YunoHost-Apps/mastodon_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/mastodon_ynh.git synced 2024-09-03 19:46:02 +02:00
Code Issues Activity Actions

Packaging v2 (#399)

Browse source 
* Convert to v2 (#383)

* convert script

* v2

* Auto-update README

* Update documentation cc @panomaki

* Bump ruby version from 3.0.6 to 3.2.2

* v2

* Auto-update README

* woops

* v2

* v2

* s/final_path/install_dir

* Update PRE_INSTALL.md

* too soon...

* v2

* v2

* v2

* Update tests.toml

* Update doc/PRE_INSTALL.md

Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org>

* Update doc/PRE_INSTALL_fr.md

Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org>

* Update tests.toml

Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org>

* Update tests.toml

Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org>

* Update doc/PRE_INSTALL.md

Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org>

* Update doc/PRE_INSTALL_fr.md

Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org>

* Apply suggestions

* Update manifest.toml

* Auto-update README

* Update manifest.toml

* Update scripts

* Auto-update README

* Remove SSO integration

* Use new mail mechanism

* cleaning

* Update manifest.toml

---------

Co-authored-by: yunohost-bot <yunohost@yunohost.org>
Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org>
Co-authored-by: Éric Gaspar <46165813+ericgaspar@users.noreply.github.com>

* Bump ynh version

* Auto-update README

* Update manifest.toml

* Update doc/PRE_INSTALL.md

Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org>

* Add service setting for app shell

* Use logrotate

* smtp config follow-up

Sidekiq service can be properly hardened since it doesn't use sendmail anymore o/

* Fix mkdir failing if /var/log/mastodon already exists

* upgrade: Rename database to match packaging v2

* Bump 4.1.6~ynh2

* Auto-update README

* Disable install.private test

* remove full_domain

* 4.1.7 (#403)

* 4.1.7

* Auto-update README

* Update manifest.toml

* Auto-update README

---------

Co-authored-by: yunohost-bot <yunohost@yunohost.org>
Co-authored-by: Tagada <36127788+Tagadda@users.noreply.github.com>

* fix

* fix

* Don't swap when running on a LXC

* Hardcore the needed RAM

* Auto-update README

* Auto-update README

* Update manifest.toml

* Auto-update README

* Update _common.sh

* Auto-update README

* cleaning

* cleaning

* Auto-update README

* Auto-update README

* Update tests.toml

* Fix restore

* Fix manifest.toml

* Auto-update README

* Auto-update README

* add `tootctl self-destruct` info

* format

* Auto-update README

* lol autotranslate

* break line

* break lines

* translation from french

* update version

* Auto-update README

* Update manifest.toml

---------

Co-authored-by: yunohost-bot <yunohost@yunohost.org>
Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org>
Co-authored-by: Éric Gaspar <46165813+ericgaspar@users.noreply.github.com>
Co-authored-by: ericgaspar <junk.eg@free.fr>
Co-authored-by: OniriCorpe <oniricorpe@disroot.org>
This commit is contained in:
Tagada 2024-02-24 23:28:27 +01:00 committed by GitHub
parent 17d9f373c9
commit c699e1f7a7
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
30 changed files with 521 additions and 1057 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

107
.github/workflows/updater.sh vendored
View file

@ -1,107 +0,0 @@
#!/bin/bash
#=================================================
# PACKAGE UPDATING HELPER
#=================================================
# This script is meant to be run by GitHub Actions
# The YunoHost-Apps organisation offers a template Action to run this script periodically
# Since each app is different, maintainers can adapt its contents so as to perform
# automatic actions when a new upstream release is detected.
#=================================================
# FETCHING LATEST RELEASE AND ITS ASSETS
#=================================================
# Fetching information
current_version=$(cat manifest.json | jq -j '.version|split("~")[0]')
repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]')
# Some jq magic is needed, because the latest upstream release is not always the latest version (e.g. security patches for older versions)
version=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1)
assets="https://github.com/tootsuite/mastodon/archive/refs/tags/$version.tar.gz"
# Later down the script, we assume the version has only digits and dots
# Sometimes the release name starts with a "v", so let's filter it out.
# You may need more tweaks here if the upstream repository has different naming conventions.
if [[ ${version:0:1} == "v" || ${version:0:1} == "V" ]]; then
version=${version:1}
fi
# Setting up the environment variables
echo "Current version: $current_version"
echo "Latest release from upstream: $version"
echo "VERSION=$version" >> $GITHUB_ENV
echo "REPO=$repo" >> $GITHUB_ENV
# For the time being, let's assume the script will fail
echo "PROCEED=false" >> $GITHUB_ENV
# Proceed only if the retrieved version is greater than the current one
if ! dpkg --compare-versions "$current_version" "lt" "$version" ; then
echo "::warning ::No new version available"
exit 0
# Proceed only if a PR for this new version does not already exist
elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$version ; then
echo "::warning ::A branch already exists for this update"
exit 0
fi
#=================================================
# UPDATE SOURCE FILES
#=================================================
# Let's download source tarball
asset_url=$assets
echo "Handling asset at $asset_url"
src="app"
# Create the temporary directory
tempdir="$(mktemp -d)"
# Download sources and calculate checksum
filename=${asset_url##*/}
curl --silent -4 -L $asset_url -o "$tempdir/$filename"
checksum=$(sha256sum "$tempdir/$filename" | head -c 64)
# Delete temporary directory
rm -rf $tempdir
# Get extension
if [[ $filename == *.tar.gz ]]; then
extension=tar.gz
else
extension=${filename##*.}
fi
# Rewrite source file
cat <<EOT > conf/$src.src
SOURCE_URL=$asset_url
SOURCE_SUM=$checksum
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=$extension
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=
SOURCE_EXTRACT=true
EOT
echo "... conf/$src.src updated"
#=================================================
# SPECIFIC UPDATE STEPS
#=================================================
# Any action on the app's source code can be done.
# The GitHub Action workflow takes care of committing all changes after this script ends.
#=================================================
# GENERIC FINALIZATION
#=================================================
# Replace new version in manifest
echo "$(jq -s --indent 4 ".[] | .version = \"$version~ynh1\"" manifest.json)" > manifest.json
# No need to update the README, yunohost-bot takes care of it
# The Action will proceed only if the PROCEED environment variable is set to true
echo "PROCEED=true" >> $GITHUB_ENV
exit 0

49
.github/workflows/updater.yml vendored
View file

@ -1,49 +0,0 @@
# This workflow allows GitHub Actions to automagically update your app whenever a new upstream release is detected.
# You need to enable Actions in your repository settings, and fetch this Action from the YunoHost-Apps organization.
# This file should be enough by itself, but feel free to tune it to your needs.
# It calls updater.sh, which is where you should put the app-specific update steps.
name: Check for new upstream releases
on:
# Allow to manually trigger the workflow
workflow_dispatch:
# Run it every day at 6:00 UTC
schedule:
- cron: '0 6 * * *'
jobs:
updater:
runs-on: ubuntu-latest
steps:
- name: Fetch the source code
uses: actions/checkout@v3
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Run the updater script
id: run_updater
run: |
# Setting up Git user
git config --global user.name 'yunohost-bot'
git config --global user.email 'yunohost-bot@users.noreply.github.com'
# Run the updater script
/bin/bash .github/workflows/updater.sh
- name: Commit changes
id: commit
if: ${{ env.PROCEED == 'true' }}
run: |
git commit -am "Upgrade to v$VERSION"
- name: Create Pull Request
id: cpr
if: ${{ env.PROCEED == 'true' }}
uses: peter-evans/create-pull-request@v4
with:
token: ${{ secrets.GITHUB_TOKEN }}
commit-message: Update to version ${{ env.VERSION }}
committer: 'yunohost-bot <yunohost-bot@users.noreply.github.com>'
author: 'yunohost-bot <yunohost-bot@users.noreply.github.com>'
signoff: false
base: testing
branch: ci-auto-update-v${{ env.VERSION }}
delete-branch: true
title: 'Upgrade to version ${{ env.VERSION }}'
body: |
Upgrade to v${{ env.VERSION }}
draft: false

