diff options
Diffstat (limited to 'scripts/install')
| -rw-r--r-- | scripts/install | 84 |
1 files changed, 36 insertions, 48 deletions
diff --git a/scripts/install b/scripts/install index caeec25..2fd4b23 100644 --- a/scripts/install +++ b/scripts/install @@ -17,7 +17,6 @@ domain=$YNH_APP_ARG_DOMAIN admin_mastodon=$YNH_APP_ARG_ADMIN admin_pass=$YNH_APP_ARG_PASSWD language=$YNH_APP_ARG_LANGUAGE -is_public=$YNH_APP_ARG_IS_PUBLIC app=$YNH_APP_INSTANCE_NAME @@ -33,7 +32,9 @@ ynh_app_setting_set $app domain $domain ynh_app_setting_set $app admin $admin_mastodon ynh_app_setting_set $app pass $admin_pass ynh_app_setting_set $app language $language -ynh_app_setting_set $app is_public $is_public + +[[ ${#admin_pass} -gt 8 ]] || ynh_die \ +"The password is too weak, it must be longer than 8 characters" # Create user unix sudo adduser $app --home /opt/$app --gecos "First Last,RoomNumber,WorkPhone,HomePhone" --disabled-password --disabled-login @@ -72,33 +73,32 @@ ynh_package_install yarn # Set UTF8 encoding by default sudo su -c "psql" postgres <<< \ - "update pg_database set datistemplate='false' where datname='template1';" + "update pg_database set datistemplate='false' where datname='template1';" sudo su -c "psql" postgres <<< \ - "drop database template1;" + "drop database template1;" sudo su -c "psql" postgres <<< \ - "create database template1 encoding='UTF8' template template0;" + "create database template1 encoding='UTF8' template template0;" sudo su -c "psql" postgres <<< \ - "update pg_database set datistemplate='true' where datname='template1';" + "update pg_database set datistemplate='true' where datname='template1';" # Create DB without password ynh_psql_create_db_without_password "$app" sudo systemctl restart postgresql -# Download all Ruby source +# Download all sources rbenv, ruby and mastodon sudo su - $app <<CLONECOMMANDS git clone https://github.com/rbenv/rbenv.git $final_path/.rbenv git clone https://github.com/rbenv/ruby-build.git $final_path/.rbenv/plugins/ruby-build git clone https://github.com/tootsuite/mastodon.git $final_path/live CLONECOMMANDS +# Switch to tagged release +cd $final_path/live +sudo git checkout $(git tag | tail -n 1) + # Be king rewind (/var/cache/yunohost/from_file/scripts) popd -# Get Mastodon last version -# sudo mkdir "${final_path}/live" -# SETUP_SOURCE -# sudo chown -R $app: "${final_path}" - # Install de rbenv sudo su - $app <<COMMANDS pushd ~/.rbenv @@ -137,9 +137,12 @@ sudo sed -i "s@LOCAL_DOMAIN=example.com@LOCAL_DOMAIN=${domain}@g" "${final_path} language="$(echo $language | head -c 2)" sudo sed -i "s@# DEFAULT_LOCALE=de@DEFAULT_LOCALE=${language}@g" "${final_path}/live/.env.production" -sudo sed -i "s@PAPERCLIP_SECRET=@PAPERCLIP_SECRET=$(head -n128 /dev/urandom | tr -dc -d 'a-z0-9' | head -c128)@g" "${final_path}/live/.env.production" -sudo sed -i "s@SECRET_KEY_BASE=@SECRET_KEY_BASE=$(head -n128 /dev/urandom | tr -dc -d 'a-z0-9' | head -c128)@g" "${final_path}/live/.env.production" -sudo sed -i "s@OTP_SECRET=@OTP_SECRET=$(head -n128 /dev/urandom | tr -dc -d 'a-z0-9' | head -c128)@g" "${final_path}/live/.env.production" +paperclip_secret=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128) +secret_key_base=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128) +otp_secret=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128) +sudo sed -i "s@PAPERCLIP_SECRET=@PAPERCLIP_SECRET=${paperclip_secret}@g" "${final_path}/live/.env.production" +sudo sed -i "s@SECRET_KEY_BASE=@SECRET_KEY_BASE=${secret_key_base}@g" "${final_path}/live/.env.production" +sudo sed -i "s@OTP_SECRET=@OTP_SECRET=${otp_secret}@g" "${final_path}/live/.env.production" sudo sed -i 's,SMTP_LOGIN=,SMTP_LOGIN='${admin_mastodon}'@'${domain}',' "${final_path}/live/.env.production" sudo sed -i "s@SMTP_PASSWORD=@SMTP_PASSWORD=${admin_pass}@g" "${final_path}/live/.env.production" @@ -162,7 +165,7 @@ type rbenv BCOMMANDS # Add Services -pushd $(popd) +popd sudo cp ../conf/mastodon-web.service /etc/systemd/system/mastodon-web.service sudo chown root: /etc/systemd/system/mastodon-web.service @@ -182,6 +185,21 @@ sudo yunohost service add mastodon-web sudo yunohost service add mastodon-sidekiq sudo yunohost service add mastodon-streaming +# Create user +sudo su - $app <<UCOMMANDS +pushd ~/live +RAILS_ENV=production bundle exec rails c +account = Account.create!(username: '$admin_mastodon') +user = User.create!(email: '$admin_mastodon@$domain', password: '$admin_pass', account: account) +UCOMMANDS + +# Create administrator & confirm user +sudo su - $app <<ACOMMANDS +pushd ~/live +RAILS_ENV=production bin/bundle exec rails mastodon:make_admin USERNAME=$admin_mastodon +RAILS_ENV=production bin/bundle exec rails mastodon:confirm_email USER_EMAIL=$admin_mastodon@$domain +ACOMMANDS + # Copy nginx config sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf @@ -189,41 +207,11 @@ sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf sudo cp ../conf/crontab_mastodon /etc/cron.d/$app sudo sed -i "s@__APP__@$app@g" /etc/cron.d/$app -# Private or not -if [ "$is_public" = "Yes" ]; -then - sudo sed -i "s@#--PRIVATE--@@g" /etc/nginx/conf.d/$domain.d/$app.conf -fi - -# Setup SSOwat -ynh_app_setting_set "$app" is_public "$is_public" -if [ "$is_public" = "Yes" ]; -then - ynh_app_setting_set "$app" unprotected_uris "/" -fi +# Unprotected url +ynh_app_setting_set "$app" unprotected_uris "/" # Reload SSOwat configuration sudo yunohost app ssowatconf # Reload Nginx sudo systemctl reload nginx - -# all services start, please -sleep 30 - -# Mastodon need a user for creating an administator account -# rake create user is not up for the moment -# See PR: https://github.com/tootsuite/mastodon/pull/1482 -CREATE_USER - -# Create admin user -# Create confirm email -sudo su - $app <<ACOMMANDS -pushd ~/live - -# RAILS_ENV=production bin/bundle exec rails mastodon:make_admin USERNAME=$admin_mastodon -# RAILS_ENV=production bin/bundle exec rails mastodon:confirm_email USER_EMAIL=$admin_mastodon@$domain -ACOMMANDS - -# Restart crontab -sudo systemctl restart cron
\ No newline at end of file |