From 7cce128d656e9900677b010d03ce3705a73fd20c Mon Sep 17 00:00:00 2001 From: yalh76 Date: Fri, 1 Feb 2019 22:03:13 +0100 Subject: [PATCH 01/25] Remove app.src information as we retrieve source with git --- conf/app.src | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/conf/app.src b/conf/app.src index e8c5f3c..e4dd89f 100755 --- a/conf/app.src +++ b/conf/app.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://git.pleroma.social/pleroma/pleroma/-/archive/v0.9.0/pleroma-v0.9.0.tar.gz -SOURCE_SUM=068fd77e6c00998e41e7db58ff122dee714da0c0ba0eb5c590b81eb93543a11e +SOURCE_URL=url of app's source +SOURCE_SUM=sha256 checksum SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true From 37f38a352b25d5b70ac158249b7d3cca088931a6 Mon Sep 17 00:00:00 2001 From: yalh76 Date: Fri, 1 Feb 2019 22:11:09 +0100 Subject: [PATCH 02/25] Add ynh_systemd_action Helper --- scripts/backup | 12 +---- scripts/change_url | 24 ++++++---- scripts/install | 6 +-- scripts/remove | 1 + scripts/restore | 7 +-- scripts/upgrade | 12 +++-- scripts/ynh_systemd_action | 89 ++++++++++++++++++++++++++++++++++++++ 7 files changed, 123 insertions(+), 28 deletions(-) create mode 100644 scripts/ynh_systemd_action diff --git a/scripts/backup b/scripts/backup index 43012a4..03cc482 100755 --- a/scripts/backup +++ b/scripts/backup @@ -7,6 +7,7 @@ #================================================= source ../settings/scripts/_common.sh +source ../settings/scripts/ynh_systemd_action source /usr/share/yunohost/helpers #================================================= @@ -15,7 +16,7 @@ source /usr/share/yunohost/helpers ynh_clean_setup () { ### Remove this function if there's nothing to clean before calling the remove script. - true + ynh_clean_check_starting } # Exit if an error occurs during the execution of the script ynh_abort_if_errors @@ -31,9 +32,6 @@ domain=$(ynh_app_setting_get $app domain) db_name=$(ynh_app_setting_get "$app" psql_db) cache=$(ynh_app_setting_get "$app" cache) -# Stop Pleroma for backup -yunohost service stop "$app" - #================================================= # STANDARD BACKUP STEPS #================================================= @@ -84,9 +82,3 @@ ynh_backup "/etc/systemd/system/$app.service" #================================================= #ynh_backup "/etc/cron.d/$app" - -#================================================= -# START SERVICE -#================================================= - -yunohost service start $app \ No newline at end of file diff --git a/scripts/change_url b/scripts/change_url index 71588c7..c9cb4f2 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -7,6 +7,7 @@ #================================================= source _common.sh +source ynh_systemd_action source /usr/share/yunohost/helpers #================================================= @@ -90,16 +91,26 @@ fi #================================================= # SPECIFIC MODIFICATIONS #================================================= -# ... +# STOP SERVICE #================================================= -# Stop pleroma for modification -yunohost service stop $app +ynh_systemd_action --action=stop --service_name=$app + +#================================================= +# MODIFY A CONFIG FILE +#================================================= ynh_replace_string "$old_domain" "$new_domain" "$final_path/$app/config/prod.secret.exs" -# Start pleroma after modification -yunohost service start $app +#================================================= +# START SERVICE +#================================================= + +ynh_systemd_action --action=start --service_name=$app + +#================================================= +# STORE THE CONFIG FILE CHECKSUM +#================================================= ### Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script. ### And create a backup of this file if the checksum is different. So the file will be backed up if the admin had modified it. @@ -107,8 +118,6 @@ ynh_backup_if_checksum_is_different "$final_path/config.ini" # Recalculate and store the checksum of the file for the next upgrade. ynh_store_file_checksum "$final_path/$app/config/prod.secret.exs" - - #================================================= # GENERIC FINALISATION #================================================= @@ -116,4 +125,3 @@ ynh_store_file_checksum "$final_path/$app/config/prod.secret.exs" #================================================= systemctl reload nginx -sleep 30 diff --git a/scripts/install b/scripts/install index 932ae6c..85d5ec0 100755 --- a/scripts/install +++ b/scripts/install @@ -7,6 +7,7 @@ #================================================= source _common.sh +source ynh_systemd_action source /usr/share/yunohost/helpers #================================================= @@ -15,7 +16,7 @@ source /usr/share/yunohost/helpers ynh_clean_setup () { ### Remove this function if there's nothing to clean before calling the remove script. - true + ynh_clean_check_starting } # Exit if an error occurs during the execution of the script ynh_abort_if_errors @@ -401,5 +402,4 @@ systemctl reload nginx # START SERVICE #================================================= -yunohost service start $app -sleep 30 +ynh_systemd_action --action=start --service_name=$app diff --git a/scripts/remove b/scripts/remove index 5c4d6f5..62660ab 100755 --- a/scripts/remove +++ b/scripts/remove @@ -7,6 +7,7 @@ #================================================= source _common.sh +source ynh_systemd_action source /usr/share/yunohost/helpers #================================================= diff --git a/scripts/restore b/scripts/restore index b3c412c..d9fdfed 100755 --- a/scripts/restore +++ b/scripts/restore @@ -7,6 +7,7 @@ #================================================= source ../settings/scripts/_common.sh +source ../settings/scripts/ynh_systemd_action source /usr/share/yunohost/helpers #================================================= @@ -15,7 +16,7 @@ source /usr/share/yunohost/helpers ynh_clean_setup () { #### Remove this function if there's nothing to clean before calling the remove script. - true + ynh_clean_check_starting } # Exit if an error occurs during the execution of the script ynh_abort_if_errors @@ -153,9 +154,9 @@ ynh_restore_file "/etc/logrotate.d/$app" systemctl reload nginx + #================================================= # START SERVICE #================================================= -yunohost service start $app -sleep 30 +ynh_systemd_action --action=start --service_name=$app diff --git a/scripts/upgrade b/scripts/upgrade index d8c05fc..2e5ffcd 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -7,6 +7,7 @@ #================================================= source _common.sh +source ynh_systemd_action source /usr/share/yunohost/helpers #================================================= @@ -64,12 +65,16 @@ ynh_backup_before_upgrade ynh_clean_setup () { # restore it if the upgrade fails ynh_restore_upgradebackup + ynh_clean_check_starting } # Exit if an error occurs during the execution of the script ynh_abort_if_errors -# Stop Pleroma for upgrade -yunohost service stop "$app" +#================================================= +# STOP SERVICE +#================================================= + +ynh_systemd_action --action=stop --service_name=$app #================================================= # CHECK THE PATH @@ -226,5 +231,4 @@ systemctl reload nginx # START SERVICE #================================================= -yunohost service start $app -sleep 30 \ No newline at end of file +ynh_systemd_action --action=start --service_name=$app diff --git a/scripts/ynh_systemd_action b/scripts/ynh_systemd_action new file mode 100644 index 0000000..6bed6be --- /dev/null +++ b/scripts/ynh_systemd_action @@ -0,0 +1,89 @@ +#!