46
README.md
View file

@ -16,7 +16,8 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in
## Overview
Mastodon is a free, open-source microblogging social network. It is a decentralized alternative to commercial platforms like Twitter and avoids the risks of a single company monopolizing your communication for commercial purposes.
Mastodon is a free, open-source microblogging social network. It is a decentralized alternative to commercial platforms like Twitter and avoids the risks of a single company monopolizing your communication for commercial purposes.
**Shipped version:** 4.2.8~ynh1
@ -26,49 +27,6 @@ Mastodon is a free, open-source microblogging social network. It is a decentrali
![Screenshot of Mastodon](./doc/screenshots/mastodon.png)
## Disclaimers / important information
## Important points to read before installing
1. **Mastodon** require a dedicated **root domain**, eg. mastodon.domain.tld
1. The user choosen during the installation is automatically created in Mastodon with admin rights
1. At the end of the installation a mail is sent to the user with the automatically generated password
1. It seems important to close the inscriptions for your Mastodon, so that it remains a private body. We invite you to block remote malicious instances from the administration interface. You can also add text on your home page.
## Configuration
### Install
#### Using *screen* in case of disconnect
```
$ sudo apt-get install screen
$ screen
$ sudo yunohost app install https://github.com/YunoHost-Apps/mastodon_ynh.git
```
Recover after disconnect:
```
$ screen -d
$ screen -r
```
### Update
#### Using *screen* highly recommended
`$ sudo yunohost app upgrade mastodon -u https://github.com/YunoHost-Apps/mastodon_ynh --debug `
### Administrate with tootctl
`$ (cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl --help)`
## YunoHost specific features
#### Multi-users support
LDAP authentication is activated. All YunoHost users can authenticate.
Log-out from YunoHost's portal doesn't log out from Mastodon. See https://github.com/YunoHost/issues/issues/501
## Documentation and resources
* Official app website: <https://joinmastodon.org/>

48
README_fr.md
View file

@ -27,54 +27,6 @@ Mastodon est un réseau social de microblog auto-hébergé et open source. C'est
![Capture décran de Mastodon](./doc/screenshots/mastodon.png)
## Avertissements / informations importantes
## Points importants à lire avant l'installation
1. **Mastodon** nécessite un **nom de domaine** dédié, par exemple : mastodon.domain.tld
1. L'utilisateur sélectionné pendant l'installation sera créé automatiquement dans Mastodon avec des droits d'administration.
1. À la fin de l'installation, un mail est envoyé à cet utilisateur avec un mot de passe généré automatiquement.
1. Pour que votre instance Mastodon reste privée, il est important de fermer les inscriptions. Nous vous invitons à bloquer les instances distantes indésirables depuis l'interface d'administration. Vous pouvez également ajouter un texte sur votre page d'accueil dans l'administration.
## Captures d'écran
![](https://framalibre.org/sites/default/files/mastodon.png)
## Configuration
### Installation
#### Utilisation de *screen* en cas de déconnection
```
$ sudo apt-get install screen
$ screen
$ sudo yunohost app install https://github.com/YunoHost-Apps/mastodon_ynh.git
```
Récupérer l'installation après une deconnection :
```
$ screen -d
$ screen -r
```
L'utilisateur admin est créé automatiquement comme : user@domain.tld
### Mise à jour
#### Utilisation de *screen* fortement recommandée
`$ sudo yunohost app upgrade mastodon -u https://github.com/YunoHost-Apps/mastodon_ynh --debug `
### Administration avec tootctl
`$ (cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl --help)`
## Caractéristiques spécifiques YunoHost
#### Support multi-utilisateur
L'authentification LDAP est activée. Tous les utilisateurs YunoHost peuvent s'authentifier.
Se déconnecter depuis le portail YunoHost ne vous déconnecte pas de Mastodon. Voir https://github.com/YunoHost/issues/issues/501
## Documentations et ressources
* Site officiel de lapp : <https://joinmastodon.org/>

22
check_process
View file

@ -1,22 +0,0 @@
;; Test complet
; Manifest
domain="domain.tld"
is_public=1
admin="john"
language="fr_FR"
; Checks
pkg_linter=1
setup_sub_dir=0
setup_root=1
setup_nourl=0
setup_private=1
setup_public=1
upgrade=1
# 4.02~ynh2
upgrade=1 from_commit=94381183ca2d14da72234b53c9a83972ffb16e54
backup_restore=1
multi_instance=0
change_url=0
;;; Options
Email=yalh@yahoo.com
Notification=all

41
conf/.env.production.sample
View file

@ -30,11 +30,14 @@ DB_NAME=__DB_NAME__
DB_PASS=__DB_PWD__
DB_PORT=5432
# ElasticSearch (optional)
# Elasticsearch (optional)
# ------------------------
# ES_ENABLED=true
# ES_HOST=es
ES_ENABLED=false
# ES_HOST=localhost
# ES_PORT=9200
# Authentication for ES (optional)
# ES_USER=elastic
# ES_PASS=password
# Secrets
# -------
@ -54,17 +57,12 @@ VAPID_PUBLIC_KEY=__VAPID_PUBLIC_KEY__
# ------------
SMTP_SERVER=localhost
SMTP_PORT=25
#SMTP_LOGIN=
#SMTP_PASSWORD=
SMTP_FROM_ADDRESS=__ADMIN_MAIL__
#SMTP_REPLY_TO=
#SMTP_DOMAIN= # defaults to LOCAL_DOMAIN
SMTP_DELIVERY_METHOD=sendmail # delivery method can also be smtp
SMTP_AUTH_METHOD=none
#SMTP_CA_FILE=/etc/ssl/certs/ca-certificates.crt
SMTP_LOGIN=__APP__
SMTP_PASSWORD=__MAIL_PWD__
SMTP_FROM_ADDRESS=Mastodon <__APP__@__DOMAIN__>
SMTP_DELIVERY_METHOD=smtp
SMTP_AUTH_METHOD=plain
SMTP_OPENSSL_VERIFY_MODE=none
#SMTP_ENABLE_STARTTLS_AUTO=true
#SMTP_TLS=true
# Registrations
# ------------
@ -80,16 +78,13 @@ DEFAULT_LOCALE=__LANGUAGE__
# File storage (optional)
# -----------------------
# S3_ENABLED=true
# S3_BUCKET=
S3_ENABLED=false
# S3_BUCKET=files.example.com
# AWS_ACCESS_KEY_ID=
# AWS_SECRET_ACCESS_KEY=
# S3_REGION=
# S3_PROTOCOL=http
# S3_HOSTNAME=192.168.1.123:9000
# S3_ALIAS_HOST=
# S3_ALIAS_HOST=files.example.com
# LDAP authentication (optional)
# IP and session retention
# -----------------------
LDAP_ENABLED=true
LDAP_HOST=localhost
@ -105,3 +100,9 @@ LDAP_UID_CONVERSION_ENABLED=true
LDAP_UID_CONVERSION_SEARCH=., -
LDAP_UID_CONVERSION_REPLACE=_
LDAP_TLS_NO_VERIFY=true
# Make sure to modify the scheduling of ip_cleanup_scheduler in config/sidekiq.yml
# to be less than daily if you lower IP_RETENTION_PERIOD below two days (172800).
# -----------------------
IP_RETENTION_PERIOD=1209600
SESSION_RETENTION_PERIOD=1209600

7
conf/app.src
View file

@ -1,7 +0,0 @@
SOURCE_URL=https://github.com/tootsuite/mastodon/archive/refs/tags/v4.2.8.tar.gz
SOURCE_SUM=ccecdfaab5f84cfaeb193eff2b7b795f7bdd08aa872e265dcb2625310f2c9478
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=
SOURCE_EXTRACT=true

10
conf/cron
View file

@ -1,7 +1,7 @@
# This is a system cron file, see crontab(5)
# m h dom mon dow user command
@daily __APP__ cd __FINAL_PATH__/live && __YNH_RUBY_LOAD_PATH__ __LD_PRELOAD__ RAILS_ENV=production bin/tootctl media remove
@monthly __APP__ cd __FINAL_PATH__/live && __YNH_RUBY_LOAD_PATH__ __LD_PRELOAD__ RAILS_ENV=production bin/tootctl media remove-orphans
@monthly __APP__ cd __FINAL_PATH__/live && __YNH_RUBY_LOAD_PATH__ __LD_PRELOAD__ RAILS_ENV=production bin/tootctl accounts cull
@monthly __APP__ cd __FINAL_PATH__/live && __YNH_RUBY_LOAD_PATH__ __LD_PRELOAD__ RAILS_ENV=production bin/tootctl statuses remove
@monthly __APP__ cd __FINAL_PATH__/live && __YNH_RUBY_LOAD_PATH__ __LD_PRELOAD__ RAILS_ENV=production bin/tootctl preview_cards remove
@daily __APP__ cd __INSTALL_DIR__/live && __YNH_RUBY_LOAD_PATH__ __LD_PRELOAD__ RAILS_ENV=production bin/tootctl media remove
@monthly __APP__ cd __INSTALL_DIR__/live && __YNH_RUBY_LOAD_PATH__ __LD_PRELOAD__ RAILS_ENV=production bin/tootctl media remove-orphans
@monthly __APP__ cd __INSTALL_DIR__/live && __YNH_RUBY_LOAD_PATH__ __LD_PRELOAD__ RAILS_ENV=production bin/tootctl accounts cull
@monthly __APP__ cd __INSTALL_DIR__/live && __YNH_RUBY_LOAD_PATH__ __LD_PRELOAD__ RAILS_ENV=production bin/tootctl statuses remove
@monthly __APP__ cd __INSTALL_DIR__/live && __YNH_RUBY_LOAD_PATH__ __LD_PRELOAD__ RAILS_ENV=production bin/tootctl preview_cards remove

