Compare commits
2 Commits
d55e7aa467
...
4eedc672a1
Author | SHA1 | Date |
---|---|---|
Cassowary | 4eedc672a1 | |
Cassowary | e47a5d6d32 |
|
@ -35,7 +35,7 @@ LIMITED_FEDERATION_MODE=false
|
|||
# Deployment
|
||||
# ----------
|
||||
RAILS_ENV=production
|
||||
RAILS_SERVE_STATIC_FILES=true # might need this for traefik, need to test
|
||||
RAILS_SERVE_STATIC_FILES=true
|
||||
# TRUSTED_PROXY_IP=
|
||||
|
||||
# External Services
|
||||
|
|
|
@ -24,12 +24,8 @@ discussed.
|
|||
|
||||
See the [`coop-cloud/mastodon` `README.md`](https://git.coopcloud.tech/coop-cloud/mastodon#quick-start).
|
||||
|
||||
Watch out in case the Mastodon recipe latest is not the same as the Hometown
|
||||
latest version! You can switch back to a compatible tag on the Mastodon recipe
|
||||
to compare docs, config etc. just to be sure.
|
||||
|
||||
## Tips & Tricks
|
||||
|
||||
See the [`coop-cloud/mastodon` `README.md`](https://git.coopcloud.tech/coop-cloud/mastodon#admin-tips-tricks).
|
||||
|
||||
Please only gather tips & tricks that are specific to Hometown here.
|
||||
Please only gather tips & tricks that are specific to Glitch-soc here.
|
||||
|
|
|
@ -1,70 +1,70 @@
|
|||
#!/bin/bash
|
||||
|
||||
export ENTRYPOINT_CONF_VERSION=v7
|
||||
export ENTRYPOINT_CONF_VERSION=v12
|
||||
|
||||
assets() {
|
||||
set -x OTP_SECRET $(cat /run/secrets/otp_secret)
|
||||
set -x SECRET_KEY_BASE $(cat /run/secrets/secret_key_base)
|
||||
set -x DB_PASS $(cat /run/secrets/db_password)
|
||||
# assets() {
|
||||
# set -x OTP_SECRET $(cat /run/secrets/otp_secret)
|
||||
# set -x SECRET_KEY_BASE $(cat /run/secrets/secret_key_base)
|
||||
# set -x DB_PASS $(cat /run/secrets/db_password)
|
||||
|
||||
RAILS_ENV=production bundle exec rails assets:precompile
|
||||
}
|
||||
# RAILS_ENV=production bundle exec rails assets:precompile
|
||||
# }
|
||||
|
||||
setup() {
|
||||
set -x OTP_SECRET $(cat /run/secrets/otp_secret)
|
||||
set -x SECRET_KEY_BASE $(cat /run/secrets/secret_key_base)
|
||||
set -x DB_PASS $(cat /run/secrets/db_password)
|
||||
# setup() {
|
||||
# set -x OTP_SECRET $(cat /run/secrets/otp_secret)
|
||||
# set -x SECRET_KEY_BASE $(cat /run/secrets/secret_key_base)
|
||||
# set -x DB_PASS $(cat /run/secrets/db_password)
|
||||
|
||||
RAILS_ENV=production bundle exec rake db:setup
|
||||
}
|
||||
# RAILS_ENV=production bundle exec rake db:setup
|
||||
# }
|
||||
|
||||
admin() {
|
||||
set -x OTP_SECRET $(cat /run/secrets/otp_secret)
|
||||
set -x SECRET_KEY_BASE $(cat /run/secrets/secret_key_base)
|
||||
set -x DB_PASS $(cat /run/secrets/db_password)
|
||||
# admin() {
|
||||
# set -x OTP_SECRET $(cat /run/secrets/otp_secret)
|
||||
# set -x SECRET_KEY_BASE $(cat /run/secrets/secret_key_base)
|
||||
# set -x DB_PASS $(cat /run/secrets/db_password)
|
||||
|
||||
RAILS_ENV=production bin/tootctl accounts create "$1" --email "$2" --confirmed --role admin
|
||||
}
|
||||
# accounts create "$1" --email "$2" --confirmed --role admin
|
||||
# }
|
||||
|
||||
secrets() {
|
||||
docker context use default > /dev/null 2>&1
|
||||
# secrets() {
|
||||
# docker context use default > /dev/null 2>&1
|
||||
|
||||
echo "Generating secrets for new Hometown deployment..."
