diff options
| -rw-r--r-- | scripts/_common.sh | 190 | ||||
| -rw-r--r-- | scripts/install | 367 |
2 files changed, 224 insertions, 333 deletions
diff --git a/scripts/_common.sh b/scripts/_common.sh index 20f9ea0..39b0631 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -1,167 +1,5 @@ #!/bin/bash -ynh_version="2.4" - -YNH_VERSION () { # Returns the version number of the Yunohost moulinette - ynh_version=$(sudo yunohost -v | grep "moulinette:" | cut -d' ' -f2 | cut -d'.' -f1,2) -} - -CHECK_VAR () { # Verifies that the variable is not empty. - # $1 = Variable to be checked - # $2 = Display text on error - test -n "$1" || (echo "$2" >&2 && false) -} - -EXIT_PROPERLY () { # Causes the script to stop in the event of an error. And clean the residue. - trap '' ERR - echo -e "\e[91m \e[1m" # Shell in light red bold - echo -e "!!\n $app install's script has encountered an error. Installation was cancelled.\n!!" >&2 - - if type -t CLEAN_SETUP > /dev/null; then # Checks the existence of the function before executing it. - CLEAN_SETUP # Call the specific cleanup function of the install script. - fi - - # Compensates the ssowat bug that does not remove the app's input in case of installation error. - sudo sed -i "\@\"$domain/\":@d" /etc/ssowat/conf.json - - if [ "$ynh_version" = "2.2" ]; then - /bin/bash $script_dir/remove - fi - - ynh_die -} - -TRAP_ON () { # Activate signal capture - trap EXIT_PROPERLY ERR # Capturing exit signals on error -} - -TRAP_OFF () { # Ignoring signal capture until TRAP_ON - trap '' ERR # Ignoring exit signals -} - -CHECK_USER () { # Check the validity of the user admin - # $1 = User admin variable - ynh_user_exists "$1" || (echo "Wrong admin" >&2 && false) -} - -CHECK_PATH () { # Checks / at the beginning of the path. And his absence at the end. - if [ "${path:0:1}" != "/" ]; then # If the first character is not / - path="/$path" # Add / at the beginning of path - fi - if [ "${path:${#path}-1}" == "/" ] && [ ${#path} -gt 1 ]; then # If the last character is a / and it is not the only character. - path="${path:0:${#path}-1}" # Delete last character - fi -} - -CHECK_DOMAINPATH () { # Checks the availability of the path and domain. - sudo yunohost app checkurl $domain -a $app -} - -CHECK_FINALPATH () { # Checks that the destination folder is not already in use. - final_path=/opt/$app - if [ -e "$final_path" ] - then - echo "This path already contains a folder" >&2 - false - fi -} - -STORE_MD5_CONFIG () { # Saves the checksum of the config file - # $1 = Name of the conf file for storage in settings.yml - # $2 = Full name and path of the conf file. - ynh_app_setting_set $app $1_file_md5 $(sudo md5sum "$2" | cut -d' ' -f1) -} - -CHECK_MD5_CONFIG () { # Created a backup of the config file if it was changed. - # $1 = Name of the conf file for storage in settings.yml - # $2 = Full name and path of the conf file.onf. - if [ "$(ynh_app_setting_get $app $1_file_md5)" != $(sudo md5sum "$2" | cut -d' ' -f1) ]; then - sudo cp -a "$2" "$2.backup.$(date '+%d.%m.%y_%Hh%M,%Ss')" # Si le fichier de config a été modifié, créer un backup. - fi -} - -FIND_PORT () { # Search free port - # $1 = Port number to start the search. - port=$1 - while ! sudo yunohost app checkport $port ; do - port=$((port+1)) - done - CHECK_VAR "$port" "port empty" -} - -SETUP_SOURCE () { # Download source, decompress and copu into $final_path - src=$(cat ../sources/source_md5 | awk -F' ' {'print $2'}) - sudo wget -nv -i ../sources/source_url -O $src - # Checks the checksum of the downloaded source. - # md5sum -c ../sources/source_md5 --status || ynh_die "Corrupt source" - # Decompress source - if [ "$(echo ${src##*.