22
conf/mastodon-sidekiq.service
View file

@ -5,15 +5,17 @@ After=network.target
[Service]
Type=simple
User=__APP__
WorkingDirectory=__FINALPATH__/live
WorkingDirectory=__INSTALL_DIR__/live
Environment="__LD_PRELOAD__"
Environment="RAILS_ENV=production"
Environment="DB_POOL=25"
Environment="MALLOC_ARENA_MAX=2"
Environment="__YNH_RUBY_LOAD_PATH__"
ExecStart=__FINALPATH__/live/bin/bundle exec sidekiq -c 25
ExecStart=__INSTALL_DIR__/live/bin/bundle exec sidekiq -c 25
TimeoutSec=15
Restart=always
StandardOutput=append:/var/log/__APP__/__APP__-sidekiq.log
StandardError=inherit
# Sandboxing options to harden security
# Depending on specificities of your service/app, you may need to tweak these
@ -21,17 +23,17 @@ Restart=always
# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
NoNewPrivileges=no
PrivateTmp=yes
#PrivateDevices=yes
#RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 AF_NETLINK
#RestrictNamespaces=yes
#RestrictRealtime=yes
PrivateDevices=yes
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 AF_NETLINK
RestrictNamespaces=yes
RestrictRealtime=yes
DevicePolicy=closed
ProtectSystem=full
ProtectControlGroups=yes
#ProtectKernelModules=yes
#ProtectKernelTunables=yes
#LockPersonality=yes
#SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap
ProtectKernelModules=yes
ProtectKernelTunables=yes
LockPersonality=yes
SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap
# Denying access to capabilities that should not be relevant for webapps
# Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html

4
conf/mastodon-streaming.service
View file

@ -5,7 +5,7 @@ After=network.target
[Service]
Type=simple
User=__APP__
WorkingDirectory=__FINALPATH__/live
WorkingDirectory=__INSTALL_DIR__/live
Environment="NODE_ENV=production"
Environment="PORT=__PORT_STREAM__"
Environment="STREAMING_CLUSTER_NUM=1"
@ -13,6 +13,8 @@ Environment="__YNH_NODE_LOAD_PATH__"
ExecStart=__YNH_NODE__ ./streaming
TimeoutSec=15
Restart=always
StandardOutput=append:/var/log/__APP__/__APP__-streaming.log
StandardError=inherit
# Sandboxing options to harden security
# Depending on specificities of your service/app, you may need to tweak these

6
conf/mastodon-web.service
View file

@ -5,15 +5,17 @@ After=network.target
[Service]
Type=simple
User=__APP__
WorkingDirectory=__FINALPATH__/live
WorkingDirectory=__INSTALL_DIR__/live
Environment="__LD_PRELOAD__"
Environment="RAILS_ENV=production"
Environment="PORT=__PORT_WEB__"
Environment="__YNH_RUBY_LOAD_PATH__"
ExecStart=__FINALPATH__/live/bin/bundle exec puma -C config/puma.rb
ExecStart=__INSTALL_DIR__/live/bin/bundle exec puma -C config/puma.rb
ExecReload=/bin/kill -SIGUSR1 $MAINPID
TimeoutSec=15
Restart=always
StandardOutput=append:/var/log/__APP__/__APP__-web.log
StandardError=inherit
# Sandboxing options to harden security
# Depending on specificities of your service/app, you may need to tweak these

2
conf/nginx.conf
View file

@ -1,6 +1,6 @@
client_max_body_size 99m;
root __FINALPATH__/live/public;
root __INSTALL_DIR__/live/public;
location / {

63
doc/ADMIN.md Normal file
View file

@ -0,0 +1,63 @@
## Administrate with tooctl
`$ (cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl --help)`
## Update
**`screen` (or `tmux`) can be used to make sure your session is not interrupted in case of connection problems.**
See [tutorial](https://www.howtogeek.com/662422/how-to-use-linuxs-screen-command/) for more background information.
```bash
screen
sudo yunohost app upgrade mastodon
```
## Backups
First of all: Mastodon uses a local cache to save media (such as posted images, videos etc.). This cache can grow huge.
You could consider cleaning up your local cache first as otherwise your backup will be very big and you might run out of disk space:
To check your space usage, on a command line run:
```bash
sudo cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl media usage
```
If your cache is too big to backup, you can run the following command to clean up Attachments (the first line).
Substitute X by the number of days you want to keep, e.g. 1 day.
All older images will be deleted but will be refetched from the original server if necessary.
First dry-run to see how much space is freed up (without actually removing):
```bash
sudo cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl media remove --days=X --dry-run`
```
If all looks good commit the cleanup:
```bash
sudo cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl media remove --days=X`
```
Check [the official documentation](https://docs.joinmastodon.org/admin/tootctl/#media-remove) for more details.
## Before your Mastodon instance deletion
Before definitively uninstalling Mastodon, you have to run `tootctl self-destruct` to broadcast your users and instance deletion to the federation.
Otherwise your data will remain in federation cache for ever.
⚠️ Make sure you know exactly what you are doing before running this command.
⚠️ This operation is NOT reversible, and it can take a long time.
⚠️ The server will be in a BROKEN STATE after this command finishes.
⚠️ A running Sidekiq process is required, so do not shut down the server until the queues are fully cleared.
```bash
screen
sudo cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl self-destruct
```
Check [the official documentation](https://docs.joinmastodon.org/admin/tootctl/#self-destruct) for more details.
## Known Bugs
- Log-out from YunoHost's portal doesn't log out from Mastodon. See <https://github.com/YunoHost/issues/issues/501>

63
doc/ADMIN_fr.md Normal file
View file

@ -0,0 +1,63 @@
## Administration avec tooctl
`$ cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl --help`
## Mise à jour
**`screen` (ou `tmux`) peut être utilisé pour vous assurer que votre session n'est pas interrompue en cas de problème de connection.**
Consultez ce [tutoriel](https://www.howtogeek.com/662422/how-to-use-linuxs-screen-command/) pour plus de détails.
```bash
screen
sudo yunohost app upgrade mastodon
```
## Sauvegardes
Tout d'abord : Mastodon utilise un cache local pour sauvegarder les médias (comme les images, vidéos, etc). Ce cache peut devenir énorme.
Vous devriez réfléchir à vider votre cache local avant de faire une sauvegarde, qui pourrait être énorme et vous pourriez manquer d'espace de stockage.
Pour vérifier l'utilisation du stockage, en ligne de commande utilisez :
```bash
sudo cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl media usage
```
Si le cache est trop gros pour être sauvegardé, vous pouvez lancer la commande suivante pour en supprimer les médias attachés.
Changez `X` par le nombre de cache à conserver, par ex. 1 jour.
Tous les médias plus anciens seront supprimés, mais ils pourront être rechargé du serveur d'origine si nécessaire.
En premier faite un essai à blanc pour voir combien de place sera libérée (sans rien supprimer):
```bash
sudo cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl media remove --days=X --dry-run`
```
Si cela semble bon, effectuez le nettoyage :
```bash
sudo cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl media remove --days=X
```
Consulter [la documentation officielle](<https://docs.joinmastodon.org/admin/tootctl/#media-remove>) pour plus de détails.
## Avant la suppression de votre instance Mastodon
Avant de désinstaller définitivement Mastodon, vous devez lancer `tootctl self-destruct` pour annoncer à la fédération la suppression de vos utilisateurs et de votre instance.
Sinon, vos données resteront dans le cache de la fédération pour toujours.
⚠️ Assurez-vous de savoir exactement ce que vous faites avant d'exécuter cette commande.
⚠️ Cette opération n'est PAS réversible et peut prendre beaucoup de temps.
⚠️ Le serveur sera dans un ÉTAT BRISÉ après la fin de cette commande.
Un processus Sidekiq en cours d'exécution est nécessaire, donc n'arrêtez pas le serveur avant que les files d'attente ne soient complètement vidées.
```bash
screen
sudo cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl self-destruct
```
Consulter [la documentation officielle](<https://docs.joinmastodon.org/admin/tootctl/#self-destruct>) pour plus de détails.
## Bugs connus
- Se déconnecter depuis le portail YunoHost ne vous déconnecte pas de Mastodon. Voir <https://github.com/YunoHost/issues/issues/501>

2
doc/DESCRIPTION.md
View file

@ -1 +1 @@
Mastodon is a free, open-source microblogging social network. It is a decentralized alternative to commercial platforms like Twitter and avoids the risks of a single company monopolizing your communication for commercial purposes.
Mastodon is a free, open-source microblogging social network. It is a decentralized alternative to commercial platforms like Twitter and avoids the risks of a single company monopolizing your communication for commercial purposes.

