cas/glitch-soc
cas/glitch-soc
0
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

WIP commit in debug mode

Browse Source
This commit is contained in:
Cassowary 2023-10-08 10:06:16 -07:00
parent d55e7aa467
commit e47a5d6d32
3 changed files with 69 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

104
abra.sh Normal file → Executable file
View File

@ -1,70 +1,70 @@
#!/bin/bash #!/bin/bash
export ENTRYPOINT_CONF_VERSION=v7 export ENTRYPOINT_CONF_VERSION=v11
assets() { # assets() {
set -x OTP_SECRET $(cat /run/secrets/otp_secret) # set -x OTP_SECRET $(cat /run/secrets/otp_secret)
set -x SECRET_KEY_BASE $(cat /run/secrets/secret_key_base) # set -x SECRET_KEY_BASE $(cat /run/secrets/secret_key_base)
set -x DB_PASS $(cat /run/secrets/db_password) # set -x DB_PASS $(cat /run/secrets/db_password)
RAILS_ENV=production bundle exec rails assets:precompile # RAILS_ENV=production bundle exec rails assets:precompile
} # }
setup() { # setup() {
set -x OTP_SECRET $(cat /run/secrets/otp_secret) # set -x OTP_SECRET $(cat /run/secrets/otp_secret)
set -x SECRET_KEY_BASE $(cat /run/secrets/secret_key_base) # set -x SECRET_KEY_BASE $(cat /run/secrets/secret_key_base)
set -x DB_PASS $(cat /run/secrets/db_password) # set -x DB_PASS $(cat /run/secrets/db_password)
RAILS_ENV=production bundle exec rake db:setup # RAILS_ENV=production bundle exec rake db:setup
} # }
admin() { # admin() {
set -x OTP_SECRET $(cat /run/secrets/otp_secret) # set -x OTP_SECRET $(cat /run/secrets/otp_secret)
set -x SECRET_KEY_BASE $(cat /run/secrets/secret_key_base) # set -x SECRET_KEY_BASE $(cat /run/secrets/secret_key_base)
set -x DB_PASS $(cat /run/secrets/db_password) # set -x DB_PASS $(cat /run/secrets/db_password)
RAILS_ENV=production bin/tootctl accounts create "$1" --email "$2" --confirmed --role admin # accounts create "$1" --email "$2" --confirmed --role admin
} # }
secrets() { # secrets() {
docker context use default > /dev/null 2>&1 # docker context use default > /dev/null 2>&1
echo "Generating secrets for new Hometown deployment..." # echo "Generating secrets for new Hometown deployment..."
echo "" # echo ""
SECRET_KEY_BASE=$(docker run --rm tootsuite/mastodon:v3.4.0 bundle exec rake secret) # SECRET_KEY_BASE=$(docker run --rm tootsuite/mastodon:v3.4.0 bundle exec rake secret)
abra app secret insert "$APP_NAME" secret_key_base v1 "$SECRET_KEY_BASE" # abra app secret insert "$APP_NAME" secret_key_base v1 "$SECRET_KEY_BASE"
echo "SECRET_KEY_BASE = $SECRET_KEY_BASE" # echo "SECRET_KEY_BASE = $SECRET_KEY_BASE"
echo "" # echo ""
OTP_SECRET=$(docker run --rm tootsuite/mastodon:v3.4.0 bundle exec rake secret) # OTP_SECRET=$(docker run --rm tootsuite/mastodon:v3.4.0 bundle exec rake secret)
abra app secret insert "$APP_NAME" otp_secret v1 "$OTP_SECRET" # abra app secret insert "$APP_NAME" otp_secret v1 "$OTP_SECRET"
echo "OTP_SECRET = $OTP_SECRET" # echo "OTP_SECRET = $OTP_SECRET"
echo "" # echo ""
docker run \ # docker run \
-e SECRET_KEY_BASE="$SECRET_KEY_BASE" \ # -e SECRET_KEY_BASE="$SECRET_KEY_BASE" \
-e OTP_SECRET="$OTP_SECRET" \ # -e OTP_SECRET="$OTP_SECRET" \
--rm tootsuite/mastodon:v3.4.0 \ # --rm tootsuite/mastodon:v3.4.0 \
bundle exec rake mastodon:webpush:generate_vapid_key \ # bundle exec rake mastodon:webpush:generate_vapid_key \
> /tmp/key.txt # > /tmp/key.txt
VAPID_PRIVATE_KEY=$(grep -oP "VAPID_PRIVATE_KEY=\K.+" "/tmp/key.txt") # VAPID_PRIVATE_KEY=$(grep -oP "VAPID_PRIVATE_KEY=\K.+" "/tmp/key.txt")
VAPID_PUBLIC_KEY=$(grep -oP "VAPID_PUBLIC_KEY=\K.+" "/tmp/key.txt") # VAPID_PUBLIC_KEY=$(grep -oP "VAPID_PUBLIC_KEY=\K.+" "/tmp/key.txt")
rm -rf /tmp/key.txt # rm -rf /tmp/key.txt
echo "VAPID_PUBLIC_KEY = $VAPID_PUBLIC_KEY" # echo "VAPID_PUBLIC_KEY = $VAPID_PUBLIC_KEY"
echo "!IMPORTANT! you MUST insert this VAPID_PUBLIC_KEY into your app .env config !IMPORTANT!" # echo "!IMPORTANT! you MUST insert this VAPID_PUBLIC_KEY into your app .env config !IMPORTANT!"
echo "" # echo ""
abra app secret insert "$APP_NAME" vapid_private_key v1 "$VAPID_PRIVATE_KEY" # abra app secret insert "$APP_NAME" vapid_private_key v1 "$VAPID_PRIVATE_KEY"
echo "VAPID_PRIVATE_KEY = $VAPID_PRIVATE_KEY" # echo "VAPID_PRIVATE_KEY = $VAPID_PRIVATE_KEY"
echo "" # echo ""
abra app secret generate "$APP_NAME" db_password v1 # abra app secret generate "$APP_NAME" db_password v1
echo "" # echo ""
echo "don't forget to insert your smtp_password! your deployment won't work without it" # echo "don't forget to insert your smtp_password! your deployment won't work without it"
echo "run \"abra app secret insert $APP_NAME smtp_password v1 YOURSMTPPASSWORD\"" # echo "run \"abra app secret insert $APP_NAME smtp_password v1 YOURSMTPPASSWORD\""
echo "" # echo ""
} # }