})" == "tgz" ]; then - tar -x -f $src - elif [ "$(echo ${src##*.})" == "zip" ]; then - unzip -q $src - else - false # Unsupported archive format. - fi - # Copy file source - sudo cp -a $(cat ../sources/source_dir)/. "$final_path/live" - # Copy additional file and modified - if test -e "../sources/ajouts"; then - sudo cp -a ../sources/ajouts/. "$final_path" - fi -} - -# Create user with special hack -CREATE_USER () { - sudo curl -kSs https://${domain}/auth/sign_up --cookie-jar cookie | grep csrf > token || true - token=$(sudo cat token | sed -n '/csrf-token/s/.*name="csrf-token"\s\+content="\([^"]\+\).*/\1/p') - sudo curl -kSs https://${domain}/auth --data "&user[account_attributes][username]=${admin_mastodon}&user[email]=${admin_mastodon}@${domain}&user[password]=${admin_pass}&user[password_confirmation]=${admin_pass}&authenticity_token=${token}" --cookie cookie -} - -### REMOVE SCRIPT - -REMOVE_NGINX_CONF () { # Delete nginx configuration - if [ -e "/etc/nginx/conf.d/$domain.d/$app.conf" ]; then # Delete nginx config - echo "Delete nginx config" - sudo rm "/etc/nginx/conf.d/$domain.d/$app.conf" - sudo systemctl reload nginx - fi -} - -REMOVE_LOGROTATE_CONF () { # Delete logrotate configuration - if [ -e "/etc/logrotate.d/$app" ]; then - echo "Delete logrotate config" - sudo rm "/etc/logrotate.d/$app" - fi -} - -SECURE_REMOVE () { # Deleting a folder with variable verification - chaine="$1" # The argument must be given between simple quotes '', to avoid interpreting the variables. - no_var=0 - while (echo "$chaine" | grep -q '\$') # Loop as long as there are $ in the string - do - no_var=1 - global_var=$(echo "$chaine" | cut -d '$' -f 2) # Isole the first variable found. - only_var=\$$(expr "$global_var" : '\([A-Za-z0-9_]*\)') # Isole completely the variable by adding the $ at the beginning and keeping only the name of the variable. Mostly gets rid of / and a possible path behind. - real_var=$(eval "echo ${only_var}") # `eval "echo ${var}` Allows to interpret a variable contained in a variable. - if test -z "$real_var" || [ "$real_var" = "/" ]; then - echo "Variable $only_var is empty, suppression of $chaine cancelled." >&2 - return 1 - fi - chaine=$(echo "$chaine" | sed "s@$only_var@$real_var@") # Replaces variable with its value in the string. - done - if [ "$no_var" -eq 1 ] - then - if [ -e "$chaine" ]; then - echo "Delete directory $chaine" - sudo rm -r "$chaine" - fi - return 0 - else - echo "No detected variable." >&2 - return 1 - fi -} - # Create a db without password # # usage: ynh_mysql_create_user user @@ -233,31 +71,3 @@ ynh_psql_drop_db() { ynh_psql_drop_user() { sudo su -c "dropuser ${1}" postgres } - -# Remove a file or a directory securely -# -# usage: ynh_secure_remove path_to_remove -# | arg: path_to_remove - File or directory to remove -ynh_secure_remove () { - path_to_remove=$1 - forbidden_path=" \ - /var/www \ - /home/yunohost.app" - - if [[ "$forbidden_path" =~ "$path_to_remove" \ - # Match all path or subpath in $forbidden_path - || "$path_to_remove" =~ ^/[[:alnum:]]+$ \ - # Match all first level path from / (Like /var, /root, etc...) - || "${path_to_remove:${#path_to_remove}-1}" = "/" ]] - # Match if the path finish by /. Because it's seems there is an empty variable - then - echo "Avoid deleting of $path_to_remove." >&2 - else - if [ -e "$path_to_remove" ] - then - sudo rm -R "$path_to_remove" - else - echo "$path_to_remove doesn't deleted because it's not exist." >&2 - fi - fi -}