40
doc/DISCLAIMER.md
View file

@ -1,40 +0,0 @@
## Important points to read before installing
1. **Mastodon** require a dedicated **root domain**, eg. mastodon.domain.tld
1. The user choosen during the installation is automatically created in Mastodon with admin rights
1. At the end of the installation a mail is sent to the user with the automatically generated password
1. It seems important to close the inscriptions for your Mastodon, so that it remains a private body. We invite you to block remote malicious instances from the administration interface. You can also add text on your home page.
## Configuration
### Install
#### Using *screen* in case of disconnect
```
$ sudo apt-get install screen
$ screen
$ sudo yunohost app install https://github.com/YunoHost-Apps/mastodon_ynh.git
```
Recover after disconnect:
```
$ screen -d
$ screen -r
```
### Update
#### Using *screen* highly recommended
`$ sudo yunohost app upgrade mastodon -u https://github.com/YunoHost-Apps/mastodon_ynh --debug `
### Administrate with tootctl
`$ (cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl --help)`
## YunoHost specific features
#### Multi-users support
LDAP authentication is activated. All YunoHost users can authenticate.
Log-out from YunoHost's portal doesn't log out from Mastodon. See https://github.com/YunoHost/issues/issues/501

45
doc/DISCLAIMER_fr.md
View file

@ -1,45 +0,0 @@
## Points importants à lire avant l'installation
1. **Mastodon** nécessite un **nom de domaine** dédié, par exemple : mastodon.domain.tld
1. L'utilisateur sélectionné pendant l'installation sera créé automatiquement dans Mastodon avec des droits d'administration.
1. À la fin de l'installation, un mail est envoyé à cet utilisateur avec un mot de passe généré automatiquement.
1. Pour que votre instance Mastodon reste privée, il est important de fermer les inscriptions. Nous vous invitons à bloquer les instances distantes indésirables depuis l'interface d'administration. Vous pouvez également ajouter un texte sur votre page d'accueil dans l'administration.
## Captures d'écran
![](https://framalibre.org/sites/default/files/mastodon.png)
## Configuration
### Installation
#### Utilisation de *screen* en cas de déconnection
```
$ sudo apt-get install screen
$ screen
$ sudo yunohost app install https://github.com/YunoHost-Apps/mastodon_ynh.git
```
Récupérer l'installation après une deconnection :
```
$ screen -d
$ screen -r
```
L'utilisateur admin est créé automatiquement comme : user@domain.tld
### Mise à jour
#### Utilisation de *screen* fortement recommandée
`$ sudo yunohost app upgrade mastodon -u https://github.com/YunoHost-Apps/mastodon_ynh --debug `
### Administration avec tootctl
`$ (cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl --help)`
## Caractéristiques spécifiques YunoHost
#### Support multi-utilisateur
L'authentification LDAP est activée. Tous les utilisateurs YunoHost peuvent s'authentifier.
Se déconnecter depuis le portail YunoHost ne vous déconnecte pas de Mastodon. Voir https://github.com/YunoHost/issues/issues/501

23
doc/PRE_INSTALL.md Normal file
View file

@ -0,0 +1,23 @@
## Important points to read before installing
- **Mastodon** require a dedicated **root domain**, eg. `domaine.tld` or `mastodon.domain.tld`, with no other apps installed on that domain. You can't change the domain once installed.
- The user choosen during the installation is automatically created in Mastodon with admin rights
- It seems important to close registrations for your Mastodon, so that it remains a private body. We invite you to block remote malicious instances from the administration interface. You can also add text on your home page.
## Using *screen* in case of disconnect
Mastodon can take a long time to install, depending on server performance.
To avoid the process being interrupted by a disconnection, you can use `screen`.
```bash
sudo apt install screen
screen
sudo yunohost app install https://github.com/YunoHost-Apps/mastodon_ynh.git
```
Recover after disconnect:
```bash
screen -d
screen -r
```

23
doc/PRE_INSTALL_fr.md Normal file
View file

@ -0,0 +1,23 @@
## Points importants à lire avant l'installation
- **Mastodon** nécessite un **nom de domaine** dédié, par exemple : `domaine.tld` ou `mastodon.domaine.tld` sans apps installées sur ce domaine. Il est impossible de changer le nom de domaine après l'installation.
- L'utilisateur sélectionné pendant l'installation sera créé automatiquement dans Mastodon avec des droits d'administration.
- Pour que votre instance Mastodon reste privée, il est important de fermer les inscriptions. Nous vous invitons à bloquer les instances indésirables depuis l'interface d'administration. Vous pouvez également ajouter un texte sur votre page d'accueil dans l'administration.
## Utilisation de *screen* en cas de déconnexion
L'installation de Mastodon peut être longue, selon les performances du serveur.
Pour éviter que le processus soit interrompu par une déconnexion, on peut utiliser `screen`.
```bash
sudo apt install screen
screen
sudo yunohost app install mastodon
```
Récupérer l'installation après une deconnection :
```bash
screen -d
screen -r
```

69
manifest.json
View file

@ -1,69 +0,0 @@
{
"name": "Mastodon",
"id": "mastodon",
"packaging_format": 1,
"description": {
"en": "Libre and federated social network",
"fr": "Réseau social libre et fédéré"
},
"version": "4.2.8~ynh1",
"url": "https://github.com/mastodon/mastodon",
"upstream": {
"license": "AGPL-3.0-or-later",
"website": "https://joinmastodon.org/",
"demo": "https://joinmastodon.org/",
"admindoc": "https://docs.joinmastodon.org/",
"code": "https://github.com/mastodon/mastodon"
},
"license": "AGPL-3.0-or-later",
"maintainer": {
"name": "yalh76"
},
"previous_maintainer": [
{
"name": "cyp",
"email": "cyp@rouquin.me"
},
{
"name": "nemsia",
"email": "nemsia@nemsia.org"
}
],
"requirements": {
"yunohost": ">= 11.2"
},
"multi_instance": true,
"services": [
"nginx"
],
"arguments": {
"install": [
{
"name": "domain",
"type": "domain"
},
{
"name": "is_public",
"type": "boolean",
"default": true
},
{
"name": "language",
"type": "select",
"ask": {
"en": "Choose the application language",
"fr": "Choisissez la langue de l'application"
},
"choices": [
"en_EN",
"fr_FR"
],
"default": "fr_FR"
},
{
"name": "admin",
"type": "user"
}
]
}
}

86
manifest.toml Normal file
View file

@ -0,0 +1,86 @@
packaging_format = 2
id = "mastodon"
name = "Mastodon"
description.en = "Libre and federated social network"
description.fr = "Réseau social libre et fédéré"
version = "4.2.8~ynh1"
maintainers = ["Tagada"]
[upstream]
license = "AGPL-3.0-or-later"
website = "https://joinmastodon.org/"
demo = "https://joinmastodon.org/"
admindoc = "https://docs.joinmastodon.org/"
code = "https://github.com/mastodon/mastodon"
cpe = "cpe:2.3:a:joinmastodon:mastodon"
fund = "https://joinmastodon.org/sponsors"
[integration]
yunohost = ">= 11.2"
architectures = "all"
multi_instance = true
ldap = true
sso = false
disk = "2G"
ram.build = "1G"
ram.runtime = "500M"
[install]
[install.domain]
type = "domain"
[install.init_main_permission]
type = "group"
default = "visitors"
[install.language]
ask.en = "Choose the application language"
ask.fr = "Choisissez la langue de l'application"
type = "select"
choices = ["en_EN", "fr_FR"]
default = "fr_FR"
[install.admin]
type = "user"
[resources]
[resources.sources]
[resources.sources.main]
url = "https://github.com/tootsuite/mastodon/archive/refs/tags/v4.2.8.tar.gz"
sha256 = "ccecdfaab5f84cfaeb193eff2b7b795f7bdd08aa872e265dcb2625310f2c9478"
autoupdate.strategy = "latest_github_release"
[resources.system_user]
allow_email = true
[resources.install_dir]
[resources.permissions]
main.url = "/"
api.url = "/api"
api.allowed = "visitors"
api.auth_header = false
api.show_tile = false
api.protected = true
[resources.ports]
web.default = 3000
stream.default = 4000
[resources.apt]
packages = "imagemagick, ffmpeg, libpq-dev, libxml2-dev, libxslt1-dev, file, git, git-core, g++, libprotobuf-dev, protobuf-compiler, pkg-config, gcc, autoconf, bison, build-essential, libssl-dev, libyaml-dev, libreadline6-dev, zlib1g-dev, libncurses5-dev, libffi-dev, libgdbm6, libgdbm-dev, redis-tools, redis-server, postgresql, postgresql-contrib, libidn11-dev, libicu-dev, libjemalloc-dev, curl, apt-transport-https"
[resources.apt.extras.yarn]
repo = "deb https://dl.yarnpkg.com/debian/ stable main"
key = "https://dl.yarnpkg.com/debian/pubkey.gpg"
packages = "yarn"
[resources.database]
type = "postgresql"

