diff options
| -rw-r--r-- | README.md | 2 | ||||
| -rw-r--r-- | README_fr.md | 2 | ||||
| -rw-r--r-- | check_process | 7 | ||||
| -rw-r--r-- | conf/cron | 7 | ||||
| -rw-r--r-- | conf/mastodon-sidekiq.service | 2 | ||||
| -rw-r--r-- | conf/mastodon-web.service | 2 | ||||
| -rw-r--r-- | conf/nginx.conf | 4 | ||||
| -rw-r--r-- | manifest.json | 112 | ||||
| -rw-r--r-- | scripts/_common.sh | 6 | ||||
| -rw-r--r-- | scripts/install | 75 | ||||
| -rw-r--r-- | scripts/remove | 1 | ||||
| -rw-r--r-- | scripts/restore | 11 | ||||
| -rw-r--r-- | scripts/upgrade | 94 | ||||
| -rw-r--r-- | scripts/ynh_add_extra_apt_repos__3 | 294 |
14 files changed, 168 insertions, 451 deletions
@@ -9,7 +9,7 @@ If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to know how to install and enjoy it.* ## Overview -Mastodon is a free, open-source social network. A decentralized alternative to commercial platforms, it avoids the risks of a single company monopolizing your communication. Pick a server that you trust — whichever you choose, you can interact with everyone else. Anyone can run their own Mastodon instance and participate in the social network seamlessly. +Mastodon is a free, open-source social network. A decentralized alternative to commercial platforms, it avoids the risks of a single company monopolizing your communication. **Shipped version:** 3.1.2 diff --git a/README_fr.md b/README_fr.md index ea8fc4f..684d762 100644 --- a/README_fr.md +++ b/README_fr.md @@ -9,7 +9,7 @@ Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.* ## Vue d'ensemble -Mastodon est un réseau social gratuit et open source. Une alternative décentralisée aux plates-formes commerciales, elle évite les risques d'une seule société qui monopolise votre communication. Choisissez un serveur sur lequel vous faites confiance - selon votre choix, vous pouvez interagir avec tous les autres. N'importe qui peut exécuter sa propre instance de Mastodon et participer au réseau social de façon transparente. +Mastodon est un réseau social gratuit et open source. Une alternative décentralisée aux plates-formes commerciales, elle évite les risques d'une seule société qui monopolise votre communication. **Version incluse:** 3.1.2 diff --git a/check_process b/check_process index f5e4602..12c74c8 100644 --- a/check_process +++ b/check_process @@ -2,8 +2,9 @@ auto_remove=1 ; Manifest domain="domain.tld" (DOMAIN) - admin="john" (USER) - language="fr_FR" + admin="john" (USER) + language="fr_FR" + is_public=1 (PUBLIC|public=1|private=0) ; Checks pkg_linter=1 setup_sub_dir=0 @@ -14,6 +15,8 @@ upgrade=1 # 3.1.2~ynh2 upgrade=1 from_commit=7e1f4c2dee5f2c8374686aea62f4648cdf2722c3 + # 3.1.2~ynh3 + upgrade=1 from_commit=6b30109fc986d83166b1805ec3ad7e28200e3743 backup_restore=1 multi_instance=1 # This test is no longer necessary since the version 2.7 (PR: https://github.com/YunoHost/yunohost/pull/304), you can still do it if your app could be installed with this version. @@ -1,2 +1,5 @@ -RAILS_ENV=production -@daily cd __FINAL__PATH__/live && /opt/rbenv/versions/2.6.5/bin/bundle exec rake __USER__:media:remove_remote +@daily cd __FINAL_PATH__/live && RAILS_ENV=production bin/tootctl media remove +@monthly cd __FINAL_PATH__/live && RAILS_ENV=production bin/tootctl media remove-orphans +@monthly cd __FINAL_PATH__/live && RAILS_ENV=production bin/tootctl accounts cull +@monthly cd __FINAL_PATH__/live && RAILS_ENV=production bin/tootctl statuses remove +@monthly cd __FINAL_PATH__/live && RAILS_ENV=production bin/tootctl preview_cards remove diff --git a/conf/mastodon-sidekiq.service b/conf/mastodon-sidekiq.service index d5fc7e1..73f29e5 100644 --- a/conf/mastodon-sidekiq.service +++ b/conf/mastodon-sidekiq.service @@ -9,7 +9,7 @@ Environment="RAILS_ENV=production" Environment="DB_POOL=25" Environment="MALLOC_ARENA_MAX=2" - ExecStart=/opt/rbenv/versions/2.6.5/bin/bundle exec sidekiq -c 25 + ExecStart=__RBENVROOT__/shims/bundle exec sidekiq -c 25 TimeoutSec=15 Restart=always StandardError=syslog diff --git a/conf/mastodon-web.service b/conf/mastodon-web.service index bb65afe..14d1260 100644 --- a/conf/mastodon-web.service +++ b/conf/mastodon-web.service @@ -8,7 +8,7 @@ WorkingDirectory=__FINALPATH__/live Environment="RAILS_ENV=production" Environment="PORT=__PORT_WEB__" - ExecStart=/opt/rbenv/versions/2.6.5/bin/bundle exec puma -C config/puma.rb + ExecStart=__RBENVROOT__/shims/bundle exec puma -C config/puma.rb ExecReload=/bin/kill -SIGUSR1 $MAINPID TimeoutSec=15 Restart=always diff --git a/conf/nginx.conf b/conf/nginx.conf index 7fa7b87..d348613 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -38,7 +38,7 @@ location @proxy { proxy_set_header Proxy ""; proxy_pass_header Server; - proxy_pass http://127.0.0.1:3000; + proxy_pass http://127.0.0.1:__PORT_WEB__; proxy_buffering on; proxy_redirect off; proxy_http_version 1.1; @@ -62,7 +62,7 @@ location /api/v1/streaming { proxy_set_header X-Forwarded-Proto https; proxy_set_header Proxy ""; - proxy_pass http://127.0.0.1:4000; + proxy_pass http://127.0.0.1:__PORT_STREAM__; proxy_buffering off; proxy_redirect off; proxy_http_version 1.1; diff --git