./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" web
nft -f /etc/nftables.conf
-# Set up letsencrypt certificate. TODO: Is it auto-renewed?
-ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default
-certbot --nginx --agree-tos --redirect --no-eff-email -m "${mail}" -d "${domain}"
-rm /etc/nginx/sites-enabled/default
-
# Prepare user.
-adduser --system --group --shell /bin/false --home /opt/pleroma pleroma
+adduser --system --group --shell /bin/false --home /var/lib/pleroma pleroma
# TODO: integrate this into apt-mark/pleroma
apt -y install build-essential #elixir erlang-dev erlang-tools erlang-parsetools erlang-eldap erlang-ssh erlang-xmerl build-essential
# Not listed by doc.
-apt -y install wget #erlang-inets erlnag-erlware-commons
+apt -y install wget gnupg #erlang-inets erlnag-erlware-commons
wget -P /tmp/ https://packages.erlang-solutions.com/erlang-solutions_1.0_all.deb
dpkg -i /tmp/erlang-solutions_1.0_all.deb
su pleroma -s $SHELL -lc 'git clone -b develop https://git.pleroma.social/pleroma/pleroma /opt/pleroma'
su pleroma -s $SHELL -lc 'mix local.hex --force'
su pleroma -s $SHELL -lc 'mix local.rebar --force'
-su pleroma -s $SHELL -lc 'mix deps.get'
-su pleroma -s $SHELL -lc "mix pleroma.instance gen \
---output /etc/pleroma/config.exs \
+su pleroma -s $SHELL -lc "cd /opt/pleroma &&\
+mix deps.get &&\
+mix pleroma.instance gen \
+--output config/generated_config.exs \
--output-psql /tmp/setup_db.psql \
--domain ${domain} \
--instance-name plom-roma \
--dbhost localhost \
--dbname pleroma \
--dbuser pleroma \
+--db-configurable N \
--rum N \
--indexable N \
--uploads-dir /var/lib/pleroma/uploads \
--static-dir /var/lib/pleroma/static \
--listen-ip 127.0.0.1 \
--listen-port 4000 \
---dbpass $(pwgen -s 100 1)"
-su pleroma -s $SHELL -lc 'mv config/{generated_config.exs,prod.secret.exs}'
-su postgrs -s $SHELL -lc 'psql -f /opt/pleroma/config/setup_db.psql'
-su pleroma -s $SHELL -lc 'MIX_ENV=prod mix ecto.migrate'
-su pleroma -s $SHELL -lc 'MIX_ENV=prod mix phx.server'
+--dbpass $(pwgen -s 100 1) &&\
+mv config/{generated_config.exs,prod.secret.exs}"
+su postgres -s $SHELL -lc 'psql -f /tmp/setup_db.psql'
+su pleroma -s $SHELL -lc 'cd /opt/pleroma && MIX_ENV=prod mix ecto.migrate'
+
+# Add our own plom.exs and import it to prod.secret.exs
+echo '' >> /opt/pleroma/config/prod.secret.exs
+echo 'import_config "plom.exs"' >> /opt/pleroma/config/prod.secret.exs
+echo 'import Config' > /opt/pleroma/config/plom.exs
+cat "${config_tree_prefix}/other_files/append_pleroma_config" >> /opt/pleroma/config/plom.exs
-# TODO: config customization, single-pixel hack, info panel, TOS
+# Single-pixel picture hack for removing Pleroma FE images.
+cp "${config_tree_prefix}/other_files/pixel.png" /var/lib/pleroma/static/
+chown pleroma:nogroup /var/lib/pleroma/static/pixel.png
+
+# Info panel and TOS.
+mkdir -p /var/lib/pleroma/static/instance
+mkdir -p /var/lib/pleroma/static/static
+cp "${config_tree_prefix}/other_files/pleroma_panel.html" /var/lib/pleroma/static/instance/panel.html
+cp "${config_tree_prefix}/other_files/pleroma_terms-of-service.html" /var/lib/pleroma/static/static/terms-of-service.html
+
+# Set up letsencrypt certificate. TODO: Is it auto-renewed?
+ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default
+certbot --nginx --agree-tos --redirect --no-eff-email -m "${mail}" -d "${domain}"
+rm /etc/nginx/sites-enabled/default
# Prepare NGINX config for Pleroma.
cp /opt/pleroma/installation/pleroma.nginx /etc/nginx/sites-available/pleroma.nginx
projects / config / blobdiff