3 # Heavily inspired by <https://docs.pleroma.social/otp_en.html>
5 if [ "$#" -ne 2 ]; then
6 echo 'Need domain name, mail_address as arguments.'
12 # Install dependencies, set up firewall.
13 config_tree_prefix="${HOME}/config/buster"
14 ./install_for_target.sh pleroma
15 ./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" pleroma
16 nft -f /etc/nftables.conf
18 # Set up letsencrypt certificate. TODO: Is it auto-renewed?
19 certbot --nginx --agree-tos --redirect --no-eff-email -m "${mail}" -d "${domain}"
21 # Prepare user and system info.
22 adduser --system --shell /bin/false --home /opt/pleroma pleroma
23 export FLAVOUR='amd64'
25 # Download and unzip latest stable release, set up Pleroma dirs.
26 su pleroma -s $SHELL -lc "
27 curl 'https://git.pleroma.social/api/v4/projects/2/jobs/artifacts/stable/download?job=$FLAVOUR' -o /tmp/pleroma.zip
28 unzip /tmp/pleroma.zip -d /tmp/
30 su pleroma -s $SHELL -lc "
31 mv /tmp/release/* /opt/pleroma
35 mkdir -p /var/lib/pleroma/uploads
36 chown -R pleroma /var/lib/pleroma
38 chown -R pleroma /etc/pleroma
40 # Configure and set up DB.
41 su pleroma -s $SHELL -lc './bin/pleroma_ctl instance gen '\
42 '--output /etc/pleroma/config.exs' \
43 '--output-psql /tmp/setup_db.psql' \
44 "--domain ${domain}" \
45 '--instance-name plom-roma' \
46 "--admin-email ${mail}" \
47 "--notify-email ${mail}" \
48 '--dbhost localhost' \
51 "--dbpass $(pwgen -s 100 1)" \
54 '--uploads-dir /var/lib/pleroma/uploads' \
55 '--static-dir /var/lib/pleroma/static' \
56 '--listen-ip 127.0.0.1' \
58 su postgres -s $SHELL -lc "psql -f /tmp/setup_db.psql"
59 su pleroma -s $SHELL -lc "./bin/pleroma_ctl migrate"
61 # Prepare NGINX config for Pleroma.
62 cp /opt/pleroma/installation/pleroma.nginx /etc/nginx/sites-available/pleroma.nginx
63 sed -i "s/example\.tld/${domain}/g" /etc/nginx/sites-available/pleroma.nginx
64 ln -s /etc/nginx/sites-available/pleroma.nginx /etc/nginx/sites-enabled/pleroma.nginx
65 rm /etc/nginx/sites-enabled/default
67 # Systemd integration.
68 cp /opt/pleroma/installation/pleroma.service /etc/systemd/system/pleroma.service
69 systemctl start pleroma
70 systemctl enable pleroma
72 # Only restart NGINX with Pleroma running.