\ No newline at end of file diff --git a/scripts/install b/scripts/install index a8f832c..5b1acaa 100644 --- a/scripts/install +++ b/scripts/install @@ -1,17 +1,25 @@ #!/bin/bash -# Exit on command errors and treat unset variables as an error -set -eu +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= -source _common.sh # Loads the generic functions usually used in the script -source /usr/share/yunohost/helpers # Source app helpers +source _common.sh +source /usr/share/yunohost/helpers -CLEAN_SETUP () { - # Clean installation residues that are not supported by the remove script. - # Clean hosts - echo "" -} -TRAP_ON # Active trap to stop the script if an error is detected. +#================================================= +# MANAGE SCRIPT FAILURE +#================================================= + +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + + +#================================================= +# RETRIEVE ARGUMENTS FROM THE MANIFEST +#================================================ domain=$YNH_APP_ARG_DOMAIN admin_mastodon=$YNH_APP_ARG_ADMIN @@ -19,217 +27,290 @@ admin_mastodon_mail=$(ynh_user_get_info $admin_mastodon 'mail') admin_pass=$YNH_APP_ARG_PASSWD language=$YNH_APP_ARG_LANGUAGE +path_url="/" + app=$YNH_APP_INSTANCE_NAME -CHECK_VAR "$app" "app name not set" +#================================================= +# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS +#================================================= -CHECK_USER "$admin_mastodon" +final_path=/var/www/$app +test ! -e "$final_path" || ynh_die "This path already contains a folder" -CHECK_DOMAINPATH +[[ ${#admin_pass} -gt 7 ]] || ynh_die "Password is too weak, must be longer than 7 characters" -CHECK_FINALPATH +# Normalize the url path syntax +path_url=$(ynh_normalize_url_path $path_url) + +# Check web path availability +ynh_webpath_available $domain $path_url +# Register (book) web path +ynh_webpath_register $app $domain $path_url + +#================================================= +# STORE SETTINGS FROM MANIFEST +#================================================= ynh_app_setting_set $app domain $domain ynh_app_setting_set $app admin $admin_mastodon ynh_app_setting_set $app pass $admin_pass ynh_app_setting_set $app language $language +ynh_app_setting_set $app path $path_url -[[ ${#admin_pass} -gt 7 ]] || ynh_die \ -"The password is too weak, it must be longer than 7 characters" - -# Create user unix -sudo adduser $app --home /opt/$app --gecos "First Last,RoomNumber,WorkPhone,HomePhone" --disabled-password --disabled-login -# Install debian package -ynh_package_install imagemagick libpq-dev libxml2-dev libxslt1-dev file curl apt-transport-https pkg-config libprotobuf-dev protobuf-compiler libicu-dev libidn11-dev +#================================================= +# STANDARD MODIFICATIONS +#================================================= -# Install redis package -ynh_package_install redis-server redis-tools -# Install postgresql -ynh_package_install postgresql postgresql-contrib postgresql-server-dev-9.4 +#================================================= +# INSTALL DEPENDENCIES +#================================================= -# Install Ruby -ynh_package_install autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm3 libgdbm-dev +# TODO: add in a clean way backports and yarn # Import debian archive pubkey, need on ARM arch arch=$(uname -m) if [[ $arch = arm* ]]; then - sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 8B48AD6246925553 - sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 7638D0442B90D010 + apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 8B48AD6246925553 + apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 