X-Git-Url: https://plomlompom.com/repos/?a=blobdiff_plain;f=buster%2Fsetup_scripts%2Fsetup_pleroma.sh;h=fc30e1d9fe7a563e158356ca5add568bf5f221a7;hb=ba8f6a77e877febdc3fa51b177ce49b6c07ac83a;hp=ef736e856ca2960e0cbd2942a9a56696cebdacd3;hpb=1df3fbaf3e6c8a4f4be1f552b87f4227136de4e6;p=config diff --git a/buster/setup_scripts/setup_pleroma.sh b/buster/setup_scripts/setup_pleroma.sh index ef736e8..fc30e1d 100755 --- a/buster/setup_scripts/setup_pleroma.sh +++ b/buster/setup_scripts/setup_pleroma.sh @@ -12,17 +12,19 @@ mail="$2" # Install dependencies, set up firewall. config_tree_prefix="${HOME}/config/buster" ./install_for_target.sh pleroma -./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" all "$@" +./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" web nft -f /etc/nftables.conf # Set up letsencrypt certificate. TODO: Is it auto-renewed? +ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default certbot --nginx --agree-tos --redirect --no-eff-email -m "${mail}" -d "${domain}" +rm /etc/nginx/sites-enabled/default -# Prepare user and system info. +# Prepare user. adduser --system --shell /bin/false --home /opt/pleroma pleroma -export FLAVOUR='amd64' # Download and unzip latest stable release, set up Pleroma dirs. +export FLAVOUR='amd64' su pleroma -s $SHELL -lc " curl 'https://git.pleroma.social/api/v4/projects/2/jobs/artifacts/stable/download?job=$FLAVOUR' -o /tmp/pleroma.zip unzip /tmp/pleroma.zip -d /tmp/ @@ -38,31 +40,45 @@ mkdir -p /etc/pleroma chown -R pleroma /etc/pleroma # Configure and set up DB. -su pleroma -s $SHELL -lc './bin/pleroma_ctl instance gen '\ - '--output /etc/pleroma/config.exs '\ - '--output-psql /tmp/setup_db.psql' \ - "--domain ${domain}" \ - '--instance-name plom-roma' \ - "--admin-email ${mail}" \ - "--notify-email ${mail}" \ - '--dbhost localhost' \ - '--dbname pleroma' \ - '--dbuser pleroma' \ - "--dbpass $(pwgen -s 100 1)" \ - '--rum N' \ - '--indexable N' \ - '--uploads-dir /var/lib/pleroma/uploads' \ - '--static-dir /var/lib/pleroma/static' \ - '--listen-ip 127.0.0.1' \ - '--listen-port 4000' +su pleroma -s $SHELL -lc "./bin/pleroma_ctl instance gen \ +--output /etc/pleroma/config.exs \ +--output-psql /tmp/setup_db.psql \ +--domain ${domain} \ +--instance-name plom-roma \ +--admin-email ${mail} \ +--notify-email ${mail} \ +--dbhost localhost \ +--dbname pleroma \ +--dbuser pleroma \ +--rum N \ +--indexable N \ +--uploads-dir /var/lib/pleroma/uploads \ +--static-dir /var/lib/pleroma/static \ +--listen-ip 127.0.0.1 \ +--listen-port 4000 \ +--dbpass $(pwgen -s 100 1)" su postgres -s $SHELL -lc "psql -f /tmp/setup_db.psql" su pleroma -s $SHELL -lc "./bin/pleroma_ctl migrate" +# Since the OTP release does not support .secret.exs configuration +# files, we hack our own alternative by simply appending custom +# configurations to /etc/config.exs. +cat "${config_tree_prefix}/other_files/append_pleroma_config" >> /etc/pleroma/config.exs + +# Single-pixel picture hack for removing Pleroma FE images. +cp "${config_tree_prefix}/other_files/pixel.png" /var/lib/pleroma/static/ +chown pleroma:nogroup /var/lib/pleroma/static/pixel.png + +# Info panel and TOS. +mkdir -p /var/lib/pleroma/static/instance +mkdir -p /var/lib/pleroma/static/static +cp "${config_tree_prefix}/other_files/pleroma_panel.html" /var/lib/pleroma/static/instance/panel.html +cp "${config_tree_prefix}/other_files/pleroma_terms-of-service.html" /var/lib/pleroma/static/static/terms-of-service.html + # Prepare NGINX config for Pleroma. cp /opt/pleroma/installation/pleroma.nginx /etc/nginx/sites-available/pleroma.nginx sed -i "s/example\.tld/${domain}/g" /etc/nginx/sites-available/pleroma.nginx ln -s /etc/nginx/sites-available/pleroma.nginx /etc/nginx/sites-enabled/pleroma.nginx -rm /etc/nginx/sites-enabled/default # Systemd integration. cp /opt/pleroma/installation/pleroma.service /etc/systemd/system/pleroma.service