9
scripts/_common.sh
View file

@ -4,17 +4,14 @@
# COMMON VARIABLES
#=================================================
# dependencies used by the app (must be on a single line)
pkg_dependencies="imagemagick ffmpeg libpq-dev libxml2-dev libxslt1-dev file git-core g++ libprotobuf-dev protobuf-compiler pkg-config gcc autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm3|libgdbm6 libgdbm-dev redis-tools redis-server postgresql postgresql-contrib libidn11-dev libicu-dev libjemalloc-dev curl apt-transport-https"
build_pkg_dependencies=""
memory_needed="2560"
ruby_version=3.2.2
nodejs_version=16
nodejs_version=20
# Workaround for Mastodon on Bullseye
# See https://github.com/mastodon/mastodon/issues/15751#issuecomment-873594463
if [ "$(lsb_release --codename --short)" = "bullseye" ]; then
if [ "$(lsb_release --codename --short)" = "bullseye" ];
then
case $YNH_ARCH in
amd64)
ld_preload="LD_PRELOAD=/usr/lib/x86_64-linux-gnu/libjemalloc.so"

29
scripts/backup
View file

@ -10,27 +10,6 @@
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_clean_setup () {
true
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
ynh_print_info --message="Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
domain=$(ynh_app_setting_get --app=$app --key=domain)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
#=================================================
# DECLARE DATA AND CONF FILES TO BACKUP
#=================================================
@ -40,7 +19,7 @@ ynh_print_info --message="Declaring files to be backed up..."
# BACKUP THE APP MAIN DIR
#=================================================
ynh_backup --src_path="$final_path"
ynh_backup --src_path="$install_dir"
#=================================================
# BACKUP THE NGINX CONFIGURATION
@ -50,6 +29,12 @@ ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# SPECIFIC BACKUP
#=================================================
# BACKUP LOGROTATE
#=================================================
ynh_backup --src_path="/etc/logrotate.d/$app"
#=================================================
# BACKUP SYSTEMD
#=================================================

219
scripts/install
View file

@ -11,120 +11,30 @@ source ynh_install_ruby__2
source ynh_add_swap
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_clean_setup () {
true
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
domain=$YNH_APP_ARG_DOMAIN
path_url="/"
is_public=$YNH_APP_ARG_IS_PUBLIC
language=$YNH_APP_ARG_LANGUAGE
admin=$YNH_APP_ARG_ADMIN
app=$YNH_APP_INSTANCE_NAME
admin_mail=$(ynh_user_get_info --username=$admin --key=mail)
# Set `service` settings to support `yunohost app shell` command
ynh_app_setting_set --app="$app" --key=service --value="$app-web.service"
#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
ynh_script_progression --message="Validating installation parameters..." --weight=1
final_path=/var/www/$app
test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
# Register (book) web path
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
ynh_script_progression --message="Storing installation settings..." --weight=1
ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app=$app --key=path --value=$path_url
ynh_app_setting_set --app=$app --key=language --value=$language
ynh_app_setting_set --app=$app --key=admin --value=$admin
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# FIND AND OPEN A PORT
#=================================================
ynh_script_progression --message="Finding an available port..." --weight=1
# Find an available port
port_web=$(ynh_find_port --port=3000)
ynh_app_setting_set --app=$app --key=port_web --value=$port_web
port_stream=$(ynh_find_port --port=4000)
ynh_app_setting_set --app=$app --key=port_stream --value=$port_stream
#=================================================
# INSTALL DEPENDENCIES
#=================================================
ynh_script_progression --message="Installing dependencies..." --weight=1
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies $build_pkg_dependencies
ynh_exec_warn_less ynh_install_ruby --ruby_version=$ruby_version
ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version
ynh_exec_warn_less ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg"
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..." --weight=1
# Create a system user
ynh_system_user_create --username=$app --home_dir="$final_path"
#=================================================
# CREATE A POSTGRESQL DATABASE
#=================================================
ynh_script_progression --message="Creating a PostgreSQL database..." --weight=1
db_name=$(ynh_sanitize_dbid --db_name="${app}_production")
db_user=$(ynh_sanitize_dbid --db_name=$app)
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
ynh_app_setting_set --app=$app --key=db_user --value=$db_user
ynh_psql_test_if_first_run
ynh_psql_setup_db --db_user=$db_user --db_name=$db_name
ynh_psql_execute_as_root --sql="ALTER USER $db_user CREATEDB;"
db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
# APP "BUILD" (DEPLOYING SOURCES, VENV, COMPILING ETC)
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Setting up source files..." --weight=1
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$final_path/live"
ynh_setup_source --dest_dir="$install_dir/live"
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
chown -R $app:www-data "$install_dir"
#=================================================
# NGINX CONFIGURATION
# INSTALL DEPENDENCIES
#=================================================
ynh_script_progression --message="Configuring NGINX web server..." --weight=1
ynh_script_progression --message="Installing Ruby and NodeJS..." --weight=1
# Create a dedicated NGINX config
ynh_add_nginx_config
ynh_exec_warn_less ynh_install_ruby --ruby_version=$ruby_version
ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version
#=================================================
# SPECIFIC SETUP
#=================================================
# ADD SWAP IF NEEDED
#=================================================
@ -138,7 +48,8 @@ if [ $total_memory -lt $memory_needed ]; then
swap_needed=$(($memory_needed - $total_memory))
fi
ynh_script_progression --message="Adding $swap_needed Mo to swap..."
ynh_script_progression --message="Adding $swap_needed Mo to swap..." --weight=1
ynh_add_swap --size=$swap_needed
#=================================================
@ -146,7 +57,7 @@ ynh_add_swap --size=$swap_needed
#=================================================
ynh_script_progression --message="Adding a configuration file..." --weight=1
config="$final_path/live/.env.production"
config="$install_dir/live/.env.production"
language="$(echo $language | head -c 2)"
@ -159,28 +70,29 @@ ynh_app_setting_set --app="$app" --key=secret_key_base --value="$secret_key_base
otp_secret=$(ynh_string_random --length=128)
ynh_app_setting_set --app="$app" --key=otp_secret --value="$otp_secret"
# We need rake to build vapid keys, we generate them later once the app is installed
vapid_private_key=""
vapid_public_key=""
ynh_add_config --template="../conf/.env.production.sample" --destination="$config"
ynh_add_config --template=".env.production.sample" --destination="$config"
chmod 400 "$config"
chown $app:$app "$config"
ynh_replace_string --match_string="registrations_mode: 'open'" --replace_string="registrations_mode: 'none'" --target_file="$final_path/live/config/settings.yml"
ynh_replace_string --match_string="min_invite_role: 'admin'" --replace_string="min_invite_role: 'none'" --target_file="$final_path/live/config/settings.yml"
ynh_replace_string --match_string="registrations_mode: 'open'" --replace_string="registrations_mode: 'none'" --target_file="$install_dir/live/config/settings.yml"
ynh_replace_string --match_string="min_invite_role: 'admin'" --replace_string="min_invite_role: 'none'" --target_file="$install_dir/live/config/settings.yml"
ynh_store_file_checksum --file="$final_path/live/config/settings.yml"
ynh_store_file_checksum --file="$install_dir/live/config/settings.yml"
chmod 400 "$final_path/live/config/settings.yml"
chown $app:$app "$final_path/live/config/settings.yml"
chmod 400 "$install_dir/live/config/settings.yml"
chown $app:$app "$install_dir/live/config/settings.yml"
#=================================================
# BUILD APP
#=================================================
ynh_script_progression --message="Building app..." --weight=1
pushd "$final_path/live"
pushd "$install_dir/live"
# Building ruby packages
ynh_use_ruby
ynh_gem update --system
ynh_gem install bundler --no-document
@ -188,92 +100,65 @@ pushd "$final_path/live"
ynh_exec_as $app $ynh_ruby_load_path $ld_preload bin/bundle config without 'development test'
ynh_exec_as $app $ynh_ruby_load_path $ld_preload bin/bundle config set force_ruby_platform true
ynh_exec_as $app $ynh_ruby_load_path $ld_preload bin/bundle install -j$(getconf _NPROCESSORS_ONLN)
# Building assets
ynh_use_nodejs
ynh_exec_warn_less ynh_exec_as $app $ynh_node_load_PATH yarn install --pure-lockfile
ynh_exec_warn_less ynh_exec_as $app $ynh_node_load_PATH yarn install --pure-lockfile --production --network-timeout 600000
echo "SAFETY_ASSURED=1">> $config
ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path $ld_preload bin/bundle exec rails db:setup --quiet
ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path $ld_preload bin/bundle exec rails db:migrate --quiet
ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path $ld_preload bin/bundle exec rails assets:precompile --quiet
# Generate vapid keys
ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path $ld_preload bin/bundle exec rake mastodon:webpush:generate_vapid_key > key.txt
# Create the first admin user
ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path $ld_preload bin/tootctl accounts create "$admin" --email="$admin_mail" --confirmed --role=Owner > /dev/null
ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path $ld_preload bin/tootctl accounts modify "$admin" --approve
popd
vapid_private_key=$(grep -oP "VAPID_PRIVATE_KEY=\K.+" "$final_path/live/key.txt")
# Re-generate config with vapid keys
vapid_private_key=$(grep -oP "VAPID_PRIVATE_KEY=\K.+" "$install_dir/live/key.txt")
ynh_app_setting_set --app="$app" --key=vapid_private_key --value="$vapid_private_key"
vapid_public_key=$(grep -oP "VAPID_PUBLIC_KEY=\K.+" "$final_path/live/key.txt")
vapid_public_key=$(grep -oP "VAPID_PUBLIC_KEY=\K.+" "$install_dir/live/key.txt")
ynh_app_setting_set --app="$app" --key=vapid_public_key --value="$vapid_public_key"
ynh_secure_remove --file="$final_path/live/key.txt"
ynh_secure_remove --file="$install_dir/live/key.txt"
ynh_delete_file_checksum --file="$config"
ynh_add_config --template="../conf/.env.production.sample" --destination="$config"
ynh_add_config --template=".env.production.sample" --destination="$config"
chmod 400 "$config"
chown $app:$app "$config"
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies
ynh_package_autoremove
#=================================================
# SYSTEM CONFIGURATION
#=================================================
ynh_script_progression --message="Adding system configurations related to $app..." --weight=1
#=================================================
# SETUP SYSTEMD
#=================================================
ynh_script_progression --message="Configuring a systemd service..." --weight=1
# Create a dedicated NGINX config using the conf/nginx.conf template
ynh_add_nginx_config
# Create a dedicated systemd config
ynh_add_systemd_config --service="$app-web" --template="mastodon-web.service"
yunohost service add "$app-web" --description="$app web service"
ynh_add_systemd_config --service="$app-sidekiq" --template="mastodon-sidekiq.service"
yunohost service add "$app-sidekiq" --description="$app sidekiq service"
ynh_add_systemd_config --service="$app-streaming" --template="mastodon-streaming.service"
yunohost service add "$app-streaming" --description="$app streaming service"
#=================================================
# SETUP THE CRON FILE
#=================================================
ynh_script_progression --message="Setuping the cron file..." --weight=1
# Create a cron file
ynh_add_config --template="cron" --destination="/etc/cron.d/$app"
ynh_add_config --template="../conf/cron" --destination="/etc/cron.d/$app"
# Use logrotate to manage application logfile(s)
mkdir -p /var/log/$app
chown $app:$app /var/log/$app
ynh_use_logrotate
#=================================================
# GENERIC FINALIZATION
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
yunohost service add "$app-web" --description="$app web service"
yunohost service add "$app-sidekiq" --description="$app sidekiq service"
yunohost service add "$app-streaming" --description="$app streaming service"
#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=1
ynh_script_progression --message="Starting all systemd services..." --weight=1
ynh_systemd_action --service_name=${app}-web --action="start" --log_path=systemd --line_match="Listening on"
ynh_systemd_action --service_name=${app}-sidekiq --action="start" --log_path=systemd --line_match="Schedules Loaded"
ynh_systemd_action --service_name=${app}-streaming --action="start" --log_path=systemd --line_match="Streaming API now listening"
#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Configuring permissions..." --weight=1
# Make app public if necessary
if [ $is_public -eq 1 ]
then
# Everyone can access the app.
# The "main" permission is automatically created before the install script.
ynh_permission_update --permission="main" --add="visitors"
fi
ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --auth_header="false" --show_tile="false" --protected="true"
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
ynh_systemd_action --service_name=nginx --action=reload
ynh_systemd_action --service_name=${app}-web --action="start" --log_path=/var/log/$app/$app-web.log --line_match="Listening on"
ynh_systemd_action --service_name=${app}-sidekiq --action="start" --log_path=/var/log/$app/$app-sidekiq.log --line_match="Schedules Loaded"
ynh_systemd_action --service_name=${app}-streaming --action="start" --log_path=/var/log/$app/$app-streaming.log --line_match="Streaming API now listening"
#=================================================
# END OF SCRIPT

