blob: cb647e711b8a03bb1914ef85c97aabec53684504 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
|
#!/bin/bash
source _common.sh
source /usr/share/yunohost/helpers
admin_mail=$(ynh_user_get_info --username=$admin --key=mail)
# Set `service` settings to support `yunohost app shell` command
ynh_app_setting_set --key=service --value="$app-web.service"
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression "Setting up source files..."
ynh_setup_source --dest_dir="$install_dir/live"
# Download redis migration script
ynh_setup_source --source_id=redis_migration --dest_dir="$install_dir/live"
chmod -R 775 "$install_dir"
chmod o-rwx "$install_dir"
chown -R $app:www-data "$install_dir"
#=================================================
# ADD SWAP IF NEEDED
#=================================================
ynh_script_progression "Adding swap if needed..."
total_memory=$(ynh_get_ram --total)
swap_needed=0
if [ $total_memory -lt $memory_needed ]; then
# Need a minimum of 2.5Go of memory
swap_needed=$(($memory_needed - $total_memory))
fi
ynh_script_progression "Adding $swap_needed Mo to swap..."
ynh_add_swap --size=$swap_needed
#=================================================
# ADD A CONFIGURATION
#=================================================
ynh_script_progression "Adding $app's configuration..."
config="$install_dir/live/.env.production"
language="$(echo $language | head -c 2)"
secret_key_base=$(ynh_string_random --length=128)
ynh_app_setting_set --key=secret_key_base --value="$secret_key_base"
otp_secret=$(ynh_string_random --length=128)
ynh_app_setting_set --key=otp_secret --value="$otp_secret"
# We need bundle exec rails to build vapid keys, we generate them later once the app is installed
vapid_private_key=""
vapid_public_key=""
# We need `bin/rails db:encryption:init` to generate fresh secrets, we generate them later once the app is installed
active_record_encryption_deterministic_key=""
active_record_encryption_key_derivation_salt=""
active_record_encryption_primary_key=""
ynh_config_add --template=".env.production.sample" --destination="$config"
#=================================================
# BUILD APP
#=================================================
ynh_script_progression "Building app..."
pushd "$install_dir/live"
gem update --system
gem install bundler -v '~> 2.7' --no-document
ynh_hide_warnings ynh_exec_as_app LD_PRELOAD=libjemalloc.so bin/bundle config deployment 'true'
ynh_hide_warnings ynh_exec_as_app LD_PRELOAD=libjemalloc.so bin/bundle config without 'development test'
ynh_hide_warnings ynh_exec_as_app LD_PRELOAD=libjemalloc.so bin/bundle config set force_ruby_platform true --quiet
ynh_hide_warnings ynh_exec_as_app LD_PRELOAD=libjemalloc.so bin/bundle install -j$(getconf _NPROCESSORS_ONLN)
env corepack enable
echo Y | ynh_exec_as_app yarn workspaces focus --production
ynh_exec_as_app yarn install --immutable
echo "SAFETY_ASSURED=1">> $config
# Generate vapid keys
ynh_hide_warnings ynh_exec_as_app RAILS_ENV=production LD_PRELOAD=libjemalloc.so bin/bundle exec rails mastodon:webpush:generate_vapid_key > vapid_key.txt
# Generate active record encryption
ynh_hide_warnings ynh_exec_as_app RAILS_ENV=production LD_PRELOAD=libjemalloc.so bin/bundle exec rails db:encryption:init > active_record_encryption.txt
popd
# Re-generate config with vapid keys and active record encryption
vapid_private_key=$(grep -oP "VAPID_PRIVATE_KEY=\K.+" "$install_dir/live/vapid_key.txt")
ynh_app_setting_set --key=vapid_private_key --value="$vapid_private_key"
vapid_public_key=$(grep -oP "VAPID_PUBLIC_KEY=\K.+" "$install_dir/live/vapid_key.txt")
ynh_app_setting_set --key=vapid_public_key --value="$vapid_public_key"
ynh_safe_rm "$install_dir/live/vapid_key.txt"
active_record_encryption_deterministic_key=$(grep -oP "ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=\K.+" "$install_dir/live/active_record_encryption.txt")
ynh_app_setting_set --key=active_record_encryption_deterministic_key --value="$active_record_encryption_deterministic_key"
active_record_encryption_key_derivation_salt=$(grep -oP "ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=\K.+" "$install_dir/live/active_record_encryption.txt")
ynh_app_setting_set --key=active_record_encryption_key_derivation_salt --value="$active_record_encryption_key_derivation_salt"
active_record_encryption_primary_key=$(grep -oP "ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY=\K.+" "$install_dir/live/active_record_encryption.txt")
ynh_app_setting_set --key=active_record_encryption_primary_key --value="$active_record_encryption_primary_key"
ynh_safe_rm "$install_dir/live/active_record_encryption.txt"
ynh_delete_file_checksum "$config"
ynh_config_add --template=".env.production.sample" --destination="$config"
pushd "$install_dir/live"
ynh_hide_warnings ynh_exec_as_app RAILS_ENV=production LD_PRELOAD=libjemalloc.so bin/bundle exec rails db:migrate --quiet
ynh_hide_warnings ynh_exec_as_app RAILS_ENV=production LD_PRELOAD=libjemalloc.so bin/bundle exec rails db:seed --quiet
ynh_hide_warnings ynh_exec_as_app RAILS_ENV=production LD_PRELOAD=libjemalloc.so bin/bundle exec rails assets:precompile --quiet
# Create the first admin user
ynh_hide_warnings ynh_exec_as_app RAILS_ENV=production LD_PRELOAD=libjemalloc.so bin/tootctl accounts create "$admin" --email="$admin_mail" --confirmed --role=Owner
ynh_hide_warnings ynh_exec_as_app RAILS_ENV=production LD_PRELOAD=libjemalloc.so bin/tootctl accounts approve "$admin"
popd
#=================================================
# SYSTEM CONFIGURATION
#=================================================
ynh_script_progression "Adding system configurations related to $app..."
# Create a dedicated NGINX config using the conf/nginx.conf template
ynh_config_add_nginx
# Create a dedicated systemd config
ynh_config_add_systemd --service="$app-web" --template="mastodon-web.service"
yunohost service add "$app-web" --description="$app web service"
ynh_config_add_systemd --service="$app-sidekiq" --template="mastodon-sidekiq.service"
yunohost service add "$app-sidekiq" --description="$app sidekiq service"
ynh_config_add_systemd --service="$app-streaming" --template="mastodon-streaming.service"
yunohost service add "$app-streaming" --description="$app streaming service"
# Create a cron file
ynh_config_add --template="cron" --destination="/etc/cron.d/$app"
# Use logrotate to manage application logfile(s)
mkdir -p /var/log/$app
ynh_config_add_logrotate
#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression "Starting all systemd services..."
ynh_systemctl --service=${app}-web --action="start" --log_path=/var/log/$app/$app-web.log #--wait_until="Listening on"
ynh_systemctl --service=${app}-sidekiq --action="start" --log_path=/var/log/$app/$app-sidekiq.log #--wait_until="Schedules Loaded"
ynh_systemctl --service=${app}-streaming --action="start" --log_path=/var/log/$app/$app-streaming.log #--wait_until="Streaming API now listening"
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression "Installation of $app completed"
|
