
|
|
user = User.create!(email: '$admin_mastodon_mail', password: '$admin_pass', account: account)
|
|
|
|
)
|
2017-04-30 03:00:02 +02:00
|
|
|
|
|
|
|
# Create administrator & confirm user
|
2018-04-06 21:01:26 +02:00
|
|
|
(
|
|
|
|
su $app
|
|
|
|
cd ~/live
|
|
|
|
RAILS_ENV=production bin/bundle exec rails mastodon:make_admin USERNAME=$admin_mastodon
|
|
|
|
RAILS_ENV=production bin/bundle exec rails mastodon:confirm_email USER_EMAIL=$admin_mastodon_mail
|
|
|
|
)
|
2017-04-08 04:04:27 +02:00
|
|
|
|
|
|
|
# Install crontab
|
2018-04-06 21:01:26 +02:00
|
|
|
cp ../conf/crontab_mastodon /etc/cron.d/$app
|
|
|
|
sed -i "s@__APP__@$app@g" /etc/cron.d/$app
|
|
|
|
|
|
|
|
|
|
|
|
#=================================================
|
|
|
|
# GENERIC FINALIZATION
|
|
|
|
#=================================================
|
|
|
|
# SECURE FILES AND DIRECTORIES
|
|
|
|
#=================================================
|
|
|
|
|
|
|
|
# TODO:Set permissions to app files
|
|
|
|
|
|
|
|
|
|
|
|
#=================================================
|
|
|
|
# ADVERTISE SERVICE IN ADMIN PANEL
|
|
|
|
#=================================================
|
|
|
|
|
|
|
|
# Add service YunoHost
|
|
|
|
yunohost service add mastodon-web
|
|
|
|
yunohost service add mastodon-sidekiq
|
|
|
|
yunohost service add mastodon-streaming
|
|
|
|
|
|
|
|
#=================================================
|
|
|
|
# SETUP SSOWAT
|
|
|
|
#=================================================
|
2017-04-08 04:04:27 +02:00
|
|
|
|
2018-04-06 21:01:26 +02:00
|
|
|
# TODO: all private install
|
2017-04-20 16:34:35 +02:00
|
|
|
# Unprotected url
|
2017-04-20 16:34:31 +02:00
|
|
|
ynh_app_setting_set "$app" unprotected_uris "/"
|
|
|
|
|
2018-04-06 21:01:26 +02:00
|
|
|
#=================================================
|
|
|
|
# RELOAD NGINX
|
|
|
|
#=================================================
|
2017-04-08 04:04:27 +02:00
|
|
|
|
2017-04-10 16:01:13 +02:00
|
|
|
# Reload Nginx
|
2018-04-06 21:01:26 +02:00
|
|
|
systemctl reload nginx
|