16
compose.yml
View File

@ -3,8 +3,8 @@ version: "3.8"
services: services:
app: app:
image: yakumosaki/glitch-soc:20230927_13 image: lscr.io/linuxserver/mastodon:glitch-ebd20175-ls78
command: bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p 3000" # command: bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p 3000"
networks: &bothNetworks networks: &bothNetworks
- proxy - proxy
- internal_network - internal_network
@ -19,16 +19,19 @@ services:
- "traefik.http.routers.${STACK_NAME}_web.rule=Host(`${DOMAIN}`)" - "traefik.http.routers.${STACK_NAME}_web.rule=Host(`${DOMAIN}`)"
- "traefik.http.routers.${STACK_NAME}_web.entrypoints=web-secure" - "traefik.http.routers.${STACK_NAME}_web.entrypoints=web-secure"
- "traefik.http.routers.${STACK_NAME}_web.tls.certresolver=${LETS_ENCRYPT_ENV}" - "traefik.http.routers.${STACK_NAME}_web.tls.certresolver=${LETS_ENCRYPT_ENV}"
- "coop-cloud.${STACK_NAME}.version=0.2.3+v3.5.10-hometown-1.0.8" - "coop-cloud.${STACK_NAME}.version=0.0.0+20230927"
configs: &configs configs: &configs
- source: entrypoint_sh - source: entrypoint_sh
target: /usr/local/bin/entrypoint.sh target: /usr/local/bin/entrypoint.sh
mode: 0555 mode: 0555
entrypoint: &entrypoint /usr/local/bin/entrypoint.sh # entrypoint: &entrypoint /usr/local/bin/entrypoint.sh
entrypoint: &entrypoint ['tail', '-f', '/dev/null']
volumes: &appVolume volumes: &appVolume
- app:/opt/mastodon/public/system - app:/opt/mastodon/public/system
healthcheck: #healthcheck:
test: ["CMD-SHELL", "wget -q --spider --header 'x-forwarded-proto: https' --proxy=off localhost:3000/api/v1/instance || exit 1"] #
# broken with authorized fetch and limited fed apparently
# test: ["CMD-SHELL", "wget -q --spider --header 'x-forwarded-proto: https' --proxy=off localhost:3000/api/v1/instance || exit 1"]
secrets: &secrets secrets: &secrets
- db_password - db_password
- otp_secret - otp_secret
@ -145,6 +148,7 @@ services:
- VAPID_PRIVATE_KEY_FILE=/run/secrets/vapid_private_key - VAPID_PRIVATE_KEY_FILE=/run/secrets/vapid_private_key
- VAPID_PUBLIC_KEY - VAPID_PUBLIC_KEY
- WEB_DOMAIN - WEB_DOMAIN
- TRUSTED_PROXY_IP
streaming: streaming:
image: yakumosaki/glitch-soc:20230927_13 image: yakumosaki/glitch-soc:20230927_13

7
entrypoint.sh.tmpl Normal file → Executable file
View File

@ -34,4 +34,11 @@ file_env "VAPID_PRIVATE_KEY"
file_env "OIDC_CLIENT_SECRET" file_env "OIDC_CLIENT_SECRET"
{{ end }} {{ end }}
export RAILS_ENV=production
bundle exec rake db:setup || /bin/true
#bundle exec rake webpacker:verify_install || bundle exec rake webpacker:install
#bundle exec rake webpacker:yarn_install
bundle exec rake assets:precompile || /bin/true
/usr/bin/tini -s -- "$@" /usr/bin/tini -s -- "$@"