/bin/bash + +# Start (or other actions) a service, print a log in case of failure and optionnaly wait until the service is completely started +# +# usage: ynh_systemd_action [-n service_name] [-a action] [ [-l "line to match"] [-p log_path] [-t timeout] [-e length] ] +# | arg: -n, --service_name= - Name of the service to reload. Default : $app +# | arg: -a, --action= - Action to perform with systemctl. Default: start +# | arg: -l, --line_match= - Line to match - The line to find in the log to attest the service have finished to boot. +# If not defined it don't wait until the service is completely started. +# | arg: -p, --log_path= - Log file - Path to the log file. Default : /var/log/$app/$app.log +# | arg: -t, --timeout= - Timeout - The maximum time to wait before ending the watching. Default : 300 seconds. +# | arg: -e, --length= - Length of the error log : Default : 20 +ynh_systemd_action() { + # Declare an array to define the options of this helper. + declare -Ar args_array=( [n]=service_name= [a]=action= [l]=line_match= [p]=log_path= [t]=timeout= [e]=length= ) + local service_name + local action + local line_match + local length + local log_path + local timeout + + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + + local service_name="${service_name:-$app}" + local action=${action:-start} + local log_path="${log_path:-/var/log/$service_name/$service_name.log}" + local length=${length:-20} + local timeout=${timeout:-300} + + # Start to read the log + if [[ -n "${line_match:-}" ]] + then + local templog="$(mktemp)" + # Following the starting of the app in its log + if [ "$log_path" == "systemd" ] ; then + # Read the systemd journal + journalctl -u $service_name -f --since=-45 > "$templog" & + else + # Read the specified log file + tail -F -n0 "$log_path" > "$templog" & + fi + # Get the PID of the tail command + local pid_tail=$! + fi + + echo "${action^} the service $service_name" >&2 + systemctl $action $service_name \ + || ( journalctl --lines=$length -u $service_name >&2 \ + ; test -n "$log_path" && echo "--" && tail --lines=$length "$log_path" >&2 \ + ; false ) + + # Start the timeout and try to find line_match + if [[ -n "${line_match:-}" ]] + then + local i=0 + for i in $(seq 1 $timeout) + do + # Read the log until the sentence is found, that means the app finished to start. Or run until the timeout + if grep --quiet "$line_match" "$templog" + then + echo "The service $service_name has correctly started." >&2 + break + fi + echo -n "." >&2 + sleep 1 + done + if [ $i -eq $timeout ] + then + echo "The service $service_name didn't fully started before the timeout." >&2 + journalctl --lines=$length -u $service_name >&2 + test -n "$log_path" && echo "--" && tail --lines=$length "$log_path" >&2 + fi + + echo "" + ynh_clean_check_starting + fi +} + +# Clean temporary process and file used by ynh_check_starting +# (usually used in ynh_clean_setup scripts) +# +# usage: ynh_clean_check_starting +ynh_clean_check_starting () { + # Stop the execution of tail. + kill -s 15 $pid_tail 2>&1 + ynh_secure_remove "$templog" 2>&1 +} From ca46b19f560989cc9c60b93ad9d27b934f550570 Mon Sep 17 00:00:00 2001 From: yalh76 Date: Sat, 2 Feb 2019 00:33:52 +0100 Subject: [PATCH 03/25] Fix Service logs --- conf/systemd.service | 3 ++- scripts/install | 8 +++++--- scripts/restore | 7 ++++++- 3 files changed, 13 insertions(+), 5 deletions(-) diff --git a/conf/systemd.service b/conf/systemd.service index 03754c5..c634d59 100755 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -5,9 +5,10 @@ After=network.target postgresql.service [Service] Environment="MIX_ENV=prod" User=__APP__ +Group=__APP__ WorkingDirectory=__FINALPATH__/__APP__ Environment="HOME=__FINALPATH__" -ExecStart=/usr/bin/mix phx.server +ExecStart=/bin/sh -c '/usr/bin/mix phx.server >> /var/log/__APP__/__APP__.log 2>&1' ExecReload=/bin/kill $MAINPID KillMode=process Restart=on-failure diff --git a/scripts/install b/scripts/install index 85d5ec0..f563859 100755 --- a/scripts/install +++ b/scripts/install @@ -215,9 +215,12 @@ ynh_system_user_create "$app" "$final_path" #================================================= # SPECIFIC SETUP #================================================= -# ... +# CREATE LOG FOLDER #================================================= +mkdir -p "/var/log/$app" +chown -R "$app":"$app" "/var/log/$app" + #================================================= # MODIFY A CONFIG FILE #================================================= @@ -248,9 +251,8 @@ else ynh_replace_string "__REG__" "false" "$final_path/$app/config/prod.secret.exs" fi - #================================================= -# SETUP +# MAKE SETUP #================================================= # Give permission to the final_path chown -R "$app":"$app" "$final_path" diff --git a/scripts/restore b/scripts/restore index d9fdfed..1769a36 100755 --- a/scripts/restore +++ b/scripts/restore @@ -104,7 +104,6 @@ chown -R "$app":"$app" "$final_path" # REINSTALL DEPENDENCIES #================================================= - # Add erlang for Debian Jessie if [ "$(lsb_release --codename --short)" == "jessie" ]; then @@ -154,6 +153,12 @@ ynh_restore_file "/etc/logrotate.d/$app" systemctl reload nginx +#================================================= +# CREATE LOG FOLDER +#================================================= + +mkdir -p "/var/log/$app" +chown -R "$app":"$app" "/var/log/$app" #================================================= # START SERVICE From 7875dc207235e0875c251fdc560677bc6e6bb555 Mon Sep 17 00:00:00 2001 From: yalh76 Date: Sat, 2 Feb 2019 02:06:35 +0100 Subject: [PATCH 04/25] cleanup db_name and db_pwd --- scripts/backup | 2 +- scripts/install | 10 +++++----- scripts/remove | 2 +- scripts/restore | 4 ++-- scripts/upgrade | 4 ++-- 5 files changed, 11 insertions(+), 11 deletions(-) diff --git a/scripts/backup b/scripts/backup index 03cc482..f239428 100755 --- a/scripts/backup +++ b/scripts/backup @@ -29,7 +29,7 @@ app=$YNH_APP_INSTANCE_NAME final_path=$(ynh_app_setting_get $app final_path) domain=$(ynh_app_setting_get $app domain) -db_name=$(ynh_app_setting_get "$app" psql_db) +db_name=$(ynh_app_setting_get "$app" db_name) cache=$(ynh_app_setting_get "$app" cache) #================================================= diff --git a/scripts/install b/scripts/install index f563859..62ca34a 100755 --- a/scripts/install +++ b/scripts/install @@ -141,10 +141,10 @@ ynh_install_app_dependencies git build-essential postgresql postgresql-contrib o ### - Remove also the section "REMOVE THE POSTGRESQL DATABASE" in the