162 lines
7 KiB
Bash
162 lines
7 KiB
Bash
#!/bin/bash
|
|
|
|
source _common.sh
|
|
source ynh_add_swap
|
|
source /usr/share/yunohost/helpers
|
|
|
|
admin_mail=$(ynh_user_get_info --username=$admin --key=mail)
|
|
# Set `service` settings to support `yunohost app shell` command
|
|
ynh_app_setting_set --key=service --value="$app-web.service"
|
|
|
|
#=================================================
|
|
# APP "BUILD" (DEPLOYING SOURCES, VENV, COMPILING ETC)
|
|
#=================================================
|
|
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
|
#=================================================
|
|
ynh_script_progression "Setting up source files..."
|
|
|
|
ynh_setup_source --dest_dir="$install_dir/live"
|
|
|
|
chmod -R 775 "$install_dir"
|
|
chmod o-rwx "$install_dir"
|
|
chown -R $app:www-data "$install_dir"
|
|
|
|
#=================================================
|
|
# INSTALL DEPENDENCIES
|
|
#=================================================
|
|
ynh_script_progression "Installing Ruby and NodeJS..."
|
|
|
|
ynh_ruby_install
|
|
ynh_nodejs_install
|
|
|
|
#=================================================
|
|
# ADD SWAP IF NEEDED
|
|
#=================================================
|
|
ynh_script_progression "Adding swap if needed..."
|
|
|
|
total_memory=$(ynh_get_ram --total)
|
|
swap_needed=0
|
|
|
|
if [ $total_memory -lt $memory_needed ]; then
|
|
# Need a minimum of 2.5Go of memory
|
|
swap_needed=$(($memory_needed - $total_memory))
|
|
fi
|
|
|
|
ynh_script_progression "Adding $swap_needed Mo to swap..."
|
|
|
|
ynh_add_swap --size=$swap_needed
|
|
|
|
#=================================================
|
|
# ADD A CONFIGURATION
|
|
#=================================================
|
|
ynh_script_progression "Adding $app's configuration..."
|
|
|
|
config="$install_dir/live/.env.production"
|
|
|
|
language="$(echo $language | head -c 2)"
|
|
|
|
secret_key_base=$(ynh_string_random --length=128)
|
|
ynh_app_setting_set --key=secret_key_base --value="$secret_key_base"
|
|
|
|
otp_secret=$(ynh_string_random --length=128)
|
|
ynh_app_setting_set --key=otp_secret --value="$otp_secret"
|
|
|
|
# We need bundle exec rails to build vapid keys, we generate them later once the app is installed
|
|
vapid_private_key=""
|
|
vapid_public_key=""
|
|
|
|
# We need `bin/rails db:encryption:init` to generate fresh secrets, we generate them later once the app is installed
|
|
active_record_encryption_deterministic_key=""
|
|
active_record_encryption_key_derivation_salt=""
|
|
active_record_encryption_primary_key=""
|
|
|
|
ynh_config_add --template=".env.production.sample" --destination="$config"
|
|
|
|
#=================================================
|
|
# BUILD APP
|
|
#=================================================
|
|
ynh_script_progression "Building app..."
