diff --git a/conf/app.src b/conf/app.src deleted file mode 100644 index 373c88f..0000000 --- a/conf/app.src +++ /dev/null @@ -1,6 +0,0 @@ -SOURCE_URL=https://git.pleroma.social/pleroma/pleroma/-/archive/v1.0.1/pleroma-v1.0.1.tar.gz -SOURCE_SUM=f97c6bd9eaa583916c6770665c94fd896f999210ca811bedd9ae9f72f04d4c1c -SOURCE_SUM_PRG=sha256sum -SOURCE_FORMAT=tar.gz -SOURCE_IN_SUBDIR=true -SOURCE_FILENAME= diff --git a/conf/arm.src b/conf/arm.src new file mode 100644 index 0000000..87f12bd --- /dev/null +++ b/conf/arm.src @@ -0,0 +1,6 @@ +SOURCE_URL=https://git.pleroma.social/pleroma/pleroma/-/jobs/45357/artifacts/download +SOURCE_SUM=3f223062fca6010abd36aaf9c3ebee8d1c808012ed26639df49103a8969c5af0 +SOURCE_SUM_PRG=sha256sum +SOURCE_FORMAT=zip +SOURCE_IN_SUBDIR=true +SOURCE_FILENAME=pleroma-v1.0.1.zip diff --git a/conf/arm64.src b/conf/arm64.src new file mode 100644 index 0000000..f687dff --- /dev/null +++ b/conf/arm64.src @@ -0,0 +1,6 @@ +SOURCE_URL=https://git.pleroma.social/pleroma/pleroma/-/jobs/45359/artifacts/download +SOURCE_SUM=68f0b6e09b423eb1df5774a7fc4aac1518aa3df27cdaae5b824b73ec8839d7f7 +SOURCE_SUM_PRG=sha256sum +SOURCE_FORMAT=zip +SOURCE_IN_SUBDIR=true +SOURCE_FILENAME=pleroma-v1.0.1.zip diff --git a/conf/generated_config.exs b/conf/generated_config.exs index 8781368..22aebd9 100644 --- a/conf/generated_config.exs +++ b/conf/generated_config.exs @@ -3,19 +3,21 @@ # NOTE: This file should not be committed to a repo or otherwise made public # without removing sensitive information. -use Mix.Config +import Config config :pleroma, Pleroma.Web.Endpoint, url: [host: "__DOMAIN__", scheme: "https", port: 443], secret_key_base: "__KEY__", + signing_salt: "__SIGNING_SALT__", http: [ip: {127, 0, 0, 1}, port: __PORT__] config :pleroma, :instance, name: "__INSTANCE_NAME__", email: "__ADMIN_EMAIL__", + notify_email: "__ADMIN_EMAIL__", limit: 5000, registrations_open: __REG__, - dedupe_media: false + dynamic_configuration: false config :pleroma, :media_proxy, enabled: __MEDIA_CACHE__, @@ -30,6 +32,16 @@ config :pleroma, Pleroma.Repo, hostname: "localhost", pool_size: 10 +# Configure web push notifications +config :web_push_encryption, :vapid_details, + subject: "mailto:__ADMIN_EMAIL__", + public_key: "__PUBLIC_KEY__", + private_key: "__PRIVATE_KEY__" + +config :pleroma, :database, rum_enabled: false +config :pleroma, :instance, static_dir: "__DATADIR__/static" +config :pleroma, Pleroma.Uploaders.Local, uploads: "__DATADIR__/uploads" + # Enable Strict-Transport-Security once SSL is working: # config :pleroma, :http_security, # sts: true @@ -69,5 +81,3 @@ config :pleroma, Pleroma.Repo, # storage_url: "https://swift-endpoint.prodider.com/v1/AUTH_/", # object_url: "https://cdn-endpoint.provider.com/" # - - diff --git a/conf/systemd.service b/conf/systemd.service index 104157b..614d91e 100755 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -1,27 +1,23 @@ [Unit] Description=__APP__ social network -After=network.target postgresql.service +After=network.target postgresql.service nginx.service [Service] -ExecReload=/bin/kill $MAINPID KillMode=process Restart=on-failure ; Name of the user that runs the Pleroma service. User=__APP__ Group=__APP__ -; Declares that Pleroma runs in production mode. -Environment="MIX_ENV=prod" ; Make sure that all paths fit your installation. ; Path to the home directory of the user running the Pleroma service. -Environment="HOME=__FINALPATH__" +Environment="HOME=__FINALPATH__/__APP__" ; Path to the folder containing the Pleroma installation. WorkingDirectory=__FINALPATH__/__APP__ -; Path to the Mix binary. -ExecStart=/usr/bin/mix phx.server -StandardOutput=syslog -StandardError=syslog +; Path to the Pleroma binary. +ExecStart=__FINALPATH__/__APP__/bin/pleroma start +ExecStop=__FINALPATH__/__APP__/bin/pleroma stop ; Some security directives. ; Use private /tmp and /var/tmp folders inside a new file system namespace, which are discarded after the process stops. diff --git a/conf/x86-64.src b/conf/x86-64.src new file mode 100644 index 0000000..6162f81 --- /dev/null +++ b/conf/x86-64.src @@ -0,0 +1,6 @@ +SOURCE_URL=https://git.pleroma.social/pleroma/pleroma/-/jobs/45355/artifacts/download +SOURCE_SUM=426013286094411c5e53330515cc6601b41fab4b8a53b724b7739f92c95154a2 +SOURCE_SUM_PRG=sha256sum +SOURCE_FORMAT=zip +SOURCE_IN_SUBDIR=true +SOURCE_FILENAME=pleroma-v1.0.1.zip diff --git a/scripts/_common.sh b/scripts/_common.sh index 5faffde..d02af56 100755 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -5,7 +5,7 @@ #================================================= # dependencies used by the app -pkg_dependencies="git build-essential postgresql postgresql-contrib openssl ssh sudo" +pkg_dependencies="curl unzip libncurses5 postgresql postgresql-contrib" extra_pkg_dependencies="elixir erlang-dev erlang-tools erlang-parsetools erlang-eldap erlang-xmerl" #================================================= diff --git a/scripts/install b/scripts/install index fb62bbf..aeee439 100755 --- a/scripts/install +++ b/scripts/install @@ -7,6 +7,7 @@ #================================================= source _common.sh +source ynh_detect_arch__2 source ynh_add_extra_apt_repos__3 source /usr/share/yunohost/helpers @@ -15,6 +16,7 @@ source /usr/share/yunohost/helpers #================================================= ynh_clean_setup () { + read -p "key" ynh_clean_check_starting } # Exit if an error occurs during the execution of the script @@ -34,6 +36,7 @@ registration=$YNH_APP_ARG_REGISTRATION cache=$YNH_APP_ARG_CACHE size=$YNH_APP_ARG_SIZE random_key=$(ynh_string_random --length=64) +signing_salt=$(ynh_string_random --length=8) admin_email=$(ynh_user_get_info --username=$admin --key="mail") ## Bypass package_checker name not compatible with pleroma @@ -69,6 +72,7 @@ ynh_app_setting_set --app=$app --key=cache --value="$cache" ynh_app_setting_set --app=$app --key=size --value="$size" ynh_app_setting_set --app=$app --key=admin_email --value="$admin_email" ynh_app_setting_set --app=$app --key=random_key --value="$random_key" +ynh_app_setting_set --app=$app --key=signing_salt --value="$signing_salt" #================================================= # STANDARD MODIFICATIONS @@ -88,8 +92,8 @@ ynh_print_info --message="Installing dependencies..." ynh_install_app_dependencies $pkg_dependencies -lsb_name="$(lsb_release --codename --short)" -ynh_install_extra_app_dependencies --repo="deb http://packages.erlang-solutions.com/debian $lsb_name contrib" --package="$extra_pkg_dependencies" --key='https://packages.erlang-solutions.com/debian/erlang_solutions.asc' +#lsb_name="$(lsb_release --codename --short)" +#ynh_install_extra_app_dependencies --repo="deb http://packages.erlang-solutions.com/debian $lsb_name contrib" --package="$extra_pkg_dependencies" --key='https://packages.erlang-solutions.com/debian/erlang_solutions.asc' #================================================= # CREATE A POSTGRESQL DATABASE @@ -115,7 +119,8 @@ ynh_print_info --message="Setting up source files..." ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src -ynh_setup_source --dest_dir="$final_path/$app" +architecture=$(ynh_detect_arch) +ynh_setup_source --dest_dir="$final_path/$app" --source_id=$architecture #================================================= # NGINX CONFIGURATION @@ -146,60 +151,61 @@ ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # SPECIFIC SETUP +#================================================= +# CREATE THE DATA DIRECTORY +#================================================= +ynh_print_info --message="Create the data directory..." + +# Define app's data directory +datadir="/home/yunohost.app/${app}/storage" + +# Create app folders +mkdir -p "$datadir" +mkdir -p "$datadir/uploads" +mkdir -p "$datadir/static" +mkdir -p "$datadir/static/emoji" + +# Give permission to the datadir +chown -R "$app":"$app" "$datadir" + +ynh_app_setting_set --app=$app --key=datadir --value="$datadir" + #================================================= # MODIFY A CONFIG FILE #================================================= -cp -f ../conf/generated_config.exs "$final_path/$app/config/prod.secret.exs" +mkdir -p /etc/$app +chown -R $app /etc/$app -ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$final_path/$app/config/prod.secret.exs" -ynh_replace_string --match_string="__KEY__" --replace_string="$random_key" --target_file="$final_path/$app/config/prod.secret.exs" -ynh_replace_string --match_string="__INSTANCE_NAME__" --replace_string="$name" --target_file="$final_path/$app/config/prod.secret.exs" -ynh_replace_string --match_string="__DB_NAME__" --replace_string="$db_name" --target_file="$final_path/$app/config/prod.secret.exs" -ynh_replace_string --match_string="__DB_PWD__" --replace_string="$db_pwd" --target_file="$final_path/$app/config/prod.secret.exs" -ynh_replace_string --match_string="__ADMIN_EMAIL__" --replace_string="$admin_email" --target_file="$final_path/$app/config/prod.secret.exs" -ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="$final_path/$app/config/prod.secret.exs" +config="/etc/$app/config.exs" + +cp -f ../conf/generated_config.exs $config + +ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$config" +ynh_replace_string --match_string="__KEY__" --replace_string="$random_key" --target_file="$config" +ynh_replace_string --match_string="__SIGNING_SALT__" --replace_string="$signing_salt" --target_file="$config" +ynh_replace_string --match_string="__INSTANCE_NAME__" --replace_string="$name" --target_file="$config" +ynh_replace_string --match_string="__DB_NAME__" --replace_string="$db_name" --target_file="$config" +ynh_replace_string --match_string="__DB_PWD__" --replace_string="$db_pwd" --target_file="$config" +ynh_replace_string --match_string="__ADMIN_EMAIL__" --replace_string="$admin_email" --target_file="$config" +ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="$config" +ynh_replace_string --match_string="__DATADIR__" --replace_string="$datadir" --target_file="$config" if [ $cache -eq 1 ] then - ynh_replace_string --match_string="__MEDIA_CACHE__" --replace_string="true" --target_file="$final_path/$app/config/prod.secret.exs" + ynh_replace_string --match_string="__MEDIA_CACHE__" --replace_string="true" --target_file="$config" else - ynh_replace_string --match_string="__MEDIA_CACHE__" --replace_string="false" --target_file="$final_path/$app/config/prod.secret.exs" + ynh_replace_string --match_string="__MEDIA_CACHE__" --replace_string="false" --target_file="$config" fi # Set registrations open/closed if [ $registration -eq 1 ] then - ynh_replace_string --match_string="__REG__" --replace_string="true" --target_file="$final_path/$app/config/prod.secret.exs" + ynh_replace_string --match_string="__REG__" --replace_string="true" --target_file="$config" else - ynh_replace_string --match_string="__REG__" --replace_string="false" --target_file="$final_path/$app/config/prod.secret.exs" + ynh_replace_string --match_string="__REG__" --replace_string="false" --target_file="$config" fi -#================================================= -# MAKE SETUP -#================================================= - -# Give permission to the final_path -chown -R "$app":"$app" "$final_path" - -pushd $final_path/$app - # App setup and db migration - sudo -u "$app" MIX_ENV=prod mix local.hex --force - sudo -u "$app" MIX_ENV=prod mix local.rebar --force - sudo -u "$app" MIX_ENV=prod mix deps.get - sudo -u "$app" MIX_ENV=prod mix ecto.migrate - - # Add user - sudo -u "$app" MIX_ENV=prod mix pleroma.user new "$admin" "$admin_email" --password "$password" --moderator --admin -y - - #Generate key pair - sudo -u "$app" MIX_ENV=prod mix web_push.gen.keypair >> "config/prod.secret.exs" - ynh_replace_string --match_string="administrator@example.com" --replace_string="$admin_email" --target_file="$final_path/$app/config/prod.secret.exs" - - #Create uploads dir - mkdir uploads -popd - #================================================= # SETUP SYSTEMD #================================================= @@ -208,12 +214,33 @@ ynh_print_info --message="Configuring a systemd service..." # Create a dedicated systemd config ynh_add_systemd_config +#================================================= +# MAKE SETUP +#================================================= + +# Give permission to the final_path +chown -R "$app":"$app" "$final_path" + +pushd $final_path/$app + su "$app" -s $SHELL -lc "PLEROMA_CONFIG_PATH=$config $final_path/$app/bin/pleroma_ctl migrate" + + ynh_systemd_action --service_name=$app --action="start" --log_path=systemd --line_match="check_if_time_to_update" + + # Add user + su pleroma -s $SHELL -lc "PLEROMA_CONFIG_PATH=$config $final_path/$app/bin/pleroma_ctl user new $admin $admin_email --password $password --moderator --admin -y" + + #Generate key pair + #sudo -u "$app" MIX_ENV=prod