remove script ### - As well as the section "RESTORE THE POSTGRESQL DATABASE" in the restore script -db_name="${app}" +db_name="$app" db_pwd=$(ynh_string_random 30) -ynh_app_setting_set "$app" psql_db "$db_name" -ynh_app_setting_set "$app" psqlpwd "$db_pwd" +ynh_app_setting_set "$app" db_name "$db_name" +ynh_app_setting_set "$app" db_pwd "$db_pwd" ynh_psql_test_if_first_run ynh_psql_create_user "$app" "$db_pwd" ynh_psql_execute_as_root \ @@ -230,11 +230,11 @@ cp -f ../conf/setup_db.psql "$final_path/$app/config/setup_db.psql" ynh_replace_string "__DOMAIN__" "$domain" "$final_path/$app/config/prod.secret.exs" ynh_replace_string "__KEY__" "$random_key" "$final_path/$app/config/prod.secret.exs" ynh_replace_string "__INSTANCE_NAME__" "$name" "$final_path/$app/config/prod.secret.exs" -ynh_replace_string "__DB_NAME__" "$app" "$final_path/$app/config/prod.secret.exs" +ynh_replace_string "__DB_NAME__" "$db_name" "$final_path/$app/config/prod.secret.exs" ynh_replace_string "__DB_PWD__" "$db_pwd" "$final_path/$app/config/prod.secret.exs" ynh_replace_string "__ADMIN_EMAIL__" "$admin_email" "$final_path/$app/config/prod.secret.exs" ynh_replace_string "__PORT__" "$port" "$final_path/$app/config/prod.secret.exs" -ynh_replace_string "__DB_NAME__" "$app" "$final_path/$app/config/setup_db.psql" +ynh_replace_string "__DB_NAME__" "$db_name" "$final_path/$app/config/setup_db.psql" ynh_replace_string "__DB_PWD__" "$db_pwd" "$final_path/$app/config/setup_db.psql" if [ $cache -eq 1 ] then diff --git a/scripts/remove b/scripts/remove index 62660ab..43d4898 100755 --- a/scripts/remove +++ b/scripts/remove @@ -18,7 +18,7 @@ app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get $app domain) port=$(ynh_app_setting_get $app port) -db_name=$(ynh_app_setting_get "$app" psql_db) +db_name=$(ynh_app_setting_get "$app" db_name) db_user=$db_name final_path=$(ynh_app_setting_get $app final_path) cache=$(ynh_app_setting_get "$app" cache) diff --git a/scripts/restore b/scripts/restore index 1769a36..f4e45dc 100755 --- a/scripts/restore +++ b/scripts/restore @@ -31,8 +31,8 @@ domain=$(ynh_app_setting_get $app domain) path_url="/" final_path=$(ynh_app_setting_get $app final_path) port=$(ynh_app_setting_get "$app" port) -db_name=$(ynh_app_setting_get "$app" psql_db) -db_pwd=$(ynh_app_setting_get "$app" psqlpwd) +db_name=$(ynh_app_setting_get "$app" db_name) +db_pwd=$(ynh_app_setting_get "$app" db_pwd) cache=$(ynh_app_setting_get "$app" cache) diff --git a/scripts/upgrade b/scripts/upgrade index 2e5ffcd..ed6cbca 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -21,12 +21,12 @@ path_url="/" admin=$(ynh_app_setting_get $app admin) is_public=$(ynh_app_setting_get $app is_public) final_path=$(ynh_app_setting_get $app final_path) -db_name=$(ynh_app_setting_get "$app" psql_db) +db_name=$(ynh_app_setting_get "$app" db_name) admin_email=$(ynh_app_setting_get "$app" admin_email) random_key=$(ynh_app_setting_get "$app" random_key) name=$(ynh_app_setting_get "$app" name) port=$(ynh_app_setting_get "$app" port) -db_pwd=$(ynh_app_setting_get "$app" psqlpwd) +db_pwd=$(ynh_app_setting_get "$app" db_pwd) cache=$(ynh_app_setting_get "$app" cache) size=$(ynh_app_setting_get "$app" size) registration=$(ynh_app_setting_get "$app" registration) From 1d8e03322c36d24a9eac6e72e23b53e3f6a436dd Mon Sep 17 00:00:00 2001 From: yalh76 Date: Sat, 2 Feb 2019 02:10:53 +0100 Subject: [PATCH 05/25] fix upgrade from old variables --- scripts/upgrade | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/scripts/upgrade b/scripts/upgrade index ed6cbca..57f089c 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -31,6 +31,16 @@ cache=$(ynh_app_setting_get "$app" cache) size=$(ynh_app_setting_get "$app" size) registration=$(ynh_app_setting_get "$app" registration) + +if [$(ynh_app_setting_get "$app" psql_db)] +then + db_name=$(ynh_app_setting_get "$app" psql_db) + db_pwd=$(ynh_app_setting_get "$app" psqlpwd) + ynh_app_setting_set "$app" db_name "$db_name" + ynh_app_setting_set "$app" db_pwd "$db_pwd" +fi + + #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= From e688f4a7ec42179105daed285c0694fd9acc47d3 Mon Sep 17 00:00:00 2001 From: yalh76 Date: Sat, 2 Feb 2019 03:32:46 +0100 Subject: [PATCH 06/25] Clean up installation + add Pair Key generation --- scripts/install | 31 +++++++++++++++++++------------ 1 file changed, 19 insertions(+), 12 deletions(-) diff --git a/scripts/install b/scripts/install index 62ca34a..c22ce3b 100755 --- a/scripts/install +++ b/scripts/install @@ -99,7 +99,7 @@ ynh_app_setting_set "$app" random_key "$random_key" ### - Remove the section "CLOSE A PORT" in the remove script # Find a free port -port=$(ynh_find_port 4000) +port=$(ynh_find_port 8095) # Open this port #yunohost firewall allow --no-upnp TCP $port 2>&1 ynh_app_setting_set $app port $port @@ -256,21 +256,28 @@ fi #================================================= # Give permission to the final_path chown -R "$app":"$app" "$final_path" -# App setup and db migration -( cd $final_path/$app && sudo -u "$app" MIX_ENV=prod mix local.hex --force ) -( cd $final_path/$app && sudo -u "$app" MIX_ENV=prod mix local.rebar --force ) -( cd $final_path/$app && sudo -u "$app" MIX_ENV=prod mix deps.get ) -ynh_psql_execute_as_root \ -"ALTER USER $app WITH SUPERUSER;" +pushd $final_path/$app + # App setup and db migration + sudo -u "$app" MIX_ENV=prod mix local.hex --force + sudo -u "$app" MIX_ENV=prod mix local.rebar --force + sudo -u "$app" MIX_ENV=prod mix deps.get -( cd $final_path/$app && sudo -u "$app" MIX_ENV=prod mix ecto.migrate --force ) + ynh_psql_execute_as_root \ + "ALTER USER $app WITH SUPERUSER;" -ynh_psql_execute_as_root \ -"ALTER USER $app WITH NOSUPERUSER;" + sudo -u "$app" MIX_ENV=prod mix ecto.migrate --force + + ynh_psql_execute_as_root \ + "ALTER USER $app WITH NOSUPERUSER;" + + # Add user + sudo -u "$app" MIX_ENV=prod mix pleroma.user new "$admin" "$admin_email" --password "$password" --moderator --admin -y + + #Generate key pair + sudo -u "$app" MIX_ENV=prod mix web_push.gen.keypair >> "config/config.exs" +popd -# Add user -( cd $final_path/$app && sudo -u "$app" MIX_ENV=prod mix pleroma.user new "$admin" "$admin_email" --password "$password" --moderator --admin -y ) #================================================= # SETUP SYSTEMD From f656dd0e3c482f4b3e64c0e5c19cb95c0d518188 Mon Sep 17 00:00:00 2001 From: yalh76 Date: Sat, 2 Feb 2019 03:38:16 +0100 Subject: [PATCH 07/25] reorder database and dependencies removal --- scripts/remove | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/scripts/remove b/scripts/remove index 43d4898..7d64ae4 100755 --- a/scripts/remove +++ b/scripts/remove @@ -43,6 +43,13 @@ fi # Remove the dedicated systemd config ynh_remove_systemd_config +#================================================= +# REMOVE THE MYSQL DATABASE +#================================================= + +# Remove a database if it exists, along with the associated user +ynh_psql_remove_db "$db_name" "$app" + #================================================= # REMOVE DEPENDENCIES #================================================= @@ -51,12 +58,6 @@ ynh_remove_systemd_config ynh_remove_app_dependencies rm -f /etc/apt/sources.list.d/erlang-solutions.list -#================================================= -# REMOVE THE MYSQL DATABASE -#================================================= - -# Remove a database if it exists, along with the associated user -ynh_psql_remove_db "$db_name" "$app" #================================================= # REMOVE APP MAIN DIR #================================================= From 44d1f2f784c7360b595b943b44096d2a3c434bdd Mon Sep 17 00:00:00 2001 From: yalh76 Date: Sat, 2 Feb 2019 06:18:50 +0100 Subject: [PATCH 08/25] Cleanup --- conf/config.exs | 318 ++++++++++++++++++ .../{prod.secret.exs => generated_config.exs} | 23 +- conf/prod.exs | 63 ++++ conf/setup_db.psql | 6 - scripts/install | 17 +- scripts/remove | 5 +- scripts/upgrade | 27 +- 7 files changed, 425 insertions(+), 34 deletions(-) create mode 100644 conf/config.exs rename conf/{prod.secret.exs => generated_config.exs} (85%) create mode 100644 conf/prod.exs delete mode 100644 conf/setup_db.psql diff --git a/conf/config.exs b/conf/config.exs new file mode 100644 index 0000000..73d55b0 --- /dev/null +++ b/conf/config.exs @@ -0,0 +1,318 @@ +# This file is responsible for configuring your application +# and its dependencies with the aid of the Mix.Config module. +# +# This configuration file is loaded before any dependency and +# is restricted to this project. +use Mix.Config + +# General application configuration +config :pleroma, ecto_repos: [Pleroma.Repo] + +config :pleroma, Pleroma.Repo, types: Pleroma.PostgresTypes + +config :pleroma, Pleroma.Captcha, + enabled: false, + seconds_valid: 60, + method: Pleroma.Captcha.Kocaptcha + +config :pleroma, :hackney_pools, + federation: [ + max_connections: 50, + timeout: 150_000 + ], + media: [ + max_connections: 50, + timeout: 150_000 + ], + upload: [ + max_connections: 25, + timeout: 300_000 + ] + +config :pleroma, Pleroma.Captcha.Kocaptcha, endpoint: "https://captcha.kotobank.ch" + +# Upload configuration +config :pleroma, Pleroma.Upload, + uploader: Pleroma.Uploaders.Local, + filters: [], + proxy_remote: false, + proxy_opts: [ + redirect_on_failure: false, + max_body_length: 25 * 1_048_576, + http: [ + follow_redirect: true, + pool: :upload + ] + ] + +config :pleroma, Pleroma.Uploaders.Local, uploads: "uploads" + +config :pleroma, Pleroma.Uploaders.S3, + bucket: nil, + public_endpoint: "https://s3.amazonaws.com" + +config :pleroma, Pleroma.Uploaders.MDII, + cgi: "https://mdii.sakura.ne.jp/mdii-post.cgi", + files: "https://mdii.sakura.ne.jp" + +config :pleroma, :emoji, shortcode_globs: ["/emoji/custom/**/*.png"] + +config :pleroma, :uri_schemes, + valid_schemes: [ + "https", + "http", + "dat", + "dweb", + "gopher", + "ipfs", + "ipns", + "irc", + "ircs", + "magnet", + "mailto", + "mumble", + "ssb", + "xmpp" + ] + +websocket_config = [ + path: "/websocket", + serializer: [ + {Phoenix.Socket.V1.JSONSerializer, "~> 1.0.0"}, + {Phoenix.Socket.V2.JSONSerializer, "~> 2.0.0"} + ], + timeout: 60_000, + transport_log: false, + compress: false +] + +# Configures the endpoint +config :pleroma, Pleroma.Web.Endpoint, + url: [host: "localhost"], + http: [ + dispatch: [ + {:_, + [ + {"/api/v1/streaming", Elixir.Pleroma.Web.MastodonAPI.WebsocketHandler, []}, + {"/socket/websocket", Phoenix.Endpoint.CowboyWebSocket, + {nil, {Pleroma.Web.Endpoint, Pleroma.Web.UserSocket, websocket_config}}}, + {:_, Plug.Adapters.Cowboy.Handler, {Pleroma.Web.Endpoint, []}} + ]} + ] + ], + protocol: "https", + secret_key_base: "aK4Abxf29xU9TTDKre9coZPUgevcVCFQJe/5xP/7Lt4BEif6idBIbjupVbOrbKxl", + signing_salt: "CqaoopA2", + render_errors: [view: Pleroma.Web.ErrorView, accepts: ~w(json)], + pubsub: [name: Pleroma.PubSub, adapter: Phoenix.PubSub.PG2], + secure_cookie_flag: true + +# Configures Elixir's Logger +config :logger, :console, + format: "$time $metadata[$level] $message\n", + metadata: [:request_id] + +config :logger, :ex_syslogger, + level: :debug, + ident: "Pleroma", + format: "$date $time $metadata[$level] $message", + metadata: [:request_id] + +config :mime, :types, %{ + "application/xml" => ["xml"], + "application/xrd+xml" => ["xrd+xml"], + "application/jrd+json" => ["jrd+json"], + "application/activity+json" => ["activity+json"], + "application/ld+json" => ["activity+json"] +} + +config :pleroma, :websub, Pleroma.Web.Websub +config :pleroma, :ostatus, Pleroma.Web.OStatus +config :pleroma, :httpoison, Pleroma.HTTP +config :tesla, adapter: Tesla.Adapter.Hackney + +# Configures http settings, upstream proxy etc. +config :pleroma, :http, proxy_url: nil + +config :pleroma, :instance, + name: "Pleroma", + email: "example@example.com", + description: "A Pleroma instance, an alternative fediverse server", + limit: 5_000, + remote_limit: 100_000, + upload_limit: 16_000_000, + avatar_upload_limit: 2_000_000, + background_upload_limit: 4_000_000, + banner_upload_limit: 4_000_000, + registrations_open: true, + federating: true, + federation_reachability_timeout_days: 7, + allow_relay: true, + rewrite_policy: Pleroma.Web.ActivityPub.MRF.NoOpPolicy, + public: true, + quarantined_instances: [], + managed_config: true, + static_dir: "instance/static/", + allowed_post_formats: [ + "text/plain", + "text/html", + "text/markdown" + ], + finmoji_enabled: true, + mrf_transparency: true, + autofollowed_nicknames: [], + max_pinned_statuses: 1, + no_attachment_links: false + +config :pleroma, :markup, + # XXX - unfortunately, inline images must be enabled by default right now, because + # of custom emoji. Issue #275 discusses defanging that somehow. + allow_inline_images: true, + allow_headings: false, + allow_tables: false, + allow_fonts: false, + scrub_policy: [ + Pleroma.HTML.Transform.MediaProxy, + Pleroma.HTML.Scrubber.Default + ] + +config :pleroma, :frontend_configurations, + pleroma_fe: %{ + theme: "pleroma-dark", + logo: "/static/logo.png", + background: "/images/city.jpg", + redirectRootNoLogin: "/main/all", + redirectRootLogin: "/main/friends", + showInstanceSpecificPanel: true, + scopeOptionsEnabled: false, + formattingOptionsEnabled: false, + collapseMessageWithSubject: false, + hidePostStats: false, + hideUserStats: false, + scopeCopy: true, + subjectLineBehavior: "email", + alwaysShowSubjectInput: true + } + +config :pleroma, :activitypub, + accept_blocks: true, + unfollow_blocked: true, + outgoing_blocks: true, + follow_handshake_timeout: 500 + +config :pleroma, :user, deny_follow_blocked: true + +config :pleroma, :mrf_normalize_markup, scrub_policy: Pleroma.HTML.Scrubber.Default + +config :pleroma, :mrf_rejectnonpublic, + allow_followersonly: false, + allow_direct: false + +config :pleroma, :mrf_hellthread, threshold: 10 + +config :pleroma, :mrf_simple, + media_removal: [], + media_nsfw: [], + federated_timeline_removal: [], + reject: [], + accept: [] + +config :pleroma, :rich_media, enabled: true + +config :pleroma, :media_proxy, + enabled: false, + proxy_opts: [ + redirect_on_failure: false, + max_body_length: 25 * 1_048_576, + http: [ + follow_redirect: true, + pool: :media + ] + ] + +config :pleroma, :chat, enabled: true + +config :ecto, json_library: Jason + +config :phoenix, :format_encoders, json: Jason + +config :pleroma, :gopher, + enabled: false, + ip: {0, 0, 0, 0}, + port: 9999 + +config :pleroma, Pleroma.Web.Metadata, providers: [], unfurl_nsfw: false + +config :pleroma, :suggestions, + enabled: false, + third_party_engine: + "http://vinayaka.distsn.org/cgi-bin/vinayaka-user-match-suggestions-api.cgi?