7638D0442B90D010 fi # Install source.list debian package backports & yarn -sudo cp ../conf/backports.list /etc/apt/sources.list.d/ -sudo curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add - -sudo cp ../conf/yarn.list /etc/apt/sources.list.d/ +cp ../conf/backports.list /etc/apt/sources.list.d/ +curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - +cp ../conf/yarn.list /etc/apt/sources.list.d/ ynh_package_update -# Install debian package backports -sudo apt-get -t jessie-backports -y install ffmpeg - # Creates the destination directory and stores its location. ynh_app_setting_set $app final_path $final_path # Install de Node.js -pushd /opt -curl -sL https://deb.nodesource.com/setup_6.x | sudo bash - -sudo apt-get -y install nodejs +# TODO: use https://github.com/YunoHost-Apps/Experimental_helpers/blob/master/ynh_install_nodejs/ynh_install_nodejs +( + cd /opt + curl -sL https://deb.nodesource.com/setup_6.x | bash - + apt-get -y install nodejs +) + +# TODO: use the same mecanism with other files +ynh_install_app_dependencies \ + `# debian packages ` \ + imagemagick libpq-dev libxml2-dev libxslt1-dev file curl apt-transport-https pkg-config libprotobuf-dev protobuf-compiler libicu-dev libidn11-dev \ + `# redis ` \ + redis-server redis-tools \ + `# postgresql ` \ + postgresql postgresql-contrib postgresql-server-dev-9.4 \ + `# Ruby ` \ + autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm3 libgdbm-dev \ + `# ffmpeg from backports ` \ + ffmpeg \ + `# Yarn ` \ + yarn -# Install Yarn -ynh_package_install yarn +#================================================= +# CREATE A DATABASE +#================================================= +# TODO: use non-official https://github.com/YunoHost-Apps/Experimental_helpers/blob/master/postgres/postgres +# TODO: this commands doesn't looks like a requirement, you may fully remove it # Set UTF8 encoding by default -sudo su -c "psql" postgres <<< \ +su -c "psql" postgres <<< \ "update pg_database set datistemplate='false' where datname='template1';" -sudo su -c "psql" postgres <<< \ +su -c "psql" postgres <<< \ "drop database template1;" -sudo su -c "psql" postgres <<< \ +su -c "psql" postgres <<< \ "create database template1 encoding='UTF8' template template0;" -sudo su -c "psql" postgres <<< \ +su -c "psql" postgres <<< \ "update pg_database set datistemplate='true' where datname='template1';" # Create DB without password ynh_psql_create_db_without_password "$app" -sudo systemctl restart postgresql +systemctl restart postgresql +#================================================= +# DOWNLOAD, CHECK AND UNPACK SOURCE +#================================================= + +# TODO: dont su as $app, work root and set corrects rights at the end of install # Download all sources rbenv, ruby and mastodon -sudo su - $app <<CLONECOMMANDS -git clone https://github.com/rbenv/rbenv.git $final_path/.rbenv -git clone https://github.com/rbenv/ruby-build.git $final_path/.rbenv/plugins/ruby-build -git clone https://github.com/tootsuite/mastodon.git $final_path/live -CLONECOMMANDS +( + su $app + git clone https://github.com/rbenv/rbenv.git $final_path/.rbenv + git clone https://github.com/rbenv/ruby-build.git $final_path/.rbenv/plugins/ruby-build + git clone https://github.com/tootsuite/mastodon.git $final_path/live +) + +#================================================= +# NGINX CONFIGURATION +#================================================= + +# TODO: use official helper +# Modify Nginx configuration file and copy it to Nginx conf directory +sed -i "s@__PATH__@$app@g" ../conf/nginx.conf* +sed -i "s@__FINALPATH__@$final_path@g" ../conf/nginx.conf* +cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf + +#================================================= +# CREATE DEDICATED USER +#================================================= + +# TODO: use official helper +# TODO: AFAIK, no app should change should be in /opt don't use it +# Create user unix +adduser $app --home /opt/$app --gecos "First Last,RoomNumber,WorkPhone,HomePhone" --disabled-password --disabled-login # Switch branch to tagged release cd $final_path/live version=$(curl -s https://api.github.com/repos/tootsuite/mastodon/releases/latest | grep tag_name | cut -d\" -f4) -sudo su - $app <<SWITCHCOMMANDS -pushd ~/live -git checkout $version -SWITCHCOMMANDS -# Be king rewind (/var/cache/yunohost/from_file/scripts) -popd +( + su $app + cd ~/live + git checkout $version +) # Install de rbenv -sudo su - $app <<COMMANDS -pushd ~/.rbenv -src/configure && make -C src -echo 'export PATH="/opt/mastodon/.rbenv/bin:/opt/mastodon/live/bin:$PATH"' >> ~/.profile -echo 'export PATH="/opt/mastodon/.rbenv/bin:/opt/mastodon/live/bin:$PATH"' >> ~/.bashrc -echo 'eval "\$(rbenv init -)"' >> ~/.profile -COMMANDS +( + su $app + cd ~/.rbenv + src/configure && make -C src + echo 'export PATH="/opt/mastodon/.rbenv/bin:/opt/mastodon/live/bin:$PATH"' >> ~/.profile + echo 'export PATH="/opt/mastodon/.rbenv/bin:/opt/mastodon/live/bin:$PATH"' >> ~/.bashrc + echo 'eval "\$(rbenv init -)"' >> ~/.profile +) # Install ruby-build -sudo su - $app <<RCOMMANDS -/opt/mastodon/.rbenv/bin/rbenv install 2.5.0 -/opt/mastodon/.rbenv/versions/2.5.0/bin/ruby -v -RCOMMANDS +# TODO: /opt/mastodon looks like /opt/$app which is WRONG. +( + su $app + /opt/mastodon/.rbenv/bin/rbenv install 2.5.0 + /opt/mastodon/.rbenv/versions/2.5.0/bin/ruby -v +) # Create symlink for ruby -sudo rm /usr/bin/ruby || true -sudo ln -s /opt/mastodon/.rbenv/versions/2.5.0/bin/ruby /usr/bin/ruby || true +rm /usr/bin/ruby || true +ln -s /opt/mastodon/.rbenv/versions/2.5.0/bin/ruby /usr/bin/ruby || true # Install Mastodon -sudo su - $app <<MCOMMANDS -pushd ~/live -/opt/mastodon/.rbenv/versions/2.5.0/bin/gem install bundler -bin/bundle install --deployment --without development test -yarn install --production -MCOMMANDS +# TODO: /opt/mastodon looks like /opt/$app which is WRONG. +( + su $app + cd ~/live + /opt/mastodon/.rbenv/versions/2.5.0/bin/gem install bundler + bin/bundle install --deployment --without development test + yarn install --production +) # Adjust Mastodon config -pushd $final_path/live/ -sudo cp -a .env.production.sample .env.production -sudo sed -i "s@REDIS_HOST=redis@REDIS_HOST=127.0.0.1@g" "${final_path}/live/.env.production" -sudo sed -i "s@DB_HOST=db@DB_HOST=/var/run/postgresql@g" "${final_path}/live/.env.production" -sudo sed -i "s@DB_USER=postgres@DB_USER=${app}@g" "${final_path}/live/.env.production" -sudo sed -i "s@DB_NAME=postgres@DB_NAME=${app}_production@g" "${final_path}/live/.env.production" -sudo sed -i "s@LOCAL_DOMAIN=example.com@LOCAL_DOMAIN=${domain}@g" "${final_path}/live/.env.production" +# TODO: use official helper: ynh_replace_string +cp -a $final_path/live/.env.production.sample $final_path/live/.env.production +sed -i "s@REDIS_HOST=redis@REDIS_HOST=127.0.0.1@g" "${final_path}/live/.env.production" +sed -i "s@DB_HOST=db@DB_HOST=/var/run/postgresql@g" "${final_path}/live/.env.production" +sed -i "s@DB_USER=postgres@DB_USER=${app}@g" "${final_path}/live/.env.production" +sed -i "s@DB_NAME=postgres@DB_NAME=${app}_production@g" "${final_path}/live/.env.production" +sed -i "s@LOCAL_DOMAIN=example.com@LOCAL_DOMAIN=${domain}@g" "${final_path}/live/.env.production" language="$(echo $language | head -c 2)" -sudo sed -i "s@# DEFAULT_LOCALE=de@DEFAULT_LOCALE=${language}@g" "${final_path}/live/.env.production" +sed -i "s@# DEFAULT_LOCALE=de@DEFAULT_LOCALE=${language}@g" "${final_path}/live/.env.production" paperclip_secret=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128) secret_key_base=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128) otp_secret=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128) -sudo sed -i "s@PAPERCLIP_SECRET=@PAPERCLIP_SECRET=${paperclip_secret}@g" "${final_path}/live/.env.production" -sudo sed -i "s@SECRET_KEY_BASE=@SECRET_KEY_BASE=${secret_key_base}@g" "${final_path}/live/.env.production" -sudo sed -i "s@OTP_SECRET=@OTP_SECRET=${otp_secret}@g" "${final_path}/live/.env.production" +sed -i "s@PAPERCLIP_SECRET=@PAPERCLIP_SECRET=${paperclip_secret}@g" "${final_path}/live/.env.production" +sed -i "s@SECRET_KEY_BASE=@SECRET_KEY_BASE=${secret_key_base}@g" "${final_path}/live/.env.production" +sed -i "s@OTP_SECRET=@OTP_SECRET=${otp_secret}@g" "${final_path}/live/.env.production" -sudo sed -i "s@SMTP_LOGIN=@#SMTP_LOGIN=@g" "${final_path}/live/.env.production" -sudo sed -i "s@SMTP_PASSWORD=@#SMTP_PASSWORD=@g" "${final_path}/live/.env.production" -sudo sed -i "s@SMTP_SERVER=smtp.mailgun.org@SMTP_SERVER=localhost@g" "${final_path}/live/.env.production" -sudo sed -i "s@SMTP_PORT=587@SMTP_PORT=25@g" "${final_path}/live/.env.production" -sudo sed -i 's,SMTP_FROM_ADDRESS=notifications@example.com,SMTP_FROM_ADDRESS='${admin_mastodon}'@'${domain}',' "${final_path}/live/.env.production" -sudo sed -i "s@#SMTP_AUTH_METHOD=plain@SMTP_AUTH_METHOD=none@g" "${final_path}/live/.env.production" -sudo sed -i "s@#SMTP_OPENSSL_VERIFY_MODE=peer@SMTP_OPENSSL_VERIFY_MODE=none@g" "${final_path}/live/.env.production" +sed -i "s@SMTP_LOGIN=@#SMTP_LOGIN=@g" "${final_path}/live/.env.production" +sed -i "s@SMTP_PASSWORD=@#SMTP_PASSWORD=@g" "${final_path}/live/.env.production" +sed -i "s@SMTP_SERVER=smtp.mailgun.org@SMTP_SERVER=localhost@g" "${final_path}/live/.env.production" +sed -i "s@SMTP_PORT=587@SMTP_PORT=25@g" "${final_path}/live/.env.production" +sed -i 's,SMTP_FROM_ADDRESS=notifications@example.com,SMTP_FROM_ADDRESS='${admin_mastodon}'@'${domain}',' "${final_path}/live/.env.production" +sed -i "s@#SMTP_AUTH_METHOD=plain@SMTP_AUTH_METHOD=none@g" "${final_path}/live/.env.production" +sed -i "s@#SMTP_OPENSSL_VERIFY_MODE=peer@SMTP_OPENSSL_VERIFY_MODE=none@g" "${final_path}/live/.env.production" -# Create database # Preconfig CSS & JS -sudo su - $app <<CCOMMANDS -pushd ~/live -echo "SAFETY_ASSURED=1">> .env.production -RAILS_ENV=production bin/bundle exec rails db:setup -RAILS_ENV=production bin/bundle exec rails --trace assets:precompile -CCOMMANDS +( + su $app + cd ~/live + echo "SAFETY_ASSURED=1">> .env.production + RAILS_ENV=production bin/bundle exec rails db:setup + RAILS_ENV=production bin/bundle exec rails --trace assets:precompile +) # init rbenv & create bundle -sudo su - $app <<BCOMMANDS -. ~/.profile -type rbenv -BCOMMANDS +( + su $app + . ~/.profile + type rbenv +) -# Add Services -popd +# TODO: use official helper ynh_add_systemd_config +cp ../conf/mastodon-web.service /etc/systemd/system/mastodon-web.service +chown root: /etc/systemd/system/mastodon-web.service +cp ../conf/mastodon-sidekiq.service /etc/systemd/system/mastodon-sidekiq.service +chown root: /etc/systemd/system/mastodon-sidekiq.service +cp ../conf/mastodon-streaming.service /etc/systemd/system/mastodon-streaming.service +chown root: /etc/systemd/system/mastodon-streaming.service -sudo cp ../conf/mastodon-web.service /etc/systemd/system/mastodon-web.service -sudo chown root: /etc/systemd/system/mastodon-web.service -sudo cp ../conf/mastodon-sidekiq.service /etc/systemd/system/mastodon-sidekiq.service -sudo chown root: /etc/systemd/system/mastodon-sidekiq.service -sudo cp ../conf/mastodon-streaming.service /etc/systemd/system/mastodon-streaming.service -sudo chown root: /etc/systemd/system/mastodon-streaming.service - -sudo systemctl daemon-reload -sudo systemctl enable /etc/systemd/system/mastodon-*.service -sudo systemctl start mastodon-web.service mastodon-sidekiq.service mastodon-streaming.service +systemctl daemon-reload +systemctl enable /etc/systemd/system/mastodon-*.service +systemctl start mastodon-web.service mastodon-sidekiq.service mastodon-streaming.service # debug -sudo systemctl status mastodon-web.service mastodon-sidekiq.service mastodon-streaming.service - -# Add service YunoHost -sudo yunohost service add mastodon-web -sudo yunohost service add mastodon-sidekiq -sudo yunohost service add mastodon-streaming +systemctl status mastodon-web.service mastodon-sidekiq.service mastodon-streaming.service # Create user -sudo su - $app <<UCOMMANDS -pushd ~/live -RAILS_ENV=production bundle exec rails c -account = Account.create!(username: '$admin_mastodon') -user = User.create!(email: '$admin_mastodon_mail', password: '$admin_pass', account: account) -UCOMMANDS +( + su $app + cd ~/live + RAILS_ENV=production bundle exec rails c + account = Account.create!(username: '$admin_mastodon') + user = User.create!(email: '$admin_mastodon_mail', password: '$admin_pass', account: account) +) # Create administrator & confirm user -sudo su - $app <<ACOMMANDS -pushd ~/live -RAILS_ENV=production bin/bundle exec rails mastodon:make_admin USERNAME=$admin_mastodon -RAILS_ENV=production bin/bundle exec rails mastodon:confirm_email USER_EMAIL=$admin_mastodon_mail -ACOMMANDS - -# Modify Nginx configuration file and copy it to Nginx conf directory -sudo sed -i "s@__PATH__@$app@g" ../conf/nginx.conf* -sudo sed -i "s@__FINALPATH__@$final_path@g" ../conf/nginx.conf* -sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf +( + su $app + cd ~/live + RAILS_ENV=production bin/bundle exec rails mastodon:make_admin USERNAME=$admin_mastodon + RAILS_ENV=production bin/bundle exec rails mastodon:confirm_email USER_EMAIL=$admin_mastodon_mail +) # Install crontab -sudo cp ../conf/crontab_mastodon /etc/cron.d/$app -sudo sed -i "s@__APP__@$app@g" /etc/cron.d/$app +cp ../conf/crontab_mastodon /etc/cron.d/$app +sed -i "s@__APP__@$app@g" /etc/cron.d/$app + + +#================================================= +# GENERIC FINALIZATION +#================================================= +# SECURE FILES AND DIRECTORIES +#================================================= + +# TODO:Set permissions to app files + + +#================================================= +# ADVERTISE SERVICE IN ADMIN PANEL +#================================================= + +# Add service YunoHost +yunohost service add mastodon-web +yunohost service add mastodon-sidekiq +yunohost service add mastodon-streaming + +#================================================= +# SETUP SSOWAT +#================================================= +# TODO: all private install # Unprotected url ynh_app_setting_set "$app" unprotected_uris "/" -# Reload SSOwat configuration -sudo yunohost app ssowatconf +#================================================= +# RELOAD NGINX +#================================================= # Reload Nginx -sudo systemctl reload nginx +systemctl reload nginx |