a/manifest.json b/manifest.json index 5925f8f..b54d843 100644 --- a/manifest.json +++ b/manifest.json @@ -1,54 +1,54 @@ { - "name": "Mastodon", - "id": "mastodon", - "packaging_format": 1, - "description": { - "en": "A libre and federated social network.", - "fr": "Un réseau social libre et fédéré." - }, - "version": "3.1.2~ynh3", - "url": "https://github.com/tootsuite/mastodon", - "license": "AGPL-3.0-or-later", - "maintainer": [ - { - "name": "cyp", - "email": "cyp@rouquin.me" - }, - { - "name": "nemsia", - "email": "nemsia@nemsia.org" - }, - { - "name": "yalh76" - } - ], + "name": "Mastodon", + "id": "mastodon", + "packaging_format": 1, + "description": { + "en": "A libre and federated social network.", + "fr": "Un réseau social libre et fédéré." + }, + "version": "3.1.2~ynh4", + "url": "https://github.com/tootsuite/mastodon", + "license": "AGPL-3.0-or-later", + "maintainer": [ + { + "name": "cyp", + "email": "cyp@rouquin.me" + }, + { + "name": "nemsia", + "email": "nemsia@nemsia.org" + }, + { + "name": "yalh76" + } + ], "requirements": { - "yunohost": ">= 3.7" + "yunohost": ">= 3.8" }, "multi_instance": true, - "services": [ - "nginx" - ], - "arguments": { - "install" : [ - { - "name": "domain", - "type": "domain", - "ask": { - "en": "Choose a domain for Mastodon", - "fr": "Choisissez un domaine pour Mastodon" - }, + "services": [ + "nginx" + ], + "arguments": { + "install" : [ + { + "name": "domain", + "type": "domain", + "ask": { + "en": "Choose a domain for Mastodon", + "fr": "Choisissez un domaine pour Mastodon" + }, "example": "example.com" - }, - { - "name": "admin", - "type": "user", - "ask": { - "en": "Choose an admin user", - "fr": "Choisissez l'administrateur" - }, + }, + { + "name": "admin", + "type": "user", + "ask": { + "en": "Choose an admin user", + "fr": "Choisissez l'administrateur" + }, "example": "johndoe" - }, + }, { "name": "is_public", "type": "boolean", @@ -58,16 +58,16 @@ }, "default": true }, - { - "name": "language", + { + "name": "language", "type": "string", - "ask": { - "en": "Choose the application language", - "fr": "Choisissez la langue de l'application" - }, - "choices": ["en_EN", "fr_FR"], - "default": "fr_FR" - } - ] - } + "ask": { + "en": "Choose the application language", + "fr": "Choisissez la langue de l'application" + }, + "choices": ["en_EN", "fr_FR"], + "default": "fr_FR" + } + ] + } } diff --git a/scripts/_common.sh b/scripts/_common.sh index 015c1e9..e0686b2 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -7,6 +7,12 @@ # dependencies used by the app pkg_dependencies="imagemagick ffmpeg libpq-dev libxml2-dev libxslt1-dev file git-core g++ libprotobuf-dev protobuf-compiler pkg-config gcc autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm3|libgdbm6 libgdbm-dev redis-server redis-tools postgresql postgresql-contrib libidn11-dev libicu-dev libjemalloc-dev curl apt-transport-https" +RUBY_VERSION="2.6.5" + +BUNDLER_VERSION="1.17.3" + +NODEJS_VERSION="12" + #================================================= # PERSONAL HELPERS #================================================= diff --git a/scripts/install b/scripts/install index cb059ba..388b2a3 100644 --- a/scripts/install +++ b/scripts/install @@ -8,8 +8,6 @@ source _common.sh source ynh_install_ruby__2 -source ynh_add_extra_apt_repos__3 -source ynh_send_readme_to_admin__2 source ynh_add_swap source ynh_check_ram source /usr/share/yunohost/helpers @@ -81,7 +79,7 @@ ynh_app_setting_set --app=$app --key=port_stream --value=$port_stream #================================================= ynh_script_progression --message="Installing dependencies..." --weight=86 -ynh_install_nodejs --nodejs_version="10" +ynh_install_nodejs --nodejs_version=$NODEJS_VERSION ynh_install_app_dependencies $pkg_dependencies ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg" @@ -108,7 +106,7 @@ ynh_script_progression --message="Setting up source files..." --weight=5 ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src mkdir $final_path -ynh_setup_source --dest_dir="$final_path/live" +ynh_setup_source --dest_dir="$final_path/live" # Temporary workaround for https://github.com/tootsuite/mastodon/issues/13292 ynh_replace_string --match_string="sidekiq-unique-jobs (6.0.18)" --replace_string="sidekiq-unique-jobs (6.0.20)" --target_file="$final_path/live/Gemfile.lock" @@ -153,37 +151,43 @@ ynh_add_swap --size=$swap_needed #================================================= ynh_script_progression --message="Installing Ruby..." --weight=424 -ynh_install_ruby --ruby_version=2.6.5 -/opt/rbenv/versions/2.6.5/bin/gem update --system -/opt/rbenv/versions/2.6.5/bin/gem install bundler:1.17.3 --no-document +ynh_install_ruby --ruby_version=$RUBY_VERSION +pushd "$final_path/live" + gem update --system + gem install bundler:$BUNDLER_VERSION --no-document +popd #================================================= # MODIFY A CONFIG FILE #================================================= ynh_script_progression --message="Modifying a config file..." --weight=2 -cp -f ../conf/.env.production.sample "$final_path/live/.env.production" -ynh_replace_string --match_string="__DB_USER__" --replace_string="$app" --target_file="$final_path/live/.env.production" -ynh_replace_string --match_string="__DB_NAME__" --replace_string="$db_name" --target_file="$final_path/live/.env.production" -ynh_replace_string --match_string="__DB_PWD__" --replace_string="$db_pwd" --target_file="$final_path/live/.env.production" -ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$final_path/live/.env.production" -ynh_replace_string --match_string="__SMTP_FROM_ADDRESS__" --replace_string="$admin_mail" --target_file="${final_path}/live/.env.production" +config="$final_path/live/.env.production" +cp -f ../conf/.env.production.sample "$config" +ynh_replace_string --match_string="__DB_USER__" --replace_string="$app" --target_file="$config" +ynh_replace_string --match_string="__DB_NAME__" --replace_string="$db_name" --target_file="$config" +ynh_replace_string --match_string="__DB_PWD__" --replace_string="$db_pwd" --target_file="$config" +ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$config" +ynh_replace_string --match_string="__SMTP_FROM_ADDRESS__" --replace_string="$admin_mail" --target_file="$config" language="$(echo $language | head -c 2)" -ynh_replace_string --match_string="__LANGUAGE__" --replace_string="$language" --target_file="$final_path/live/.env.production" +ynh_replace_string --match_string="__LANGUAGE__" --replace_string="$language" --target_file="$config" paperclip_secret=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128) -ynh_replace_string --match_string="PAPERCLIP_SECRET=" --replace_string="PAPERCLIP_SECRET=$paperclip_secret" --target_file="${final_path}/live/.env.production" +ynh_replace_string --match_string="PAPERCLIP_SECRET=" --replace_string="PAPERCLIP_SECRET=$paperclip_secret" --target_file="$config" ynh_app_setting_set --app="$app" --key=paperclip_secret --value="$paperclip_secret" secret_key_base=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128) -ynh_replace_string --match_string="__SECRET_KEY_BASE__" --replace_string="$secret_key_base" --target_file="$final_path/live/.env.production" +ynh_replace_string --match_string="__SECRET_KEY_BASE__" --replace_string="$secret_key_base" --target_file="$config" ynh_app_setting_set --app="$app" --key=secret_key_base --value="$secret_key_base" otp_secret=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128) -ynh_replace_string --match_string="__OTP_SECRET__" --replace_string="$otp_secret" --target_file="$final_path/live/.env.production" +ynh_replace_string --match_string="__OTP_SECRET__" --replace_string="$otp_secret" --target_file="$config" ynh_app_setting_set --app="$app" --key=otp_secret --value="$otp_secret" +ynh_replace_string --match_string="registrations_mode: 'open'" --replace_string="registrations_mode: 'none'" --target_file="$final_path/live/config/settings.yml" +ynh_replace_string --match_string="min_invite_role: 'admin'" --replace_string="min_invite_role: 'none'" --target_file="$final_path/live/config/settings.yml" + #================================================= # INSTALLING MASTODON #================================================= @@ -193,23 +197,23 @@ chown -R "$app": "$final_path" pushd "$final_path/live" ynh_use_nodejs - sudo -u "$app" env PATH=$PATH /opt/rbenv/versions/2.6.5/bin/bundle install -j$(getconf _NPROCESSORS_ONLN) --deployment --without development test - sudo -u "$app" env PATH=$PATH yarn install --pure-lockfile - sudo -u "$app" echo "SAFETY_ASSURED=1">> .env.production - sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.5/bin/bundle exec rails db:setup --quiet - sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.5/bin/bundle exec rails assets:precompile --quiet - sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.5/bin/bundle exec rake mastodon:webpush:generate_vapid_key > key.txt - sudo -u "$app" env PATH=$PATH RAILS_ENV=production bin/tootctl accounts create "$admin" --email="$admin_mail" --confirmed --role=admin > acc.txt + bundle config deployment 'true' + bundle config without 'development test' + bundle install -j$(getconf _NPROCESSORS_ONLN) + yarn install --pure-lockfile + echo "SAFETY_ASSURED=1">> $config + RAILS_ENV=production bundle exec rails db:setup --quiet + RAILS_ENV=production bundle exec rails assets:precompile --quiet + RAILS_ENV=production bundle exec rake mastodon:webpush:generate_vapid_key > key.txt + RAILS_ENV=production bin/tootctl accounts create "$admin" --email="$admin_mail" --confirmed --role=admin > /dev/null + RAILS_ENV=production bin/tootctl accounts modify "$admin" --approve popd -admin_pass=$( tail -1 $final_path/live/acc.txt | head -1 | cut -c 15- ) -ynh_secure_remove --file="$final_path/live/acc.txt" - vapid_private_key=$(grep -oP "VAPID_PRIVATE_KEY=\K.+" "$final_path/live/key.txt") vapid_public_key=$(grep -oP "VAPID_PUBLIC_KEY=\K.