{{host}}+{{user}}", + timeout: 300_000, + limit: 23, + web: "https://vinayaka.distsn.org/?{{host}}+{{user}}" + +config :pleroma, :http_security, + enabled: true, + sts: false, + sts_max_age: 31_536_000, + ct_max_age: 2_592_000, + referrer_policy: "same-origin" + +config :cors_plug, + max_age: 86_400, + methods: ["POST", "PUT", "DELETE", "GET", "PATCH", "OPTIONS"], + expose: [ + "Link", + "X-RateLimit-Reset", + "X-RateLimit-Limit", + "X-RateLimit-Remaining", + "X-Request-Id", + "Idempotency-Key" + ], + credentials: true, + headers: ["Authorization", "Content-Type", "Idempotency-Key"] + +config :pleroma, Pleroma.User, + restricted_nicknames: [ + ".well-known", + "~", + "about", + "activities", + "api", + "auth", + "dev", + "friend-requests", + "inbox", + "internal", + "main", + "media", + "nodeinfo", + "notice", + "oauth", + "objects", + "ostatus_subscribe", + "pleroma", + "proxy", + "push", + "registration", + "relay", + "settings", + "status", + "tag", + "user-search", + "users", + "web" + ] + +config :pleroma, Pleroma.Web.Federator, max_jobs: 50 + +config :pleroma, Pleroma.Web.Federator.RetryQueue, + enabled: false, + max_jobs: 20, + initial_timeout: 30, + max_retries: 5 + +# Import environment specific config. This must remain at the bottom +# of this file so it overrides the configuration defined above. +import_config "#{Mix.env()}.exs" + diff --git a/conf/prod.secret.exs b/conf/generated_config.exs similarity index 85% rename from conf/prod.secret.exs rename to conf/generated_config.exs index 708f37c..6b7eebe 100644 --- a/conf/prod.secret.exs +++ b/conf/generated_config.exs @@ -1,10 +1,14 @@ +# Pleroma instance configuration + +# NOTE: This file should not be committed to a repo or otherwise made public +# without removing sensitive information. + use Mix.Config config :pleroma, Pleroma.Web.Endpoint, url: [host: "__DOMAIN__", scheme: "https", port: 443], secret_key_base: "__KEY__", - http: [port: __PORT__], - protocol: "http" + http: [port: __PORT__] config :pleroma, :instance, name: "__INSTANCE_NAME__", @@ -17,11 +21,7 @@ config :pleroma, :media_proxy, enabled: __MEDIA_CACHE__, redirect_on_failure: true #base_url: "https://cache.pleroma.social" - -config :pleroma, :fe, - scope_options_enabled: true -# Configure your database config :pleroma, Pleroma.Repo, adapter: Ecto.Adapters.Postgres, username: "__DB_NAME__", @@ -30,6 +30,10 @@ config :pleroma, Pleroma.Repo, hostname: "localhost", pool_size: 10 +# Enable Strict-Transport-Security once SSL is working: +# config :pleroma, :http_security, +# sts: true + # Configure S3 support if desired. # The public S3 endpoint is different depending on region and provider, # consult your S3 provider's documentation for details on what to use. @@ -51,9 +55,9 @@ config :pleroma, Pleroma.Repo, # Configure Openstack Swift support if desired. -# -# Many openstack deployments are different, so config is left very open with -# no assumptions made on which provider you're using. This should allow very +# +# Many openstack deployments are different, so config is left very open with +# no assumptions made on which provider you're using. This should allow very # wide support without needing separate handlers for OVH, Rackspace, etc. # # config :pleroma, Pleroma.Uploaders.Swift, @@ -66,3 +70,4 @@ config :pleroma, Pleroma.Repo, # object_url: "https://cdn-endpoint.provider.com/" # + diff --git a/conf/prod.exs b/conf/prod.exs new file mode 100644 index 0000000..b38f9bb --- /dev/null +++ b/conf/prod.exs @@ -0,0 +1,63 @@ +use Mix.Config + +# For production, we often load configuration from external +# sources, such as your system environment. For this reason, +# you won't find the :http configuration below, but set inside +# Pleroma.Web.Endpoint.load_from_system_env/1 dynamically. +# Any dynamic configuration should be moved to such function. +# +# Don't forget to configure the url host to something meaningful, +# Phoenix uses this information when generating URLs. +# +# Finally, we also include the path to a cache manifest +# containing the digested version of static files. This +# manifest is generated by the mix phoenix.digest task +# which you typically run after static files are built. +#config :pleroma, Pleroma.Web.Endpoint, + #http: [port: 4000], + #protocol: "http" + +# Do not print debug messages in production +config :logger, level: :info + +# ## SSL Support +# +# To get SSL working, you will need to add the `https` key +# to the previous section and set your `:url` port to 443: +# +# config :pleroma, Pleroma.Web.Endpoint, +# ... +# url: [host: "example.com", port: 443], +# https: [:inet6, +# port: 443, +# keyfile: System.get_env("SOME_APP_SSL_KEY_PATH"), +# certfile: System.get_env("SOME_APP_SSL_CERT_PATH")] +# +# Where those two env variables return an absolute path to +# the key and cert in disk or a relative path inside priv, +# for example "priv/ssl/server.key". +# +# We also recommend setting `force_ssl`, ensuring no data is +# ever sent via http, always redirecting to https: +# +# config :pleroma, Pleroma.Web.Endpoint, +# force_ssl: [hsts: true] +# +# Check `Plug.SSL` for all available options in `force_ssl`. + +# ## Using releases +# +# If you are doing OTP releases, you need to instruct Phoenix +# to start the server for all endpoints: +# +# config :phoenix, :serve_endpoints, true +# +# Alternatively, you can configure exactly which server to +# start per endpoint: +# +# config :pleroma, Pleroma.Web.Endpoint, server: true +# + +# Finally import the config/prod.secret.exs +# which should be versioned separately. +import_config "prod.secret.exs" diff --git a/conf/setup_db.psql b/conf/setup_db.psql deleted file mode 100644 index 93a6984..0000000 --- a/conf/setup_db.psql +++ /dev/null @@ -1,6 +0,0 @@ -CREATE USER __DB_NAME__ WITH ENCRYPTED PASSWORD '__DB_PWD__'; -CREATE DATABASE __DB_NAME__ OWNER __DB_NAME__; -\c __DB_NAME__; ---Extensions made by ecto.migrate that need superuser access -CREATE EXTENSION IF NOT EXISTS citext; -CREATE EXTENSION IF NOT EXISTS pg_trgm; diff --git a/scripts/install b/scripts/install index c22ce3b..9175aee 100755 --- a/scripts/install +++ b/scripts/install @@ -153,6 +153,8 @@ ynh_psql_execute_as_root "\connect $db_name CREATE EXTENSION IF NOT EXISTS unaccent;CREATE EXTENSION IF NOT EXISTS pg_trgm;" ynh_psql_execute_as_root "\connect $db_name CREATE EXTENSION IF NOT EXISTS unaccent;CREATE EXTENSION IF NOT EXISTS citext;" +ynh_psql_execute_as_root "\connect $db_name +CREATE EXTENSION IF NOT EXISTS \"uuid-ossp\";" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE @@ -224,8 +226,7 @@ chown -R "$app":"$app" "/var/log/$app" #================================================= # MODIFY A CONFIG FILE #================================================= -cp -f ../conf/prod.secret.exs "$final_path/$app/config/prod.secret.exs" -cp -f ../conf/setup_db.psql "$final_path/$app/config/setup_db.psql" +cp -f ../conf/generated_config.exs "$final_path/$app/config/prod.secret.exs" ynh_replace_string "__DOMAIN__" "$domain" "$final_path/$app/config/prod.secret.exs" ynh_replace_string "__KEY__" "$random_key" "$final_path/$app/config/prod.secret.exs" @@ -234,8 +235,7 @@ ynh_replace_string "__DB_NAME__" "$db_name" "$final_path/$app/co ynh_replace_string "__DB_PWD__" "$db_pwd" "$final_path/$app/config/prod.secret.exs" ynh_replace_string "__ADMIN_EMAIL__" "$admin_email" "$final_path/$app/config/prod.secret.exs" ynh_replace_string "__PORT__" "$port" "$final_path/$app/config/prod.secret.exs" -ynh_replace_string "__DB_NAME__" "$db_name" "$final_path/$app/config/setup_db.psql" -ynh_replace_string "__DB_PWD__" "$db_pwd" "$final_path/$app/config/setup_db.psql" + if [ $cache -eq 1 ] then ynh_replace_string "__MEDIA_CACHE__" "true" "$final_path/$app/config/prod.secret.exs" @@ -251,6 +251,12 @@ else ynh_replace_string "__REG__" "false" "$final_path/$app/config/prod.secret.exs" fi +#Desactivate default frontend +cp -f ../conf/config.exs "$final_path/$app/config/config.exs" + +#Desactivate Pleroma.Web.Endpoint +cp -f ../conf/prod.exs "$final_path/$app/config/prod.exs" + #================================================= # MAKE SETUP #================================================= @@ -275,7 +281,8 @@ pushd $final_path/$app sudo -u "$app" MIX_ENV=prod mix pleroma.user new "$admin" "$admin_email" --password "$password" --moderator --admin -y #Generate key pair - sudo -u "$app" MIX_ENV=prod mix web_push.gen.keypair >> "config/config.exs" + sudo -u "$app" MIX_ENV=prod mix web_push.gen.keypair >> "config/prod.secret.exs" + ynh_replace_string "administrator@example.com" "__ADMIN_EMAIL__" "$final_path/$app/config/prod.secret.exs" popd diff --git a/scripts/remove b/scripts/remove index 7d64ae4..12753d1 100755 --- a/scripts/remove +++ b/scripts/remove @@ -19,7 +19,6 @@ app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get $app domain) port=$(ynh_app_setting_get $app port) db_name=$(ynh_app_setting_get "$app" db_name) -db_user=$db_name final_path=$(ynh_app_setting_get $app final_path) cache=$(ynh_app_setting_get "$app" cache) @@ -56,7 +55,7 @@ ynh_psql_remove_db "$db_name" "$app" # Remove metapackage and its dependencies ynh_remove_app_dependencies -rm -f /etc/apt/sources.list.d/erlang-solutions.list +rm -f "/etc/apt/sources.list.d/erlang-solutions.list" #================================================= # REMOVE APP MAIN DIR @@ -71,7 +70,7 @@ ynh_secure_remove "$final_path" # Remove the dedicated nginx config ynh_remove_nginx_config -ynh_secure_remove /etc/nginx/conf.d/$app-cache.conf +ynh_secure_remove "/etc/nginx/conf.d/$app-cache.conf" #================================================= # REMOVE PHP-FPM CONFIGURATION diff --git a/scripts/upgrade b/scripts/upgrade index 57f089c..416722b 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -160,9 +160,14 @@ ynh_system_user_create "$app" "$final_path" #================================================= # SPECIFIC UPGRADE #================================================= -# ... +# CONFIGURE #================================================= +#Desactivate default frontend +cp -f ../conf/config.exs "$final_path/$app/config/config.exs" + +#Desactivate Pleroma.Web.Endpoint +cp -f ../conf/prod.exs "$final_path/$app/config/prod.exs" #================================================= # MAKE UPGRADE @@ -170,16 +175,16 @@ ynh_system_user_create "$app" "$final_path" # Give permission to the final_path chown -R "$app":"$app" "$final_path" -( cd $final_path/$app && sudo -u "$app" MIX_ENV=prod mix local.hex --force ) -( cd $final_path/$app && sudo -u "$app" MIX_ENV=prod mix local.rebar --force ) -( cd $final_path/$app && sudo -u "$app" mix deps.get ) -ynh_psql_execute_as_root \ -"ALTER USER $app WITH SUPERUSER;" -( cd $final_path/$app && sudo -u "$app" MIX_ENV=prod mix ecto.migrate --force ) -ynh_psql_execute_as_root \ -"ALTER USER $app WITH NOSUPERUSER;" - - +pushd $final_path/$app + sudo -u "$app" MIX_ENV=prod mix local.hex --force + sudo -u "$app" MIX_ENV=prod mix local.rebar --force + sudo -u "$app" mix deps.get + ynh_psql_execute_as_root \ + "ALTER USER $app WITH SUPERUSER;" + sudo -u "$app" MIX_ENV=prod mix ecto.migrate --force + ynh_psql_execute_as_root \ + "ALTER USER $app WITH NOSUPERUSER;" +popd ### Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script. ### And create a backup of this file if the checksum is different. So the file will be backed up if the admin had modified it. From cc32a1b47996abc6ebba0cef2fa434b3450dc259 Mon Sep 17 00:00:00 2001 From: yalh76 Date: Sat, 2 Feb 2019 20:28:48 +0100 Subject: [PATCH 09/25] remove old settings --- scripts/upgrade | 2 ++ 1 file changed, 2 insertions(+) diff --git a/scripts/upgrade b/scripts/upgrade index 416722b..ee54a87 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -38,6 +38,8 @@ then db_pwd=$(ynh_app_setting_get "$app" psqlpwd) ynh_app_setting_set "$app" db_name "$db_name" ynh_app_setting_set "$app" db_pwd "$db_pwd" + ynh_app_setting_delete "$app" psql_db + ynh_app_setting_delete "$app" psqlpwd fi From 20f885e365ec22088c13000f52d7537057183538 Mon Sep 17 00:00:00 2001 From: yalh76 Date: Sat, 2 Feb 2019 21:58:56 +0100 Subject: [PATCH 10/25] Add log folder during upgrade --- scripts/upgrade | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/scripts/upgrade b/scripts/upgrade index ee54a87..124b568 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -31,7 +31,6 @@ cache=$(ynh_app_setting_get "$app" cache) size=$(ynh_app_setting_get "$app" size) registration=$(ynh_app_setting_get "$app" registration) - if [$(ynh_app_setting_get "$app" psql_db)] then db_name=$(ynh_app_setting_get "$app" psql_db) @@ -42,7 +41,6 @@ then ynh_app_setting_delete "$app" psqlpwd fi - #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= @@ -161,6 +159,13 @@ ynh_system_user_create "$app" "$final_path" #================================================= # SPECIFIC UPGRADE +#================================================= +# CREATE LOG FOLDER +#================================================= + +mkdir -p "/var/log/$app" +chown -R "$app":"$app" "/var/log/$app" + #================================================= # CONFIGURE #================================================= From 9f463c29b9671eb089566b19310f43091ef98a73 Mon Sep 17 00:00:00 2001 From: yalh76 Date: Sat, 2 Feb 2019 22:15:59 +0100 Subject: [PATCH 11/25] Fix pleroma database removal --- scripts/install | 2 +- scripts/remove | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/scripts/install b/scripts/install index 9175aee..5e8ffc3 100755 --- a/scripts/install +++ b/scripts/install @@ -148,7 +148,7 @@ ynh_app_setting_set "$app" db_pwd "$db_pwd" ynh_psql_test_if_first_run ynh_psql_create_user "$app" "$db_pwd" ynh_psql_execute_as_root \ -"CREATE DATABASE $db_name ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER $app;" +"CREATE DATABASE $db_name ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER $db_name;" ynh_psql_execute_as_root "\connect $db_name CREATE EXTENSION IF NOT EXISTS unaccent;CREATE EXTENSION IF NOT EXISTS pg_trgm;" ynh_psql_execute_as_root "\connect $db_name diff --git a/scripts/remove b/scripts/remove index 