mix web_push.gen.keypair >> "config/prod.secret.exs" + su pleroma -s $SHELL -lc "PLEROMA_CONFIG_PATH=$config $final_path/$app/bin/pleroma_ctl gen keypair" >> "$config" + #ynh_replace_string --match_string="administrator@example.com" --replace_string="$admin_email" --target_file="$config" +popd + #================================================= # STORE THE CONFIG FILE CHECKSUM #================================================= # Calculate and store the config file checksum into the app settings -ynh_store_file_checksum --file="$final_path/$app/config/prod.secret.exs" +ynh_store_file_checksum --file="$config" #================================================= # GENERIC FINALIZATION @@ -245,7 +272,7 @@ yunohost service add $app --description "$app daemon for Pleroma" --log "/var/lo #================================================= ynh_print_info --message="Starting a systemd service..." -ynh_systemd_action --service_name=$app --action="start" --log_path=systemd --line_match="Running Pleroma.Web.Endpoint" +ynh_systemd_action --service_name=$app --action="restart" --log_path=systemd --line_match="Started pleroma social network" #================================================= # SETUP SSOWAT diff --git a/scripts/restore b/scripts/restore index ccf2b86..96b3b52 100755 --- a/scripts/restore +++ b/scripts/restore @@ -90,8 +90,8 @@ ynh_print_info --message="Reinstalling dependencies..." # Define and install dependencies ynh_install_app_dependencies $pkg_dependencies -lsb_name="$(lsb_release --codename --short)" -ynh_install_extra_app_dependencies --repo="deb http://packages.erlang-solutions.com/debian $lsb_name contrib" --package="$extra_pkg_dependencies" --key='https://packages.erlang-solutions.com/debian/erlang_solutions.asc' +#lsb_name="$(lsb_release --codename --short)" +#ynh_install_extra_app_dependencies --repo="deb http://packages.erlang-solutions.com/debian $lsb_name contrib" --package="$extra_pkg_dependencies" --key='https://packages.erlang-solutions.com/debian/erlang_solutions.asc' #================================================= # RESTORE THE POSTGRESQL DATABASE diff --git a/scripts/upgrade b/scripts/upgrade index 91f5248..32b30e1 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -7,6 +7,7 @@ #================================================= source _common.sh +source ynh_detect_arch__2 source ynh_add_extra_apt_repos__3 source /usr/share/yunohost/helpers @@ -129,7 +130,8 @@ then ynh_print_info --message="Upgrading source files..." # Download, check integrity, uncompress and patch the source from app.src - ynh_setup_source --dest_dir="$final_path/$app" + architecture=$(ynh_detect_arch) + ynh_setup_source --dest_dir="$final_path/$app" --source_id=$architecture fi #================================================= @@ -160,8 +162,8 @@ ynh_print_info --message="Upgrading dependencies..." ynh_install_app_dependencies $pkg_dependencies -lsb_name="$(lsb_release --codename --short)" -ynh_install_extra_app_dependencies --repo="deb http://packages.erlang-solutions.com/debian $lsb_name contrib" --package="$extra_pkg_dependencies" --key='https://packages.erlang-solutions.com/debian/erlang_solutions.asc' +#lsb_name="$(lsb_release --codename --short)" +#ynh_install_extra_app_dependencies --repo="deb http://packages.erlang-solutions.com/debian $lsb_name contrib" --package="$extra_pkg_dependencies" --key='https://packages.erlang-solutions.com/debian/erlang_solutions.asc' #================================================= # CREATE DEDICATED USER diff --git a/scripts/ynh_detect_arch__2 b/scripts/ynh_detect_arch__2 new file mode 100644 index 0000000..b1c7375 --- /dev/null +++ b/scripts/ynh_detect_arch__2 @@ -0,0 +1,25 @@ +#!/bin/bash + +# Check the architecture +# +# example: architecture=$(ynh_detect_arch) +# +# usage: ynh_detect_arch +# +# Requires YunoHost version 2.2.4 or higher. + +ynh_detect_arch(){ + local architecture + if [ -n "$(uname -m | grep arm64)" ] || [ -n "$(uname -m | grep aarch64)" ]; then + architecture="arm64" + elif [ -n "$(uname -m | grep 64)" ]; then + architecture="x86-64" + elif [ -n "$(uname -m | grep 86)" ]; then + architecture="i386" + elif [ -n "$(uname -m | grep arm)" ]; then + architecture="arm" + else + architecture="unknown" + fi + echo $architecture +}