+" "$final_path/live/key.txt") -ynh_replace_string --match_string="__VAPID_PRIVATE_KEY__" --replace_string="$vapid_private_key" --target_file="${final_path}/live/.env.production" -ynh_replace_string --match_string="__VAPID_PUBLIC_KEY__" --replace_string="$vapid_public_key" --target_file="${final_path}/live/.env.production" +ynh_replace_string --match_string="__VAPID_PRIVATE_KEY__" --replace_string="$vapid_private_key" --target_file="$config" +ynh_replace_string --match_string="__VAPID_PUBLIC_KEY__" --replace_string="$vapid_public_key" --target_file="$config" ynh_app_setting_set --app="$app" --key=vapid_private_key --value="$vapid_private_key" ynh_app_setting_set --app="$app" --key=vapid_public_key --value="$vapid_public_key" @@ -222,8 +226,7 @@ ynh_secure_remove --file="$final_path/live/key.txt" ynh_script_progression --message="Setuping a cron job for removing cache..." --weight=1 ynh_replace_string --match_string="__FINAL_PATH__" --replace_string="$final_path" --target_file="../conf/cron" -ynh_replace_string --match_string="__USER__" --replace_string="$app" --target_file="../conf/cron" -sudo cp -f ../conf/cron /etc/cron.d/$app +cp -f ../conf/cron /etc/cron.d/$app #================================================= # SETUP SYSTEMD @@ -231,11 +234,13 @@ sudo cp -f ../conf/cron /etc/cron.d/$app ynh_script_progression --message="Configuring a systemd service..." --weight=5 # Create a dedicated systemd config -ynh_replace_string --match_string="__PORT_WEB__" --replace_string="$port_web" --target_file="../conf/mastodon-web.service" +ynh_replace_string --match_string="__PORT_WEB__" --replace_string="$port_web" --target_file="../conf/mastodon-web.service" +ynh_replace_string --match_string="__RBENVROOT__" --replace_string="$RBENV_ROOT" --target_file="../conf/mastodon-web.service" +ynh_replace_string --match_string="__RBENVROOT__" --replace_string="$RBENV_ROOT" --target_file="../conf/mastodon-sidekiq.service" ynh_replace_string --match_string="__PORT_STREAM__" --replace_string="$port_stream" --target_file="../conf/mastodon-streaming.service" ynh_replace_string --match_string="__NODEJS_PATH__" --replace_string="$nodejs_path" --target_file="../conf/mastodon-streaming.service" -ynh_add_systemd_config --service="$app-web" --template="mastodon-web.service" -ynh_add_systemd_config --service="$app-sidekiq" --template="mastodon-sidekiq.service" +ynh_add_systemd_config --service="$app-web" --template="mastodon-web.service" +ynh_add_systemd_config --service="$app-sidekiq" --template="mastodon-sidekiq.service" ynh_add_systemd_config --service="$app-streaming" --template="mastodon-streaming.service" #================================================= @@ -244,7 +249,7 @@ ynh_add_systemd_config --service="$app-streaming" --template="mastodon-streaming ynh_script_progression --message="Storing the config file checksum..." --weight=1 # Calculate and store the config file checksum into the app settings -ynh_store_file_checksum --file="${final_path}/live/.env.production" +ynh_store_file_checksum --file="$config" #================================================= # GENERIC FINALIZATION diff --git a/scripts/remove b/scripts/remove index f2b2e16..d955a8a 100644 --- a/scripts/remove +++ b/scripts/remove @@ -8,7 +8,6 @@ source _common.sh source ynh_install_ruby__2 -source ynh_add_extra_apt_repos__3 source ynh_add_swap source /usr/share/yunohost/helpers diff --git a/scripts/restore b/scripts/restore index c6e4bc8..dbcd5cb 100644 --- a/scripts/restore +++ b/scripts/restore @@ -9,7 +9,6 @@ #Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source ../settings/scripts/ynh_install_ruby__2 -source ../settings/scripts/ynh_add_extra_apt_repos__3 source ../settings/scripts/ynh_add_swap source ../settings/scripts/ynh_check_ram source /usr/share/yunohost/helpers @@ -105,7 +104,7 @@ ynh_add_swap --size=$swap_needed #================================================= ynh_script_progression --message="Reinstalling dependencies..." --weight=63 -ynh_install_nodejs --nodejs_version="10" +ynh_install_nodejs --nodejs_version=$NODEJS_VERSION ynh_install_app_dependencies $pkg_dependencies ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg" @@ -114,9 +113,11 @@ ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ st #================================================= ynh_script_progression --message="Installing Ruby..." --weight=393 -ynh_install_ruby --ruby_version=2.6.5 -/opt/rbenv/versions/2.6.5/bin/gem update --system -/opt/rbenv/versions/2.6.5/bin/gem install bundler:1.17.3 --no-document +ynh_install_ruby --ruby_version=$RUBY_VERSION +pushd "$final_path/live" + gem update --system + gem install bundler:$BUNDLER_VERSION --no-document +popd #================================================= # RESTORE THE POSTGRESQL DATABASE diff --git a/scripts/upgrade b/scripts/upgrade index 153437b..c5be012 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -8,7 +8,6 @@ source _common.sh source ynh_install_ruby__2 -source ynh_add_extra_apt_repos__3 source ynh_add_swap source ynh_check_ram source /usr/share/yunohost/helpers @@ -51,6 +50,8 @@ upgrade_type=$(ynh_check_app_version_changed) #================================================= ynh_script_progression --message="Ensuring downward compatibility..." --weight=1 +config="$final_path/live/.env.production" + # If db_name doesn't exist, create it if [ -z "$db_name" ]; then db_name="${app}_production" @@ -87,12 +88,12 @@ if [[ -z "$db_pwd" ]]; then ynh_app_setting_set --app=$app --key=db_pwd --value=$db_pwd ynh_psql_test_if_first_run sudo --login --user=postgres psql -c"ALTER user $app WITH PASSWORD '$db_pwd'" postgres - ynh_replace_string --match_string="DB_PASS=" --replace_string="DB_PASS=${db_pwd}" --target_file="${final_path}/live/.env.production" + ynh_replace_string --match_string="DB_PASS=" --replace_string="DB_PASS=${db_pwd}" --target_file="$config" fi # If paperclip_secret doesn't exist, retrieve it or create it if [[ -z "$paperclip_secret" ]]; then - paperclip_secret=$(grep -oP "PAPERCLIP_SECRET=\K\w+" ${final_path}/live/.env.production) + paperclip_secret=$(grep -oP "PAPERCLIP_SECRET=\K\w+" $config) if [[ -z "$paperclip_secret" ]]; then paperclip_secret=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128) fi @@ -101,7 +102,7 @@ fi # If secret_key_base doesn't exist, retrieve it or create it if [[ -z "$secret_key_base" ]]; then - secret_key_base=$(grep -oP "SECRET_KEY_BASE=\K\w+" ${final_path}/live/.env.production) + secret_key_base=$(grep -oP "SECRET_KEY_BASE=\K\w+" $config) if [[ -z "$secret_key_base" ]]; then secret_key_base=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128) fi @@ -110,7 +111,7 @@ fi # If otp_secret doesn't exist, retrieve it or create it if [[ -z "$otp_secret" ]]; then - otp_secret=$(grep -oP "OTP_SECRET=\K\w+" ${final_path}/live/.env.production) + otp_secret=$(grep -oP "OTP_SECRET=\K\w+" $config) if [[ -z "$otp_secret" ]]; then otp_secret=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128) fi @@ -119,8 +120,8 @@ fi # If vapid_private_key doesn't exist, retrieve it or create it if [[ -z "$vapid_private_key" ]]; then - vapid_private_key=$(grep -oP "VAPID_PRIVATE_KEY=\K.+" ${final_path}/live/.env.production) - vapid_public_key=$(grep -oP "VAPID_PUBLIC_KEY=\K.+" ${final_path}/live/.env.production) + vapid_private_key=$(grep -oP "VAPID_PRIVATE_KEY=\K.+" $config) + vapid_public_key=$(grep -oP "VAPID_PUBLIC_KEY=\K.+" $config) ynh_app_setting_set "$app" vapid_private_key "$vapid_private_key" ynh_app_setting_set "$app" vapid_public_key "$vapid_public_key" fi @@ -180,8 +181,8 @@ then mkdir $tmpdir/system if [ -d "$final_path/live/public/system" ]; then rsync -a "$final_path/live/public/system" "$tmpdir/." - fi - rsync -a "$final_path/live/.env.production" "$tmpdir/." + fi + rsync -a "$config" "$tmpdir/." ynh_secure_remove --file="$final_path/live" ynh_setup_source --dest_dir="$final_path/live" @@ -211,7 +212,7 @@ ynh_add_nginx_config 'port_web port_stream' ynh_script_progression --message="Upgrading dependencies..." --weight=24 ynh_remove_nodejs -ynh_install_nodejs --nodejs_version="10" +ynh_install_nodejs --nodejs_version=$NODEJS_VERSION ynh_install_app_dependencies $pkg_dependencies ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg" @@ -247,34 +248,36 @@ ynh_add_swap --size=$swap_needed #================================================= ynh_script_progression --message="Installing Ruby..." --weight=424 -ynh_install_ruby --ruby_version=2.6.5 -/opt/rbenv/versions/2.6.5/bin/gem update --system -/opt/rbenv/versions/2.6.5/bin/gem install bundler:1.17.3 --no-document +ynh_install_ruby --ruby_version=$RUBY_VERSION +pushd "$final_path/live" + gem update --system + gem install bundler:$BUNDLER_VERSION --no-document +popd #================================================= # MODIFY A CONFIG FILE #================================================= ynh_script_progression --message="Modifying a config file..." --weight=1 -ynh_backup_if_checksum_is_different --file="$final_path/live/.env.production" -cp -f ../conf/.env.production.sample "$final_path/live/.env.production" -ynh_replace_string --match_string="__DB_USER__" --replace_string="$app" --target_file="$final_path/live/.env.production" -ynh_replace_string --match_string="__DB_NAME__" --replace_string="$db_name" --target_file="$final_path/live/.env.production" -ynh_replace_string --match_string="__DB_PWD__" --replace_string="$db_pwd" --target_file="$final_path/live/.env.production" -ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$final_path/live/.env.production" -ynh_replace_string --match_string="__SMTP_FROM_ADDRESS__" --replace_string="$admin_mail" --target_file="${final_path}/live/.env.production" +ynh_backup_if_checksum_is_different --file="$config" +cp -f ../conf/.env.production.sample "$config" +ynh_replace_string --match_string="__DB_USER__" --replace_string="$app" --target_file="$config" +ynh_replace_string --match_string="__DB_NAME__" --replace_string="$db_name" --target_file="$config" +ynh_replace_string --match_string="__DB_PWD__" --replace_string="$db_pwd" --target_file="$config" +ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$config" +ynh_replace_string --match_string="__SMTP_FROM_ADDRESS__" --replace_string="$admin_mail" --target_file="$config" language="$(echo $language | head -c 2)" -ynh_replace_string --match_string="__LANGUAGE__" --replace_string="$language" --target_file="$final_path/live/.env.production" +ynh_replace_string --match_string="__LANGUAGE__" --replace_string="$language" --target_file="$config" -ynh_replace_string --match_string="PAPERCLIP_SECRET=" --replace_string="PAPERCLIP_SECRET=$paperclip_secret" --target_file="${final_path}/live/.env.production" +ynh_replace_string --match_string="PAPERCLIP_SECRET=" --replace_string="PAPERCLIP_SECRET=$paperclip_secret" --target_file="$config" -ynh_replace_string --match_string="__SECRET_KEY_BASE__" --replace_string="$secret_key_base" --target_file="$final_path/live/.env.production" +ynh_replace_string --match_string="__SECRET_KEY_BASE__" --replace_string="$secret_key_base" --target_file="$config" -ynh_replace_string --match_string="__OTP_SECRET__" --replace_string="$otp_secret" --target_file="$final_path/live/.env.production" +ynh_replace_string --match_string="__OTP_SECRET__" --replace_string="$otp_secret" --target_file="$config" -ynh_replace_string "__VAPID_PRIVATE_KEY__" "$vapid_private_key" "$final_path/live/.env.production" -ynh_replace_string "__VAPID_PUBLIC_KEY__" "$vapid_public_key" "$final_path/live/.env.production" +ynh_replace_string --match_string="__VAPID_PRIVATE_KEY__" --replace_string="$vapid_private_key" --target_file="$config" +ynh_replace_string --match_string="__VAPID_PUBLIC_KEY__" --replace_string="$vapid_public_key" --target_file="$config" #================================================= # UPGRADE MASTODON @@ -285,28 +288,18 @@ chown -R "$app": "$final_path" pushd "$final_path/live" ynh_use_nodejs - sudo -u "$app" env PATH=$PATH /opt/rbenv/versions/2.6.5/bin/bundle install -j$(getconf _NPROCESSORS_ONLN) --deployment --without development test - sudo -u "$app" env PATH=$PATH yarn install --pure-lockfile - sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.5/bin/bundle exec rails assets:clean - sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.5/bin/bundle exec rails assets:precompile - sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.5/bin/bundle exec rails db:migrate - sudo -u "$app" env PATH=$PATH RAILS_ENV=production bin/tootctl cache clear + bundle config deployment 'true' + bundle config without 'development test' + bundle install -j$(getconf _NPROCESSORS_ONLN) + yarn install --pure-lockfile + RAILS_ENV=production bundle exec rails assets:clean + RAILS_ENV=production bundle exec rails assets:precompile + RAILS_ENV=production bundle exec rails db:migrate + RAILS_ENV=production bin/tootctl cache clear popd -# If vapid_private_key doesn't exist, retrieve it or create it -#if [[ -z "$vapid_private_key" ]]; then -# sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.0/bin/bundle exec rake mastodon:webpush:generate_vapid_key > key.txt -# vapid_private_key=$(grep -oP "VAPID_PRIVATE_KEY=\K.+" "$final_path/live/key.txt") -# vapid_public_key=$(grep -oP "VAPID_PUBLIC_KEY=\K.+" "$final_path/live/key.txt") -# ynh_app_setting_set "$app" vapid_private_key "$vapid_private_key" -# ynh_app_setting_set "$app" vapid_public_key "$vapid_public_key" -# ynh_secure_remove "$final_path/live/key.txt" -# ynh_replace_string "__VAPID_PRIVATE_KEY__" "$vapid_private_key" "${final_path}/live/.env.production" -# ynh_replace_string "__VAPID_PUBLIC_KEY__" "$vapid_public_key" "${final_path}/live/.env.production" -#fi - # Recalculate and store the checksum of the file for the next upgrade. -ynh_store_file_checksum --file="${final_path}/live/.env.production" +ynh_store_file_checksum --file="$config" #================================================= # SETUP CRON JOB FOR REMOVING CACHE @@ -314,8 +307,7 @@ ynh_store_file_checksum --file="${final_path}/live/.env.production" ynh_script_progression --message="Setuping a cron job for removing cache..." --weight=1 ynh_replace_string --match_string="__FINAL_PATH__" --replace_string="$final_path" --target_file="../conf/cron" -ynh_replace_string --match_string="__USER__" --replace_string="$app" --target_file="../conf/cron" -sudo cp -f ../conf/cron /etc/cron.d/$app +cp -f ../conf/cron /etc/cron.d/$app #================================================= # SETUP SYSTEMD @@ -323,11 +315,13 @@ sudo cp -f ../conf/cron /etc/cron.d/$app ynh_script_progression --message="Upgrading systemd configuration..." --weight=13 # Create a dedicated systemd config -ynh_replace_string --match_string="__PORT_WEB__" --replace_string="$port_web" --target_file="../conf/mastodon-web.service" +ynh_replace_string --match_string="__PORT_WEB__" --replace_string="$port_web" --target_file="../conf/mastodon-web.service" +ynh_replace_string --match_string="__RBENVROOT__" --replace_string="$RBENV_ROOT" --target_file="../conf/mastodon-web.service" +ynh_replace_string --match_string="__RBENVROOT__" --replace_string="$RBENV_ROOT" --target_file="../conf/mastodon-sidekiq.service" ynh_replace_string --match_string="__PORT_STREAM__" --replace_string="$port_stream" --target_file="../conf/mastodon-streaming.service" ynh_replace_string --match_string="__NODEJS_PATH__" --replace_string="$nodejs_path" --target_file="../conf/mastodon-streaming.service" -ynh_add_systemd_config --service="$app-web" --template="mastodon-web.service" -ynh_add_systemd_config --service="$app-sidekiq" --template="mastodon-sidekiq.service" +ynh_add_systemd_config --service="$app-web" --template="mastodon-web.service" +ynh_add_systemd_config --service="$app-sidekiq" --template="mastodon-sidekiq.service" ynh_add_systemd_config --service="$app-streaming" --template="mastodon-streaming.service" #================================================= diff --git a/scripts/ynh_add_extra_apt_repos__3 b/scripts/ynh_add_extra_apt_repos__3 deleted file mode 100644 index 3276f00..0000000 --- a/scripts/ynh_add_extra_apt_repos__3 +++ /dev/null @@ -1,294 +0,0 @@ -#!