12753d1..e5c24ea 100755 --- a/scripts/remove +++ b/scripts/remove @@ -43,9 +43,12 @@ fi ynh_remove_systemd_config #================================================= -# REMOVE THE MYSQL DATABASE +# REMOVE THE POSTGRESQL DATABASE #================================================= +ynh_psql_execute_as_root "\connect $db_name +SELECT pg_terminate_backend (pg_stat_activity.pid) FROM pg_stat_activity WHERE pg_stat_activity.datname = '$db_name';" + # Remove a database if it exists, along with the associated user ynh_psql_remove_db "$db_name" "$app" From ccb8a82230e30dd9345b5d8ea5cee1c4a470f123 Mon Sep 17 00:00:00 2001 From: yalh76 Date: Sat, 2 Feb 2019 23:12:15 +0100 Subject: [PATCH 12/25] adding start verification informations --- scripts/install | 2 +- scripts/remove | 6 ++++++ scripts/upgrade | 2 +- 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/scripts/install b/scripts/install index 5e8ffc3..93c930d 100755 --- a/scripts/install +++ b/scripts/install @@ -418,4 +418,4 @@ systemctl reload nginx # START SERVICE #================================================= -ynh_systemd_action --action=start --service_name=$app +ynh_systemd_action --action=start --service_name=$app --log_path=systemd --line_match="Running Pleroma.Web.Endpoint" diff --git a/scripts/remove b/scripts/remove index e5c24ea..e22f895 100755 --- a/scripts/remove +++ b/scripts/remove @@ -35,6 +35,12 @@ then yunohost service remove $app fi +#================================================= +# START SERVICE +#================================================= + +ynh_systemd_action --action=stop --service_name=$app + #================================================= # STOP AND REMOVE SERVICE #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 124b568..a805876 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -253,4 +253,4 @@ systemctl reload nginx # START SERVICE #================================================= -ynh_systemd_action --action=start --service_name=$app +ynh_systemd_action --action=start --service_name=$app --log_path=systemd --line_match="Running Pleroma.Web.Endpoint" From 32b55c607aa3845dd71f2ab1b692096643334b95 Mon Sep 17 00:00:00 2001 From: yalh76 Date: Sat, 2 Feb 2019 23:17:52 +0100 Subject: [PATCH 13/25] removing log informations --- conf/systemd.service | 2 +- scripts/install | 7 ------- scripts/restore | 9 +-------- 3 files changed, 2 insertions(+), 16 deletions(-) diff --git a/conf/systemd.service b/conf/systemd.service index c634d59..ccfd652 100755 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -8,7 +8,7 @@ User=__APP__ Group=__APP__ WorkingDirectory=__FINALPATH__/__APP__ Environment="HOME=__FINALPATH__" -ExecStart=/bin/sh -c '/usr/bin/mix phx.server >> /var/log/__APP__/__APP__.log 2>&1' +ExecStart=/usr/bin/mix phx.server ExecReload=/bin/kill $MAINPID KillMode=process Restart=on-failure diff --git a/scripts/install b/scripts/install index 93c930d..ca9878a 100755 --- a/scripts/install +++ b/scripts/install @@ -216,13 +216,6 @@ ynh_system_user_create "$app" "$final_path" #================================================= # SPECIFIC SETUP -#================================================= -# CREATE LOG FOLDER -#================================================= - -mkdir -p "/var/log/$app" -chown -R "$app":"$app" "/var/log/$app" - #================================================= # MODIFY A CONFIG FILE #================================================= diff --git a/scripts/restore b/scripts/restore index f4e45dc..c4a54d5 100755 --- a/scripts/restore +++ b/scripts/restore @@ -153,15 +153,8 @@ ynh_restore_file "/etc/logrotate.d/$app" systemctl reload nginx -#================================================= -# CREATE LOG FOLDER -#================================================= - -mkdir -p "/var/log/$app" -chown -R "$app":"$app" "/var/log/$app" - #================================================= # START SERVICE #================================================= -ynh_systemd_action --action=start --service_name=$app +ynh_systemd_action --action=start --service_name=$app --log_path=systemd --line_match="Running Pleroma.Web.Endpoint" From bb6814efa8c64e6fb269825d2c49111f7be4ecd9 Mon Sep 17 00:00:00 2001 From: yalh76 Date: Sat, 2 Feb 2019 23:33:56 +0100 Subject: [PATCH 14/25] Upgrade config file --- scripts/upgrade | 33 ++++++++++++++++++++++++++++++--- 1 file changed, 30 insertions(+), 3 deletions(-) diff --git a/scripts/upgrade b/scripts/upgrade index a805876..9f27e8a 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -160,11 +160,38 @@ ynh_system_user_create "$app" "$final_path" #================================================= # SPECIFIC UPGRADE #================================================= -# CREATE LOG FOLDER +# MODIFY A CONFIG FILE #================================================= +cp -f ../conf/generated_config.exs "$final_path/$app/config/prod.secret.exs" -mkdir -p "/var/log/$app" -chown -R "$app":"$app" "/var/log/$app" +ynh_replace_string "__DOMAIN__" "$domain" "$final_path/$app/config/prod.secret.exs" +ynh_replace_string "__KEY__" "$random_key" "$final_path/$app/config/prod.secret.exs" +ynh_replace_string "__INSTANCE_NAME__" "$name" "$final_path/$app/config/prod.secret.exs" +ynh_replace_string "__DB_NAME__" "$db_name" "$final_path/$app/config/prod.secret.exs" +ynh_replace_string "__DB_PWD__" "$db_pwd" "$final_path/$app/config/prod.secret.exs" +ynh_replace_string "__ADMIN_EMAIL__" "$admin_email" "$final_path/$app/config/prod.secret.exs" +ynh_replace_string "__PORT__" "$port" "$final_path/$app/config/prod.secret.exs" + +if [ $cache -eq 1 ] +then + ynh_replace_string "__MEDIA_CACHE__" "true" "$final_path/$app/config/prod.secret.exs" +else + ynh_replace_string "__MEDIA_CACHE__" "false" "$final_path/$app/config/prod.secret.exs" +fi + +# Set registrations open/closed +if [ $registration -eq 1 ] +then + ynh_replace_string "__REG__" "true" "$final_path/$app/config/prod.secret.exs" +else + ynh_replace_string "__REG__" "false" "$final_path/$app/config/prod.secret.exs" +fi + +#Desactivate default frontend +cp -f ../conf/config.exs "$final_path/$app/config/config.exs" + +#Desactivate Pleroma.Web.Endpoint +cp -f ../conf/prod.exs "$final_path/$app/config/prod.exs" #================================================= # CONFIGURE From 1edbbff4442daed1dbe305d43a94b754f7bc6c83 Mon Sep 17 00:00:00 2001 From: yalh76 Date: Sat, 2 Feb 2019 23:44:24 +0100 Subject: [PATCH 15/25] fix upgrade from older version --- scripts/upgrade | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/upgrade b/scripts/upgrade index 9f27e8a..e26b295 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -31,7 +31,7 @@ cache=$(ynh_app_setting_get "$app" cache) size=$(ynh_app_setting_get "$app" size) registration=$(ynh_app_setting_get "$app" registration) -if [$(ynh_app_setting_get "$app" psql_db)] +if [ -n $(ynh_app_setting_get "$app" psql_db) ] then db_name=$(ynh_app_setting_get "$app" psql_db) db_pwd=$(ynh_app_setting_get "$app" psqlpwd) From f63c1f65c7e6c113de516f9c706be1339c77bad5 Mon Sep 17 00:00:00 2001 From: yalh76 Date: Sat, 2 Feb 2019 23:52:47 +0100 Subject: [PATCH 16/25] wait for rollback if upgrade fail --- scripts/upgrade | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/upgrade