diff --git a/conf/mastodon-sidekiq.service b/conf/mastodon-sidekiq.service index c0a24c8..34074ed 100644 --- a/conf/mastodon-sidekiq.service +++ b/conf/mastodon-sidekiq.service @@ -7,8 +7,8 @@ User=mastodon WorkingDirectory=/opt/mastodon/live Environment="RAILS_ENV=production" - Environment="DB_POOL=5" - ExecStart=/opt/mastodon/.rbenv/shims/bundle exec sidekiq -c 5 -q default -q mailers -q pull -q push + Environment="DB_POOL=20" + ExecStart=/opt/mastodon/.rbenv/shims/bundle exec sidekiq -c 20 -q default -q mailers -q pull -q push TimeoutSec=15 Restart=always StandardError=syslog diff --git a/conf/nginx.conf b/conf/nginx.conf index d05cdcb..780c462 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,42 +1,41 @@ - location __PATH__ { - alias __FINALPATH__/live/public; +location __PATH__ { + # alias __FINALPATH__/live/public; - if ($scheme = http) { - rewrite ^ https://$server_name$request_uri? permanent; - } + if ($scheme = http) { + rewrite ^ https://$server_name$request_uri? permanent; + } + try_files $uri @proxy; - try_files $uri @proxy; + #--PRIVATE--# Include SSOWAT user panel. + #--PRIVATE--include conf.d/yunohost_panel.conf.inc; +} - # Include SSOWAT user panel. - include conf.d/yunohost_panel.conf.inc; - } +location @proxy { + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto https; + proxy_pass_header Server; + proxy_pass http://127.0.0.1:3000; + proxy_buffering off; + proxy_redirect off; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + tcp_nodelay on; +} - location @proxy { - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto https; - proxy_pass_header Server; - proxy_pass http://127.0.0.1:3000; - proxy_buffering off; - proxy_redirect off; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - tcp_nodelay on; - } - - location __PATH__/api/v1/streaming { - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto https; - proxy_pass http://127.0.0.1:4000; - proxy_buffering off; - proxy_redirect off; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - tcp_nodelay on; +location /api/v1/streaming { + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto https; + proxy_pass http://127.0.0.1:4000; + proxy_buffering off; + proxy_redirect off; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + tcp_nodelay on; } \ No newline at end of file diff --git a/scripts/.fonctions b/scripts/.fonctions index 4557512..7d9c54d 100644 --- a/scripts/.fonctions +++ b/scripts/.fonctions @@ -135,18 +135,16 @@ SECURE_REMOVE () { # Deleting a folder with variable verification fi } -REMOVE_BDD () { # Delete database and users - # $1 = Database name - # Uses '$app' as user name and database - db_user=$1 - if mysqlshow -u root -p$(sudo cat $MYSQL_ROOT_PWD_FILE) | grep -q "^| $db_user"; then - echo "Delete db" - ynh_mysql_drop_db $db_user - ynh_mysql_drop_user $db_user - fi +# Create a db without password +# +# usage: ynh_mysql_create_user user +# | arg: user - the user name to create +ynh_psql_create_db_without_password() { + db=$1 + sudo su -c "psql" postgres <<< \ + "CREATE USER $db CREATEDB;" } - # Create a user # # usage: ynh_mysql_create_user user pwd [host] diff --git a/scripts/backup b/scripts/backup new file mode 100644 index 0000000..2ef6b86 --- /dev/null +++ b/scripts/backup @@ -0,0 +1,30 @@ +#!/bin/bash + +# Exit on command errors and treat unset variables as an error +set -eu + +# Get multi-instances specific variables +app=$YNH_APP_INSTANCE_NAME + +# Source app helpers +source /usr/share/yunohost/helpers + +# Retrieve app settings +domain=$(ynh_app_setting_get "$app" domain) + +# Copy the app files +final_path="/opt/${app}" +ynh_backup "$final_path" "sources" 1 + +# Copy the nginx conf files +ynh_backup "/etc/nginx/conf.d/${domain}.d/${app}.conf" "nginx.conf" +ynh_backup "/etc/cron.d/${app}.conf" "cron.conf" +ynh_backup "/etc/systemd/system/mastodon-web.service" "systemd_web.service" +ynh_backup "/etc/systemd/system/mastodon-sidekiq.service" "systemd_sidekiq.service" +ynh_backup "/etc/systemd/system/mastodon-streaming.service" "systemd_streaming.service" + +# Backup db +sudo su - postgres < /home/backup/mastodon_db.sql +COMMANDS +ynh_backup "/home/backup/mastodon_db.sql" "mastodon_db.sql" \ No newline at end of file diff --git a/scripts/install b/scripts/install index 8e086a7..41d430e 100644 --- a/scripts/install +++ b/scripts/install @@ -9,7 +9,7 @@ source /usr/share/yunohost/helpers # Source app helpers CLEAN_SETUP () { # Clean installation residues that are not supported by the remove script. # Clean hosts - sudo sed -i '/#MASTODON/d' /etc/hosts + echo "" } TRAP_ON # Active trap to stop the script if an error is detected. @@ -17,7 +17,6 @@ domain=$YNH_APP_ARG_DOMAIN path=$YNH_APP_ARG_PATH admin_mastodon=$YNH_APP_ARG_ADMIN is_public=$YNH_APP_ARG_IS_PUBLIC -#language=$YNH_APP_ARG_LANGUAGE