[config] / bullseye / setup_scripts / setup_microblogpub.sh

#!/bin/sh
set -e
set -x

if [ "$#" -ne 2 ]; then
    echo 'Need domain name and mail.'
    false
fi
domain="$1"
mail="$2"

# Install configs, set up firewall.
config_tree_prefix="${HOME}/config/bullseye"
./install_for_target.sh web microblogpub
./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" web microblogpub
apt update  # since we just updated /etc/apt/sources.list
nft -f /etc/nftables.conf

# Set up letsencrypt certificate. TODO: Is it auto-renewed?
ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default
certbot --nginx --agree-tos --redirect --no-eff-email -m "${mail}" -d "${domain}"
rm /etc/nginx/sites-enabled/default

# Install Python >=3.10 from source (Bullseye only has 3.9).
python_version=3.11.1
python_dirname="Python-${python_version}"
su -lc "wget https://www.python.org/ftp/python/${python_version}/${python_dirname}.tgz" plom
su -lc "tar -xvf ${python_dirname}.tgz" plom
su -lc "cd /home/plom/${python_dirname} && ./configure --enable-optimizations && make && make test"
cd /home/plom/${python_dirname}/
make altinstall
cd
# TODO delete python build dir
su -lc "curl -sSL https://install.python-poetry.org | python3" - plom
su -lc "git clone https://git.sr.ht/~tsileo/microblog.pub testing.microblog.pub" - plom
su -lc "poetry config installer.parallel false" - plom
su -lc "cd testing.microblog.pub && poetry install" - plom
su -lc "cd testing.microblog.pub && poetry run inv configuration-wizard" - plom
su -lc "cd testing.microblog.pub && poetry run inv migrate-db" - plom
# VENV_DIR=/home/ubuntu/.cache/pypoetry/virtualenvs/microblogpub-chx-y1oE-py3.10 poetry run supervisord -c misc/supervisord.conf -n

# Prepare and start NGINX config.
sed -i "s/REPLACE_fqdn_ECALPER/${domain}/g" /etc/nginx/sites-available/microblogpub.nginx
ln -s /etc/nginx/sites-available/microblogpub.nginx /etc/nginx/sites-enabled/microblogpub.nginx
service nginx restart