77
scripts/remove
View file

@ -12,22 +12,11 @@ source ynh_add_swap
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
# REMOVE SYSTEM CONFIGURATIONS
#=================================================
ynh_script_progression --message="Loading installation settings..." --weight=1
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$(ynh_app_setting_get --app=$app --key=db_user)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
#=================================================
# STANDARD REMOVE
#=================================================
# REMOVE SERVICE INTEGRATION IN YUNOHOST
# REMOVE SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Removing system configurations related to $app..." --weight=1
# Remove the service from the list of services known by YunoHost (added from `yunohost service add`)
if ynh_exec_warn_less yunohost service status "$app-web" >/dev/null
@ -48,73 +37,27 @@ then
yunohost service remove "$app-streaming"
fi
#=================================================
# STOP AND REMOVE SERVICE
#=================================================
ynh_script_progression --message="Stopping and removing the systemd service..." --weight=1
# Remove the dedicated systemd config
ynh_remove_systemd_config --service="$app-web"
ynh_remove_systemd_config --service="$app-sidekiq"
ynh_remove_systemd_config --service="$app-streaming"
#=================================================
# REMOVE THE POSTGRESQL DATABASE
#=================================================
ynh_script_progression --message="Removing the PostgreSQL database..." --weight=1
# Remove a database if it exists, along with the associated user
ynh_psql_remove_db --db_user=$db_user --db_name=$db_name
#=================================================
# REMOVE APP MAIN DIR
#=================================================
ynh_script_progression --message="Removing app main directory..." --weight=1
# Remove the app directory securely
ynh_secure_remove --file="$final_path"
#=================================================
# REMOVE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Removing NGINX web server configuration..." --weight=1
# Remove the dedicated NGINX config
ynh_remove_nginx_config
#=================================================
# REMOVE DEPENDENCIES
#=================================================
ynh_script_progression --message="Removing dependencies..." --weight=1
# Remove metapackage and its dependencies
ynh_remove_ruby
ynh_remove_nodejs
ynh_remove_app_dependencies
#=================================================
# SPECIFIC REMOVE
#=================================================
# REMOVE VARIOUS FILES
#=================================================
ynh_script_progression --message="Removing various files..." --weight=1
# Remove a cron file
ynh_secure_remove --file="/etc/cron.d/$app"
# Remote logrotate config
ynh_remove_logrotate
# Remove metapackage and its dependencies
ynh_remove_ruby
ynh_remove_nodejs
# Remove swap
ynh_del_swap
#=================================================
# GENERIC FINALIZATION
#=================================================
# REMOVE DEDICATED USER
#=================================================
ynh_script_progression --message="Removing the dedicated system user..." --weight=1
# Delete a system user
ynh_system_user_delete --username=$app
#=================================================
# END OF SCRIPT
#=================================================