app=$YNH_APP_INSTANCE_NAME @@ -66,18 +65,13 @@ curl -sL https://deb.nodesource.com/setup_4.x | bash - sudo apt-get -y install nodejs npm install -g yarn -## Install postgresql database -dbname=$app -dbuser=$app -# Generate random password -dbpass=$(ynh_string_random) -ynh_psql_create_db "$dbname" "$dbuser" "$dbpass" +# Create DB without password +ynh_psql_create_db_without_password "$app" # Download all Ruby source sudo git clone https://github.com/rbenv/rbenv.git $final_path/.rbenv git clone https://github.com/rbenv/ruby-build.git $final_path/.rbenv/plugins/ruby-build git clone https://github.com/tootsuite/mastodon.git $final_path/live -git clone git://github.com/dcarley/rbenv-sudo.git $final_path/.rbenv/plugins/rbenv-sudo sudo chown -R $app: "${final_path}" # Install de rbenv @@ -86,7 +80,6 @@ pushd ~/.rbenv src/configure && make -C src echo 'export PATH="/opt/mastodon/.rbenv/bin:/opt/mastodon/live/bin:$PATH"' >> ~/.bashrc echo 'eval "\$(rbenv init -)"' >> ~/.bashrc -echo "alias su='env PATH=\$PATH'" >> ~/.bashrc COMMANDS # Install ruby-build @@ -109,11 +102,12 @@ MCOMMANDS # Adjust Mastodon config pushd $final_path/live/ sudo cp -a .env.production.sample .env.production -sudo sed -i "s@REDIS_HOST=localhost@REDIS_HOST=127.0.0.1@g" "${final_path}/live/.env.production" +sudo sed -i "s@REDIS_HOST=redis@REDIS_HOST=127.0.0.1@g" "${final_path}/live/.env.production" sudo sed -i "s@DB_HOST=db@DB_HOST=/var/run/postgresql@g" "${final_path}/live/.env.production" -sudo sed -i "s@DB_USER=mastodon@DB_USER=${dbuser}@g" "${final_path}/live/.env.production" -sudo sed -i "s@DB_NAME=mastodon@DB_NAME=${dbuser}@g" "${final_path}/live/.env.production" -sudo sed -i "s@LOCAL_DOMAIN=domainedevotreinstance.tld@LOCAL_DOMAIN=${domain}@g" "${final_path}/live/.env.production" +sudo sed -i "s@DB_USER=postgres@DB_USER=${app}@g" "${final_path}/live/.env.production" +sudo sed -i "s@DB_NAME=postgres@DB_NAME=${app}_production@g" "${final_path}/live/.env.production" +# sudo sed -i "s@DB_PASS=@DB_PASS=${dbpass}@g" "${final_path}/live/.env.production" +sudo sed -i "s@LOCAL_DOMAIN=example.com@LOCAL_DOMAIN=${domain}@g" "${final_path}/live/.env.production" sudo sed -i "s@PAPERCLIP_SECRET=@PAPERCLIP_SECRET=$(head -n32 /dev/urandom | tr -dc -d 'A-Za-z0-9' | head -c32)@g" "${final_path}/live/.env.production" sudo sed -i "s@SECRET_KEY_BASE=@SECRET_KEY_BASE=$(head -n32 /dev/urandom | tr -dc -d 'A-Za-z0-9' | head -c32)@g" "${final_path}/live/.env.production" @@ -124,12 +118,17 @@ sudo sed -i 's,SMTP_FROM_ADDRESS=notifications@example.com,SMTP_FROM_ADDRESS='${ # Create database # Preconfig CSS & JS +# Create admin user +# Create confirm email sudo su - $app <=2.4 + +# Exit on command errors and treat unset variables as an error +set -eu + +# The parameter $app is the id of the app instance ex: ynhexample__2 +app=$YNH_APP_INSTANCE_NAME + +# Source app helpers +source /usr/share/yunohost/helpers + +# Get old parameter of the app +domain=$(ynh_app_setting_get $app domain) +path=$(ynh_app_setting_get $app path) +is_public=$(ynh_app_setting_get $app is_public) + +# Check domain/path availability +sudo yunohost app checkurl "${domain}${path}" -a "$app" \ + || ynh_die "Path not available: ${domain}${path}" + +# Check $final_path +final_path="/opt/${app}" +if [ -d $final_path ]; then + ynh_die "There is already a directory: $final_path" +fi + +# Check configuration files nginx +nginx_conf="/etc/nginx/conf.d/${domain}.d/${app}.conf" +if [ -f $nginx_conf ]; then + ynh_die "The NGINX configuration already exists at '${nginx_conf}'. + You should safely delete it before restoring this app." + +# Check configuration files php-fpm +crontab_conf="/etc/cron.d/${app}" +if [ -f $crontab_conf ]; then + ynh_die "The CRONTAB configuration already exists at '${crontab_conf}'. + You should safely delete it before restoring this app." +fi + +# Restore services +web_systemd="/etc/systemd/system/${app}-web.service" +if [ -f "${web_systemd}" ]; then + ynh_die "The MASTODON WEB configuration already exists at '${web_systemd}'. + You should safely delete it before restoring this app." +fi +sidekiq_systemd="/etc/systemd/system/${app}-sidekiq.service" +if [ -f "${sidekiq_systemd}" ]; then + ynh_die "The MASTODON SIDEKIQ configuration already exists at '${sidekiq_systemd}'. + You should safely delete it before restoring this app." +fi +streaming_systemd="/etc/systemd/system/${app}-streaming.service" +if [ -f "${streaming_systemd}" ]; then + ynh_die "The MASTODON STREAMING configuration already exists at '${streaming_systemd}'. + You should safely delete it before restoring this app." +fi + + # Restore sources & data +sudo cp -a ./sources "$final_path" + +# Set permissions +sudo chown -R $app: "$final_path" + +# Restore db +ynh_psql_create_db_without_password "$app" +sudo su - postgres <