|
||||
echo ""
|
||||
# echo "Generating secrets for new Hometown deployment..."
|
||||
# echo ""
|
||||
|
||||
SECRET_KEY_BASE=$(docker run --rm tootsuite/mastodon:v3.4.0 bundle exec rake secret)
|
||||
abra app secret insert "$APP_NAME" secret_key_base v1 "$SECRET_KEY_BASE"
|
||||
echo "SECRET_KEY_BASE = $SECRET_KEY_BASE"
|
||||
echo ""
|
||||
# SECRET_KEY_BASE=$(docker run --rm tootsuite/mastodon:v3.4.0 bundle exec rake secret)
|
||||
# abra app secret insert "$APP_NAME" secret_key_base v1 "$SECRET_KEY_BASE"
|
||||
# echo "SECRET_KEY_BASE = $SECRET_KEY_BASE"
|
||||
# echo ""
|
||||
|
||||
OTP_SECRET=$(docker run --rm tootsuite/mastodon:v3.4.0 bundle exec rake secret)
|
||||
abra app secret insert "$APP_NAME" otp_secret v1 "$OTP_SECRET"
|
||||
echo "OTP_SECRET = $OTP_SECRET"
|
||||
echo ""
|
||||
# OTP_SECRET=$(docker run --rm tootsuite/mastodon:v3.4.0 bundle exec rake secret)
|
||||
# abra app secret insert "$APP_NAME" otp_secret v1 "$OTP_SECRET"
|
||||
# echo "OTP_SECRET = $OTP_SECRET"
|
||||
# echo ""
|
||||
|
||||
docker run \
|
||||
-e SECRET_KEY_BASE="$SECRET_KEY_BASE" \
|
||||
-e OTP_SECRET="$OTP_SECRET" \
|
||||
--rm tootsuite/mastodon:v3.4.0 \
|
||||
bundle exec rake mastodon:webpush:generate_vapid_key \
|
||||
> /tmp/key.txt
|
||||
# docker run \
|
||||
# -e SECRET_KEY_BASE="$SECRET_KEY_BASE" \
|
||||
# -e OTP_SECRET="$OTP_SECRET" \
|
||||
# --rm tootsuite/mastodon:v3.4.0 \
|
||||
# bundle exec rake mastodon:webpush:generate_vapid_key \
|
||||
# > /tmp/key.txt
|
||||
|
||||
VAPID_PRIVATE_KEY=$(grep -oP "VAPID_PRIVATE_KEY=\K.+" "/tmp/key.txt")
|
||||
VAPID_PUBLIC_KEY=$(grep -oP "VAPID_PUBLIC_KEY=\K.+" "/tmp/key.txt")
|
||||
rm -rf /tmp/key.txt
|
||||
# VAPID_PRIVATE_KEY=$(grep -oP "VAPID_PRIVATE_KEY=\K.+" "/tmp/key.txt")
|
||||
# VAPID_PUBLIC_KEY=$(grep -oP "VAPID_PUBLIC_KEY=\K.+" "/tmp/key.txt")
|
||||
# rm -rf /tmp/key.txt
|
||||
|
||||
echo "VAPID_PUBLIC_KEY = $VAPID_PUBLIC_KEY"
|
||||
echo "!IMPORTANT! you MUST insert this VAPID_PUBLIC_KEY into your app .env config !IMPORTANT!"