125
scripts/restore
View file

@ -12,86 +12,24 @@ source ../settings/scripts/ynh_install_ruby__2
source ../settings/scripts/ynh_add_swap
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_clean_setup () {
true
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..." --weight=1
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$(ynh_app_setting_get --app=$app --key=db_user)
#=================================================
# CHECK IF THE APP CAN BE RESTORED
#=================================================
ynh_script_progression --message="Validating restoration parameters..." --weight=1
test ! -d $final_path \
|| ynh_die --message="There is already a directory: $final_path "
#=================================================
# STANDARD RESTORATION STEPS
#=================================================
# RECREATE THE DEDICATED USER
#=================================================
ynh_script_progression --message="Recreating the dedicated system user..." --weight=1
# Create the dedicated user (if not existing)
ynh_system_user_create --username=$app --home_dir="$final_path"
#=================================================
# RESTORE THE APP MAIN DIR
#=================================================
ynh_script_progression --message="Restoring the app main directory..." --weight=1
ynh_restore_file --origin_path="$final_path"
ynh_restore_file --origin_path="$install_dir"
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
#=================================================
# SPECIFIC RESTORATION
#=================================================
# REINSTALL DEPENDENCIES
#=================================================
ynh_script_progression --message="Reinstalling dependencies..." --weight=1
# Define and install dependencies
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies $build_pkg_dependencies
ynh_exec_warn_less ynh_install_ruby --ruby_version=$ruby_version
ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version
ynh_exec_warn_less ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg"
#=================================================
# RESTORE THE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the NGINX web server configuration..." --weight=1
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
chmod 750 "$install_dir"
chmod -R o-rwx "$install_dir"
chown -R $app:www-data "$install_dir"
#=================================================
# RESTORE THE POSTGRESQL DATABASE
#=================================================
ynh_script_progression --message="Restoring the PostgreSQL database..." --weight=1
ynh_psql_test_if_first_run
db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
ynh_psql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd
ynh_psql_execute_as_root --sql="ALTER USER $db_user CREATEDB;"
ynh_psql_execute_file_as_root --file="./db.sql" --database="$db_name"
@ -109,64 +47,63 @@ if [ $total_memory -lt $memory_needed ]; then
fi
ynh_script_progression --message="Adding $swap_needed Mo to swap..." --weight=1
ynh_add_swap --size=$swap_needed
#=================================================
# REINSTALL DEPENDENCIES
#=================================================
ynh_script_progression --message="Reinstalling Ruby and NodeJS..." --weight=1
ynh_exec_warn_less ynh_install_ruby --ruby_version=$ruby_version
ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version
#=================================================
# BUILD APP
#=================================================
ynh_script_progression --message="Building app..." --weight=1
pushd "$final_path/live"
pushd "$install_dir/live"
ynh_use_ruby
ynh_gem update --system
ynh_gem install bundler --no-document
ynh_exec_as $app $ynh_ruby_load_path $ld_preload bin/bundle install --redownload -j$(getconf _NPROCESSORS_ONLN)
popd
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies
ynh_package_autoremove
#=================================================
# RESTORE SYSTEM CONFIGURATIONS
#=================================================
# RESTORE THE PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1
#=================================================
# RESTORE VARIOUS FILES
#=================================================
ynh_script_progression --message="Restoring various files..." --weight=1
ynh_restore_file --origin_path="/etc/cron.d/$app"
#=================================================
# RESTORE SYSTEMD
#=================================================
ynh_script_progression --message="Restoring the systemd configuration..." --weight=1
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_restore_file --origin_path="/etc/systemd/system/$app-web.service"
ynh_restore_file --origin_path="/etc/systemd/system/$app-sidekiq.service"
ynh_restore_file --origin_path="/etc/systemd/system/$app-streaming.service"
systemctl enable "$app-web" "$app-sidekiq" "$app-streaming" --quiet
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
yunohost service add "$app-web" --description="$app web service"
yunohost service add "$app-sidekiq" --description="$app sidekiq service"
yunohost service add "$app-streaming" --description="$app streaming service"
#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=1
ynh_restore_file --origin_path="/etc/cron.d/$app"
ynh_systemd_action --service_name=${app}-web --action="start" --log_path=systemd --line_match="Listening on"
ynh_systemd_action --service_name=${app}-sidekiq --action="start" --log_path=systemd --line_match="Schedules Loaded"
ynh_systemd_action --service_name=${app}-streaming --action="start" --log_path=systemd --line_match="Streaming API now listening"
mkdir -p /var/log/$app
chown -R $app:$app /var/log/$app
ynh_restore_file --origin_path="/etc/logrotate.d/$app"
#=================================================
# GENERIC FINALIZATION
#=================================================
# RELOAD NGINX
# RELOAD NGINX AND THE APP SERVICE
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1
ynh_systemd_action --service_name=${app}-web --action="start" --log_path=/var/log/$app/$app-web.log --line_match="Listening on"
ynh_systemd_action --service_name=${app}-sidekiq --action="start" --log_path=/var/log/$app/$app-sidekiq.log --line_match="Schedules Loaded"
ynh_systemd_action --service_name=${app}-streaming --action="start" --log_path=/var/log/$app/$app-streaming.log --line_match="Streaming API now listening"
ynh_systemd_action --service_name=nginx --action=reload