|
|
|
|
pushd "$install_dir/live"
|
|
# Building ruby packages
|
|
|
|
gem update --system
|
|
gem install bundler --no-document
|
|
ynh_exec_as_app $ld_preload bin/bundle config deployment 'true'
|
|
ynh_exec_as_app $ld_preload bin/bundle config without 'development test'
|
|
ynh_exec_as_app $ld_preload bin/bundle config set force_ruby_platform true --quiet
|
|
ynh_exec_as_app $ld_preload bin/bundle install -j$(getconf _NPROCESSORS_ONLN)
|
|
|
|
env node_load_PATH corepack enable
|
|
echo Y | ynh_hide_warnings ynh_exec_as_app yarn workspaces focus --production
|
|
ynh_hide_warnings ynh_exec_as_app yarn install --immutable
|
|
echo "SAFETY_ASSURED=1">> $config
|
|
# Generate vapid keys
|
|
ynh_hide_warnings ynh_exec_as_app RAILS_ENV=production $ld_preload bin/bundle exec rails mastodon:webpush:generate_vapid_key > vapid_key.txt
|
|
# Generate active record encryption
|
|
ynh_hide_warnings ynh_exec_as_app RAILS_ENV=production $ld_preload bin/bundle exec rails db:encryption:init > active_record_encryption.txt
|
|
popd
|
|
|
|
# Re-generate config with vapid keys and active record encryption
|
|
vapid_private_key=$(grep -oP "VAPID_PRIVATE_KEY=\K.+" "$install_dir/live/vapid_key.txt")
|
|
ynh_app_setting_set --key=vapid_private_key --value="$vapid_private_key"
|
|
vapid_public_key=$(grep -oP "VAPID_PUBLIC_KEY=\K.+" "$install_dir/live/vapid_key.txt")
|
|
ynh_app_setting_set --key=vapid_public_key --value="$vapid_public_key"
|
|
ynh_safe_rm "$install_dir/live/vapid_key.txt"
|
|
active_record_encryption_deterministic_key=$(grep -oP "ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=\K.+" "$install_dir/live/active_record_encryption.txt")
|
|
ynh_app_setting_set --key=active_record_encryption_deterministic_key --value="$active_record_encryption_deterministic_key"
|
|
active_record_encryption_key_derivation_salt=$(grep -oP "ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=\K.+" "$install_dir/live/active_record_encryption.txt")
|
|
ynh_app_setting_set --key=active_record_encryption_key_derivation_salt --value="$active_record_encryption_key_derivation_salt"
|
|
active_record_encryption_primary_key=$(grep -oP "ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY=\K.+" "$install_dir/live/active_record_encryption.txt")
|
|
ynh_app_setting_set --key=active_record_encryption_primary_key --value="$active_record_encryption_primary_key"
|
|
ynh_safe_rm "$install_dir/live/active_record_encryption.txt"
|
|
ynh_delete_file_checksum "$config"
|
|
ynh_config_add --template=".env.production.sample" --destination="$config"
|
|
|
|
pushd "$install_dir/live"
|
|
ynh_hide_warnings ynh_exec_as_app RAILS_ENV=production $ld_preload bin/bundle exec rails db:migrate --quiet
|
|
ynh_hide_warnings ynh_exec_as_app RAILS_ENV=production $ld_preload bin/bundle exec rails assets:precompile --quiet
|
|
# Create the first admin user
|
|
ynh_hide_warnings ynh_exec_as_app RAILS_ENV=production $ld_preload bin/tootctl accounts create "$admin" --email="$admin_mail" --confirmed --role=Owner > /dev/null
|
|
ynh_hide_warnings ynh_exec_as_app RAILS_ENV=production $ld_preload bin/tootctl accounts approve "$admin" > /dev/null
|
|
popd
|
|
|
|
#=================================================
|
|
# SYSTEM CONFIGURATION
|
|
#=================================================
|
|
ynh_script_progression "Adding system configurations related to $app..."
|
|
|
|
# Create a dedicated NGINX config using the conf/nginx.conf template
|
|
ynh_config_add_nginx
|
|
|
|
# Create a dedicated systemd config
|
|
ynh_config_add_systemd --service="$app-web" --template="mastodon-web.service"
|
|
yunohost service add "$app-web" --description="$app web service"
|
|
|
|
ynh_config_add_systemd --service="$app-sidekiq" --template="mastodon-sidekiq.service"
|
|
yunohost service add "$app-sidekiq" --description="$app sidekiq service"
|
|
|
|
ynh_config_add_systemd --service="$app-streaming" --template="mastodon-streaming.service"
|
|
yunohost service add "$app-streaming" --description="$app streaming service"
|
|
|
|
# Create a cron file
|
|
ynh_config_add --template="cron" --destination="/etc/cron.d/$app"
|
|
|
|
# Use logrotate to manage application logfile(s)
|
|
mkdir -p /var/log/$app
|
|
ynh_config_add_logrotate
|
|
|
|
#=================================================
|
|
# START SYSTEMD SERVICE
|
|
#=================================================
|
|
ynh_script_progression "Starting all systemd services..."
|
|
|
|
ynh_systemctl --service=${app}-web --action="start" --log_path=/var/log/$app/$app-web.log --wait_until="Listening on"
|
|
ynh_systemctl --service=${app}-sidekiq --action="start" --log_path=/var/log/$app/$app-sidekiq.log --wait_until="Schedules Loaded"
|
|
ynh_systemctl --service=${app}-streaming --action="start" --log_path=/var/log/$app/$app-streaming.log --wait_until="Streaming API now listening"
|
|
|
|
#=================================================
|
|
# END OF SCRIPT
|
|
#=================================================
|
|
|
|
ynh_script_progression "Installation of $app completed"
|