/bin/bash - -# Pin a repository. -# -# usage: ynh_pin_repo --package=packages --pin=pin_filter [--priority=priority_value] [--name=name] [--append] -# | arg: -p, --package - Packages concerned by the pin. Or all, *. -# | arg: -i, --pin - Filter for the pin. -# | arg: -p, --priority - Priority for the pin -# | arg: -n, --name - Name for the files for this repo, $app as default value. -# | arg: -a, --append - Do not overwrite existing files. -# -# See https://manpages.debian.org/stretch/apt/apt_preferences.5.en.html for information about pinning. -# -ynh_pin_repo () { - # Declare an array to define the options of this helper. - local legacy_args=pirna - declare -Ar args_array=( [p]=package= [i]=pin= [r]=priority= [n]=name= [a]=append ) - local package - local pin - local priority - local name - local append - # Manage arguments with getopts - ynh_handle_getopts_args "$@" - package="${package:-*}" - priority=${priority:-50} - name="${name:-$app}" - append=${append:-0} - - if [ $append -eq 1 ] - then - append="tee -a" - else - append="tee" - fi - - mkdir -p "/etc/apt/preferences.d" - echo "Package: $package -Pin: $pin -Pin-Priority: $priority" \ - | $append "/etc/apt/preferences.d/$name" -} - -# Add a repository. -# -# usage: ynh_add_repo --uri=uri --suite=suite --component=component [--name=name] [--append] -# | arg: -u, --uri - Uri of the repository. -# | arg: -s, --suite - Suite of the repository. -# | arg: -c, --component - Component of the repository. -# | arg: -n, --name - Name for the files for this repo, $app as default value. -# | arg: -a, --append - Do not overwrite existing files. -# -# Example for a repo like deb http://forge.yunohost.org/debian/ stretch stable -# uri suite component -# ynh_add_repo --uri=http://forge.yunohost.org/debian/ --suite=stretch --component=stable -# -ynh_add_repo () { - # Declare an array to define the options of this helper. - local legacy_args=uscna - declare -Ar args_array=( [u]=uri= [s]=suite= [c]=component= [n]=name= [a]=append ) - local uri - local suite - local component - local name - local append - # Manage arguments with getopts - ynh_handle_getopts_args "$@" - name="${name:-$app}" - append=${append:-0} - - if [ $append -eq 1 ] - then - append="tee -a" - else - append="tee" - fi - - mkdir -p "/etc/apt/sources.list.d" - # Add the new repo in sources.list.d - echo "deb $uri $suite $component" \ - | $append "/etc/apt/sources.list.d/$name.list" -} - -# Add an extra repository correctly, pin it and get the key. -# -# usage: ynh_install_extra_repo --repo="repo" [--key=key_url] [--priority=priority_value] [--name=name] [--append] -# | arg: -r, --repo - Complete url of the extra repository. -# | arg: -k, --key - url to get the public key. -# | arg: -p, --priority - Priority for the pin -# | arg: -n, --name - Name for the files for this repo, $app as default value. -# | arg: -a, --append - Do not overwrite existing files. -ynh_install_extra_repo () { - # Declare an array to define the options of this helper. - local legacy_args=rkpna - declare -Ar args_array=( [r]=repo= [k]=key= [p]=priority= [n]=name= [a]=append ) - local repo - local key - local priority - local name - local append - # Manage arguments with getopts - ynh_handle_getopts_args "$@" - name="${name:-$app}" - append=${append:-0} - key=${key:-0} - priority=${priority:-} - - if [ $append -eq 1 ] - then - append="--append" - wget_append="tee -a" - else - append="" - wget_append="tee" - fi - - # Split the repository into uri, suite and components. - # Remove "deb " at the beginning of the repo. - repo="${repo#deb }" - - # Get the uri - local uri="$(echo "$repo" | awk '{ print $1 }')" - - # Get the suite - local suite="$(echo "$repo" | awk '{ print $2 }')" - - # Get the components - local component="${repo##$uri $suite }" - - # Add the repository into sources.list.d - ynh_add_repo --uri="$uri" --suite="$suite" --component="$component" --name="$name" $append - - # Pin the new repo with the default priority, so it won't be used for upgrades. - # Build $pin from the uri without http and any sub path - local pin="${uri#*://}" - pin="${pin%%/*}" - # Set a priority only if asked - if [ -n "$priority" ] - then - priority="--priority=$priority" - fi - ynh_pin_repo --package="*" --pin="origin \"$pin\"" $priority --name="$name" $append - - # Get the public key for the repo - if [ -n "$key" ] - then - mkdir -p "/etc/apt/trusted.gpg.d" - wget -q "$key" -O - | gpg --dearmor | $wget_append /etc/apt/trusted.gpg.d/$name.gpg > /dev/null - fi - - # Update the list of package with the new repo - ynh_package_update -} - -# Remove an extra repository and the assiociated configuration. -# -# usage: ynh_remove_extra_repo [--name=name] -# | arg: -n, --name - Name for the files for this repo, $app as default value. -ynh_remove_extra_repo () { - # Declare an array to define the options of this helper. - local legacy_args=n - declare -Ar args_array=( [n]=name= ) - local name - # Manage arguments with getopts - ynh_handle_getopts_args "$@" - name="${name:-$app}" - - ynh_secure_remove "/etc/apt/sources.list.d/$name.list" - ynh_secure_remove "/etc/apt/preferences.d/$name" - ynh_secure_remove "/etc/apt/trusted.gpg.d/$name.gpg" - ynh_secure_remove "/etc/apt/trusted.gpg.d/$name.asc" - - # Update the list of package to exclude the old repo - ynh_package_update -} - -# Install packages from an extra repository properly. -# -# usage: ynh_install_extra_app_dependencies --repo="repo" --package="dep1 dep2" [--key=key_url] [--name=name] -# | arg: -r, --repo - Complete url of the extra repository. -# | arg: -p, --package - The packages to install from this extra repository -# | arg: -k, --key - url to get the public key. -# | arg: -n, --name - Name for the files for this repo, $app as default value. -ynh_install_extra_app_dependencies () { - # Declare an array to define the options of this helper. - local legacy_args=rpkn - declare -Ar args_array=( [r]=repo= [p]=package= [k]=key= [n]=name= ) - local repo - local package - local key - local name - # Manage arguments with getopts - ynh_handle_getopts_args "$@" - name="${name:-$app}" - key=${key:-0} - - # Set a key only if asked - if [ -n "$key" ] - then - key="--key=$key" - fi - # Add an extra repository for those packages - ynh_install_extra_repo --repo="$repo" $key --priority=995 --name=$name - - # Install requested dependencies from this extra repository. - ynh_add_app_dependencies --package="$package" - - # Remove this extra repository after packages are installed - ynh_remove_extra_repo --name=$app -} - -#================================================= - -# patched version of ynh_install_app_dependencies to be used with ynh_add_app_dependencies - -# Define and install dependencies with a equivs control file -# This helper can/should only be called once per app -# -# usage: ynh_install_app_dependencies dep [dep [...]] -# | arg: dep - the package name to install in dependence -# You can give a choice between some package with this syntax : "dep1|dep2" -# Example : ynh_install_app_dependencies dep1 dep2 "dep3|dep4|dep5" -# This mean in the dependence tree : dep1 & dep2 & (dep3 | dep4 | dep5) -# -# Requires YunoHost version 2.6.4 or higher. -ynh_install_app_dependencies () { - local dependencies=$@ - dependencies="$(echo "$dependencies" | sed 's/\([^\<=\>]\)\ \([^(]\)/\1, \2/g')" - dependencies=${dependencies//|/ | } - local manifest_path="../manifest.json" - if [ ! -e "$manifest_path" ]; then - manifest_path="../settings/manifest.json" # Into the restore script, the manifest is not at the same place - fi - - local version=$(grep '\"version\": ' "$manifest_path" | cut -d '"' -f 4) # Retrieve the version number in the manifest file. - if [ ${#version} -eq 0 ]; then - version="1.0" - fi - local dep_app=${app//_/-} # Replace all '_' by '-' - - # Handle specific versions - if [[ "$dependencies" =~ [\<=\>] ]] - then - # Replace version specifications by relationships syntax - # https://www.debian.org/doc/debian-policy/ch-relationships.html - # Sed clarification - # [^(\<=\>] ignore if it begins by ( or < = >. To not apply twice. - # [\<=\>] matches < = or > - # \+ matches one or more occurence of the previous characters, for >= or >>. - # [^,]\+ matches all characters except ',' - # Ex: package>=1.0 will be replaced by package (>= 1.0) - dependencies="$(echo "$dependencies" | sed 's/\([^(\<=\>]\)\([\<=\>]\+\)\([^,]\+\)/\1 (\2 \3)/g')" - fi - - cat > /tmp/${dep_app}-ynh-deps.control << EOF # Make a control file for equivs-build -Section: misc -Priority: optional -Package: ${dep_app}-ynh-deps -Version: ${version} -Depends: ${dependencies} -Architecture: all -Description: Fake package for $app (YunoHost app) dependencies - This meta-package is only responsible of installing its dependencies. -EOF - ynh_package_install_from_equivs /tmp/${dep_app}-ynh-deps.control \ - || ynh_die --message="Unable to install dependencies" # Install the fake package and its dependencies - rm /tmp/${dep_app}-ynh-deps.control - ynh_app_setting_set --app=$app --key=apt_dependencies --value="$dependencies" -} - -ynh_add_app_dependencies () { - # Declare an array to define the options of this helper. - local legacy_args=pr - declare -Ar args_array=( [p]=package= [r]=replace) - local package - local replace - # Manage arguments with getopts - ynh_handle_getopts_args "$@" - replace=${replace:-0} - - local current_dependencies="" - if [ $replace -eq 0 ] - then - local dep_app=${app//_/-} # Replace all '_' by '-' - if ynh_package_is_installed --package="${dep_app}-ynh-deps" - then - current_dependencies="$(dpkg-query --show --showformat='${Depends}' ${dep_app}-ynh-deps) " - fi - - current_dependencies=${current_dependencies// | /|} - fi - - ynh_install_app_dependencies "${current_dependencies}${package}" -} |