304
scripts/upgrade
View file

@ -11,209 +11,34 @@ source ynh_install_ruby__2
source ynh_add_swap
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..." --weight=1
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
language=$(ynh_app_setting_get --app=$app --key=language)
admin=$(ynh_app_setting_get --app=$app --key=admin)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
redis_namespace=$(ynh_app_setting_get --app=$app --key=db_name)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$(ynh_app_setting_get --app=$app --key=db_user)
db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
admin_mail=$(ynh_user_get_info --username=$admin --key='mail')
port_web=$(ynh_app_setting_get --app=$app --key=port_web)
port_stream=$(ynh_app_setting_get --app=$app --key=port_stream)
secret_key_base=$(ynh_app_setting_get --app=$app --key=secret_key_base)
otp_secret=$(ynh_app_setting_get --app=$app --key=otp_secret)
vapid_private_key=$(ynh_app_setting_get --app=$app --key=vapid_private_key)
vapid_public_key=$(ynh_app_setting_get --app=$app --key=vapid_public_key)
config="$final_path/live/.env.production"
#=================================================
# CHECK VERSION
#=================================================
ynh_script_progression --message="Checking version..." --weight=1
upgrade_type=$(ynh_check_app_version_changed)
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
# Restore it if the upgrade fails
ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
config="$install_dir/live/.env.production"
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
# STOP SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Stopping a systemd service..." --weight=1
ynh_systemd_action --service_name=${app}-web --action="stop" --log_path=systemd
ynh_systemd_action --service_name=${app}-sidekiq --action="stop" --log_path=systemd
ynh_systemd_action --service_name=${app}-streaming --action="stop" --log_path=systemd
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
# Cleaning legacy permissions
if ynh_legacy_permissions_exists; then
ynh_legacy_permissions_delete_all
ynh_app_setting_delete --app=$app --key=is_public
fi
# Create a permission if needed
if ! ynh_permission_exists --permission="api"; then
ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --auth_header="false" --show_tile="false" --protected="true"
fi
# If port_web doesn't exist, create it, needed for old install
if [[ -z "$port_web" ]]; then
port_web=3000
ynh_app_setting_set --app=$app --key=port_web --value=$port_web
fi
# If port_web doesn't exist, create it, needed for old install
if [[ -z "$port_stream" ]]; then
port_stream=4000
ynh_app_setting_set --app=$app --key=port_stream --value=$port_stream
fi
# If db_user doesn't exist, create it, needed for old install
if [[ -z "$db_user" ]]; then
db_user=$(ynh_sanitize_dbid --db_name=$app)
ynh_app_setting_set --app=$app --key=db_user --value=$db_user
fi
# If db_pwd doesn't exist, create it, needed for old install
if [[ -z "$db_pwd" ]]; then
db_pwd=$(ynh_string_random)
ynh_app_setting_set --app=$app --key=db_pwd --value=$db_pwd
ynh_psql_test_if_first_run
sudo --login --user=postgres psql -c"ALTER user $app WITH PASSWORD '$db_pwd'" postgres
ynh_replace_string --match_string="DB_PASS=" --replace_string="DB_PASS=${db_pwd}" --target_file="$config"
fi
# Remove paperclip_secret
ynh_app_setting_delete --app=$app --key=paperclip_secret
# If secret_key_base doesn't exist, retrieve it or create it
if [[ -z "$secret_key_base" ]]; then
secret_key_base=$(grep -oP "SECRET_KEY_BASE=\K\w+" $config)
if [[ -z "$secret_key_base" ]]; then
secret_key_base=$(ynh_string_random --length=128)
fi
ynh_app_setting_set --app=$app --key=secret_key_base --value="$secret_key_base"
fi
# If otp_secret doesn't exist, retrieve it or create it
if [[ -z "$otp_secret" ]]; then
otp_secret=$(grep -oP "OTP_SECRET=\K\w+" $config)
if [[ -z "$otp_secret" ]]; then
otp_secret=$(ynh_string_random --length=128)
fi
ynh_app_setting_set --app=$app --key=otp_secret --value="$otp_secret"
fi
# If vapid_private_key doesn't exist, retrieve it or create it
if [[ -z "$vapid_private_key" ]]; then
vapid_private_key=$(grep -oP "VAPID_PRIVATE_KEY=\K.+" $config)
vapid_public_key=$(grep -oP "VAPID_PUBLIC_KEY=\K.+" $config)
ynh_app_setting_set "$app" vapid_private_key "$vapid_private_key"
ynh_app_setting_set "$app" vapid_public_key "$vapid_public_key"
fi
# If redis_namespace doesn't exist, create it
if [[ -z "$redis_namespace" ]]; then
redis_namespace=${app}_production
ynh_app_setting_set --app=$app --key=redis_namespace --value=$redis_namespace
# Set `service` settings to support `yunohost app shell` command
if [[ -z "${service:-}" ]]; then
service="$app-web.service"
ynh_app_setting_set --app="$app" --key=service --value="$service"
fi
#Remove previous added repository
ynh_remove_extra_repo
#=================================================
# CREATE DEDICATED USER
# STOP SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1
ynh_script_progression --message="Stopping a systemd service..." --weight=1
# Create a dedicated user (if not existing)
ynh_system_user_create --username=$app --home_dir="$final_path"
ynh_systemd_action --service_name=${app}-web --action="stop" --log_path=/var/log/$app/$app-web.log --line_match="Goodbye"
ynh_systemd_action --service_name=${app}-sidekiq --action="stop" --log_path=/var/log/$app/$app-sidekiq.log --line_match="Bye"
ynh_systemd_action --service_name=${app}-streaming --action="stop" --log_path=/var/log/$app/$app-streaming.log --line_match="exiting"
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
if [ "$upgrade_type" == "UPGRADE_APP" ]
then
ynh_script_progression --message="Upgrading source files..." --weight=1
# Download Mastodon
tmpdir="$(mktemp -d)"
mkdir $tmpdir/system
if [ -d "$final_path/live/public/system" ]; then
mv --verbose --no-target-directory --backup=numbered "$final_path/live/public/system" "$final_path/system.tmp"
fi
rsync -a "$config" "$tmpdir/."
ynh_secure_remove --file="$final_path/live"
ynh_setup_source --dest_dir="$final_path/live"
if [ -d "$final_path/system.tmp" ]; then
mv --verbose --no-target-directory "$final_path/system.tmp" "$final_path/live/public/system"
fi
rsync -a "$tmpdir/.env.production" "$final_path/live/."
ynh_secure_remove --file="$tmpdir"
# Clean files which are not needed anymore
ynh_secure_remove --file="$final_path/live/config/initializers/timeout.rb"
fi
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
#=================================================
# UPGRADE DEPENDENCIES
#=================================================
ynh_script_progression --message="Upgrading dependencies..." --weight=1
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies $build_pkg_dependencies
ynh_exec_warn_less ynh_install_ruby --ruby_version=$ruby_version
ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version
ynh_exec_warn_less ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg"
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=1
# Create a dedicated NGINX config
ynh_add_nginx_config
#=================================================
# SPECIFIC UPGRADE
#=================================================
# ADD SWAP IF NEEDED
#=================================================
@ -231,11 +56,37 @@ ynh_script_progression --message="Adding $swap_needed Mo to swap..."
ynh_add_swap --size=$swap_needed
#=================================================
# BUILD APP
# UPGRADE DEPENDENCIES
#=================================================
ynh_script_progression --message="Building app..." --weight=1
ynh_script_progression --message="Upgrading Ruby and NodeJS..." --weight=1
pushd "$final_path/live"
ynh_exec_warn_less ynh_install_ruby --ruby_version=$ruby_version
ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version
#=================================================
# "REBUILD" THE APP (DEPLOY NEW SOURCES, RERUN NPM BUILD...)
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
if [ "$upgrade_type" == "UPGRADE_APP" ]
then
ynh_script_progression --message="Upgrading source files..." --weight=1
# Download Mastodon
ynh_setup_source --dest_dir="$install_dir/live" --keep="public/system/"
chmod 750 "$install_dir"
chmod -R o-rwx "$install_dir"
chown -R $app:www-data "$install_dir"
fi
#=================================================
# BUILD ASSETS
#=================================================
ynh_script_progression --message="Building assets..." --weight=1
pushd "$install_dir/live"
ynh_use_ruby
ynh_gem update --system
ynh_gem install bundler --no-document
@ -244,16 +95,37 @@ pushd "$final_path/live"
ynh_exec_as $app $ynh_ruby_load_path $ld_preload bin/bundle config set force_ruby_platform true --quiet
ynh_exec_as $app $ynh_ruby_load_path $ld_preload bin/bundle install -j$(getconf _NPROCESSORS_ONLN)
ynh_use_nodejs
ynh_exec_as $app $ynh_node_load_PATH yarn install --pure-lockfile
ynh_exec_as $app $ynh_node_load_PATH yarn install --pure-lockfile --production --network-timeout 600000
ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path $ld_preload bin/bundle exec rails assets:clean
ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path $ld_preload bin/bundle exec rails assets:precompile
ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path $ld_preload bin/bundle exec rails db:migrate
ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path $ld_preload bin/tootctl cache clear
popd
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies
ynh_package_autoremove
#=================================================
# REAPPLY SYSTEM CONFIGURATIONS
#=================================================
ynh_script_progression --message="Upgrading system configurations related to $app..." --weight=1
ynh_add_nginx_config
# Create a dedicated systemd config
ynh_add_systemd_config --service="$app-web" --template="mastodon-web.service"
yunohost service add "$app-web" --description="$app web service"
ynh_add_systemd_config --service="$app-sidekiq" --template="mastodon-sidekiq.service"
yunohost service add "$app-sidekiq" --description="$app sidekiq service"
ynh_add_systemd_config --service="$app-streaming" --template="mastodon-streaming.service"
yunohost service add "$app-streaming" --description="$app streaming service"
ynh_add_config --template="cron" --destination="/etc/cron.d/$app"
# Use logrotate to manage app-specific logfile(s)
mkdir -p /var/log/$app
chown $app:$app /var/log/$app
ynh_use_logrotate --non-append
#=================================================
# RECONFIGURE THE APP (UPDATE CONF, APPLY MIGRATIONS...)
#=================================================
# UPDATE A CONFIG FILE
#=================================================
@ -261,54 +133,30 @@ ynh_script_progression --message="Updating a config file..." --weight=1
language="$(echo $language | head -c 2)"
ynh_add_config --template="../conf/.env.production.sample" --destination="$config"
ynh_add_config --template=".env.production.sample" --destination="$config"
chmod 400 "$config"
chown $app:$app "$config"
#=================================================
# SETUP SYSTEMD
# APPLY MIGRATIONS
#=================================================
ynh_script_progression --message="Upgrading systemd configuration..." --weight=1
ynh_script_progression --message="Applying migrations..." --weight=1
# Create a dedicated systemd config
ynh_add_systemd_config --service="$app-web" --template="mastodon-web.service"
ynh_add_systemd_config --service="$app-sidekiq" --template="mastodon-sidekiq.service"
ynh_add_systemd_config --service="$app-streaming" --template="mastodon-streaming.service"
#=================================================
# SETUP THE CRON FILE
#=================================================
ynh_script_progression --message="Setuping the cron file..." --weight=1
ynh_add_config --template="../conf/cron" --destination="/etc/cron.d/$app"
#=================================================
# GENERIC FINALIZATION
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
yunohost service add "$app-web" --description="$app web service"
yunohost service add "$app-sidekiq" --description="$app sidekiq service"
yunohost service add "$app-streaming" --description="$app streaming service"
pushd "$install_dir/live"
ynh_use_ruby
ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path $ld_preload bin/bundle exec rails db:migrate
ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path $ld_preload bin/tootctl cache clear
popd
#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=1
ynh_systemd_action --service_name=${app}-web --action="start" --log_path=systemd --line_match="Listening on"
ynh_systemd_action --service_name=${app}-sidekiq --action="start" --log_path=systemd --line_match="Schedules Loaded"
ynh_systemd_action --service_name=${app}-streaming --action="start" --log_path=systemd --line_match="Streaming API now listening"
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
ynh_systemd_action --service_name=nginx --action=reload
ynh_systemd_action --service_name=${app}-web --action="start" --log_path=/var/log/$app/$app-web.log --line_match="Listening on"
ynh_systemd_action --service_name=${app}-sidekiq --action="start" --log_path=/var/log/$app/$app-sidekiq.log --line_match="Schedules Loaded"
ynh_systemd_action --service_name=${app}-streaming --action="start" --log_path=/var/log/$app/$app-streaming.log --line_match="Streaming API now listening"
#=================================================
# END OF SCRIPT

7
scripts/ynh_add_swap
View file

@ -19,6 +19,13 @@ ynh_add_swap () {
SD_CARD_CAN_SWAP=${SD_CARD_CAN_SWAP:-0}
# Can't swap inside an LXD
if [ "$(systemd-detect-virt)" == "lxc" ]
then
ynh_print_warn --message="You are inside a LXC container, swap will not be added, but that can cause troubles for the app $app. Please make sure you have more than 2.5G available RAM."
return
fi
# Swap on SD card only if it's is specified
if ynh_is_main_device_a_sd_card && [ "$SD_CARD_CAN_SWAP" == "0" ]
then

4
scripts/ynh_install_ruby__2
View file

@ -36,7 +36,7 @@ build_pkg_dependencies="$build_pkg_dependencies $build_ruby_dependencies"
# However, $PATH is duplicated into $ruby_path to outlast any manipulation of $PATH
# You can use the variable `$ynh_ruby_load_path` to quickly load your Ruby version
# in $PATH for an usage into a separate script.
# Exemple: $ynh_ruby_load_path $final_path/script_that_use_gem.sh`
# Exemple: $ynh_ruby_load_path $install_dir/script_that_use_gem.sh`
#
#
# Finally, to start a Ruby service with the correct version, 2 solutions
@ -81,7 +81,7 @@ ynh_use_ruby () {
ynh_ruby_load_path="PATH=$PATH"
# Sets the local application-specific Ruby version
pushd $final_path
pushd $install_dir
$rbenv_install_dir/bin/rbenv local $ruby_version
popd
}

26
tests.toml Normal file
View file

@ -0,0 +1,26 @@
test_format = 1.0
[default]
# ------------
# Tests to run
# ------------
exclude = ["install.multi", "install.private", "change_url"]
# The test IDs to be used in only/exclude statements are: install.root, install.subdir, install.nourl, install.multi, backup_restore, upgrade, upgrade.someCommitId change_url
# -------------------------------
# Default args to use for install
# -------------------------------
# Nothing to do here...yet
# -------------------------------
# Commits to test upgrade from
# -------------------------------
test_upgrade_from.43504e6.name = "Upgrade from 4.2.5~ynh1"
test_upgrade_from.43504e6.args.domain="domain.tld"
test_upgrade_from.43504e6.args.is_public=1
test_upgrade_from.43504e6.args.admin="john"
test_upgrade_from.43504e6.args.language="fr_FR"