b/scripts/upgrade index e26b295..f8286de 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -74,6 +74,7 @@ fi ynh_backup_before_upgrade ynh_clean_setup () { # restore it if the upgrade fails + read -p "Press any key..." ynh_restore_upgradebackup ynh_clean_check_starting } From 70a36dd2b7dfd06650075a26795ffdf2b9e82ee9 Mon Sep 17 00:00:00 2001 From: yalh76 Date: Sun, 3 Feb 2019 00:01:08 +0100 Subject: [PATCH 17/25] Fix upgrade from previous version --- scripts/upgrade | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/upgrade b/scripts/upgrade index f8286de..d545a95 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -31,7 +31,7 @@ cache=$(ynh_app_setting_get "$app" cache) size=$(ynh_app_setting_get "$app" size) registration=$(ynh_app_setting_get "$app" registration) -if [ -n $(ynh_app_setting_get "$app" psql_db) ] +if [ -z $(ynh_app_setting_get "$app" psql_db) ] then db_name=$(ynh_app_setting_get "$app" psql_db) db_pwd=$(ynh_app_setting_get "$app" psqlpwd) @@ -40,7 +40,7 @@ then ynh_app_setting_delete "$app" psql_db ynh_app_setting_delete "$app" psqlpwd fi - +read -p "Press any key..." #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= From d9d91ed862ff83bd58e8952d16bd6f729dcd27e2 Mon Sep 17 00:00:00 2001 From: yalh76 Date: Sun, 3 Feb 2019 00:02:31 +0100 Subject: [PATCH 18/25] Remove force postgresql disconnection --- scripts/remove | 3 --- 1 file changed, 3 deletions(-) diff --git a/scripts/remove b/scripts/remove index e22f895..ff29209 100755 --- a/scripts/remove +++ b/scripts/remove @@ -52,9 +52,6 @@ ynh_remove_systemd_config # REMOVE THE POSTGRESQL DATABASE #================================================= -ynh_psql_execute_as_root "\connect $db_name -SELECT pg_terminate_backend (pg_stat_activity.pid) FROM pg_stat_activity WHERE pg_stat_activity.datname = '$db_name';" - # Remove a database if it exists, along with the associated user ynh_psql_remove_db "$db_name" "$app" From b701c5286bf09de88018157c459cc6b1735d9511 Mon Sep 17 00:00:00 2001 From: yalh76 Date: Sun, 3 Feb 2019 00:06:48 +0100 Subject: [PATCH 19/25] Fix upgrade from previous version --- scripts/upgrade | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/scripts/upgrade b/scripts/upgrade index d545a95..6201ecb 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -31,7 +31,11 @@ cache=$(ynh_app_setting_get "$app" cache) size=$(ynh_app_setting_get "$app" size) registration=$(ynh_app_setting_get "$app" registration) -if [ -z $(ynh_app_setting_get "$app" psql_db) ] + +psql_db=$(ynh_app_setting_get "$app" psql_db) +psqlpwd=$(ynh_app_setting_get "$app" psqlpwd) + +if [ -z "$psql_db" ] then db_name=$(ynh_app_setting_get "$app" psql_db) db_pwd=$(ynh_app_setting_get "$app" psqlpwd) From c2456158ba67353af6f2e79130b485bef4023360 Mon Sep 17 00:00:00 2001 From: yalh76 Date: Sun, 3 Feb 2019 00:09:23 +0100 Subject: [PATCH 20/25] Fix upgrade from previous version --- scripts/upgrade | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/scripts/upgrade b/scripts/upgrade index 6201ecb..6ca4f58 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -31,11 +31,9 @@ cache=$(ynh_app_setting_get "$app" cache) size=$(ynh_app_setting_get "$app" size) registration=$(ynh_app_setting_get "$app" registration) - psql_db=$(ynh_app_setting_get "$app" psql_db) -psqlpwd=$(ynh_app_setting_get "$app" psqlpwd) -if [ -z "$psql_db" ] +if [ -n "$psql_db" ] then db_name=$(ynh_app_setting_get "$app" psql_db) db_pwd=$(ynh_app_setting_get "$app" psqlpwd) From f84b24b856ea53c8ec4a4f5e9277e081d4c25a4c Mon Sep 17 00:00:00 2001 From: yalh76 Date: Sun, 3 Feb 2019 00:14:19 +0100 Subject: [PATCH 21/25] Fix remove when there is still connections --- scripts/remove | 3 +++ 1 file changed, 3 insertions(+) diff --git a/scripts/remove b/scripts/remove index ff29209..e22f895 100755 --- a/scripts/remove +++ b/scripts/remove @@ -52,6 +52,9 @@ ynh_remove_systemd_config # REMOVE THE POSTGRESQL DATABASE #================================================= +ynh_psql_execute_as_root "\connect $db_name +SELECT pg_terminate_backend (pg_stat_activity.pid) FROM pg_stat_activity WHERE pg_stat_activity.datname = '$db_name';" + # Remove a database if it exists, along with the associated user ynh_psql_remove_db "$db_name" "$app" From 99a8466c9f1d781595b110683147f9b3f054685a Mon Sep 17 00:00:00 2001 From: yalh76 Date: Sun, 3 Feb 2019 00:31:09 +0100 Subject: [PATCH 22/25] remove read --- scripts/upgrade | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/scripts/upgrade b/scripts/upgrade index 6ca4f58..eca0b6c 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -42,7 +42,7 @@ then ynh_app_setting_delete "$app" psql_db ynh_app_setting_delete "$app" psqlpwd fi -read -p "Press any key..." + #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= @@ -76,7 +76,6 @@ fi ynh_backup_before_upgrade ynh_clean_setup () { # restore it if the upgrade fails - read -p "Press any key..." ynh_restore_upgradebackup ynh_clean_check_starting } From 4db78854ba61e7ac6d8e057a72672393919eb320 Mon Sep 17 00:00:00 2001 From: yalh76 Date: Sun, 3 Feb 2019 00:36:56 +0100 Subject: [PATCH 23/25] Correct name in manifest.json --- manifest.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifest.json b/manifest.json index 58b971a..e47d88d 100755 --- a/manifest.json +++ b/manifest.json @@ -1,5 +1,5 @@ { - "name": "pleroma", + "name": "Pleroma", "id": "pleroma", "packaging_format": 1, "description": { From c91f00827366b36602dc6877402bb8c88a988bc3 Mon Sep 17 00:00:00 2001 From: yalh76 Date: Sun, 3 Feb 2019 01:33:28 +0100 Subject: [PATCH 24/25] remove SUPERUSER Rights during install --- scripts/install | 7 ------- 1 file changed, 7 deletions(-) diff --git a/scripts/install b/scripts/install index ca9878a..3496678 100755 --- a/scripts/install +++ b/scripts/install @@ -261,15 +261,8 @@ pushd $final_path/$app sudo -u "$app" MIX_ENV=prod mix local.hex --force sudo -u "$app" MIX_ENV=prod mix local.rebar --force sudo -u "$app" MIX_ENV=prod mix deps.get - - ynh_psql_execute_as_root \ - "ALTER USER $app WITH SUPERUSER;" - sudo -u "$app" MIX_ENV=prod mix ecto.migrate --force - ynh_psql_execute_as_root \ - "ALTER USER $app WITH NOSUPERUSER;" - # Add user sudo -u "$app" MIX_ENV=prod mix pleroma.user new "$admin" "$admin_email" --password "$password" --moderator --admin -y From e026a1d84c7139d3ab17e0fc57af8f365c5baefd Mon Sep 17 00:00:00 2001 From: yalh76 Date: Sun, 3 Feb 2019 01:43:51 +0100 Subject: [PATCH 25/25] clean upgrade steps --- scripts/upgrade | 6 ------ 1 file changed, 6 deletions(-) diff --git a/scripts/upgrade b/scripts/upgrade index eca0b6c..a5d050e 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -212,14 +212,8 @@ cp -f ../conf/prod.exs "$final_path/$app/config/prod.exs" # Give permission to the final_path chown -R "$app":"$app" "$final_path" pushd $final_path/$app - sudo -u "$app" MIX_ENV=prod mix local.hex --force - sudo -u "$app" MIX_ENV=prod mix local.rebar --force sudo -u "$app" mix deps.get - ynh_psql_execute_as_root \ - "ALTER USER $app WITH SUPERUSER;" sudo -u "$app" MIX_ENV=prod mix ecto.migrate --force - ynh_psql_execute_as_root \ - "ALTER USER $app WITH NOSUPERUSER;" popd ### Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script.