|
||||
echo ""
|
||||
# echo "VAPID_PUBLIC_KEY = $VAPID_PUBLIC_KEY"
|
||||
# echo "!IMPORTANT! you MUST insert this VAPID_PUBLIC_KEY into your app .env config !IMPORTANT!"
|
||||
# echo ""
|
||||
|
||||
abra app secret insert "$APP_NAME" vapid_private_key v1 "$VAPID_PRIVATE_KEY"
|
||||
echo "VAPID_PRIVATE_KEY = $VAPID_PRIVATE_KEY"
|
||||
echo ""
|
||||
# abra app secret insert "$APP_NAME" vapid_private_key v1 "$VAPID_PRIVATE_KEY"
|
||||
# echo "VAPID_PRIVATE_KEY = $VAPID_PRIVATE_KEY"
|
||||
# echo ""
|
||||
|
||||
abra app secret generate "$APP_NAME" db_password v1
|
||||
echo ""
|
||||
# abra app secret generate "$APP_NAME" db_password v1
|
||||
# echo ""
|
||||
|
||||
echo "don't forget to insert your smtp_password! your deployment won't work without it"
|
||||
echo "run \"abra app secret insert $APP_NAME smtp_password v1 YOURSMTPPASSWORD\""
|
||||
echo ""
|
||||
}
|
||||
# echo "don't forget to insert your smtp_password! your deployment won't work without it"
|
||||
# echo "run \"abra app secret insert $APP_NAME smtp_password v1 YOURSMTPPASSWORD\""
|
||||
# echo ""
|
||||
# }
|
||||
|
|
12
compose.yml
12
compose.yml
|
@ -3,7 +3,7 @@ version: "3.8"
|
|||
|
||||
services:
|
||||
app:
|
||||
image: yakumosaki/glitch-soc:20230927_13
|
||||
image: yakumosaki/glitch-soc:20230927_13
|
||||
command: bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p 3000"
|
||||
networks: &bothNetworks
|
||||
- proxy
|
||||
|
@ -19,16 +19,19 @@ services:
|
|||
- "traefik.http.routers.${STACK_NAME}_web.rule=Host(`${DOMAIN}`)"
|
||||
- "traefik.http.routers.${STACK_NAME}_web.entrypoints=web-secure"
|
||||
- "traefik.http.routers.${STACK_NAME}_web.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
||||
- "coop-cloud.${STACK_NAME}.version=0.2.3+v3.5.10-hometown-1.0.8"
|
||||
- "coop-cloud.${STACK_NAME}.version=0.0.0+20230927"
|
||||
configs: &configs
|
||||
- source: entrypoint_sh
|
||||
target: /usr/local/bin/entrypoint.sh
|
||||
mode: 0555
|
||||
entrypoint: &entrypoint /usr/local/bin/entrypoint.sh
|
||||
# entrypoint: &entrypoint ['tail', '-f', '/dev/null']
|
||||
volumes: &appVolume
|
||||
- app:/opt/mastodon/public/system
|
||||
healthcheck:
|
||||
test: ["CMD-SHELL", "wget -q --spider --header 'x-forwarded-proto: https' --proxy=off localhost:3000/api/v1/instance || exit 1"]
|
||||
#healthcheck:
|
||||
#
|
||||
# broken with authorized fetch and limited fed apparently
|
||||
# test: ["CMD-SHELL", "wget -q --spider --header 'x-forwarded-proto: https' --proxy=off localhost:3000/api/v1/instance || exit 1"]
|
||||
secrets: &secrets
|
||||
- db_password
|
||||
- otp_secret
|
||||
|
@ -145,6 +148,7 @@ services:
|
|||
- VAPID_PRIVATE_KEY_FILE=/run/secrets/vapid_private_key
|
||||
- VAPID_PUBLIC_KEY
|
||||
- WEB_DOMAIN
|
||||
- TRUSTED_PROXY_IP
|
||||
|
||||
streaming:
|
||||
image: yakumosaki/glitch-soc:20230927_13
|
||||
|
|
|
@ -30,8 +30,18 @@ file_env "DB_PASS"
|
|||
file_env "SMTP_PASSWORD"
|
||||
file_env "VAPID_PRIVATE_KEY"
|
||||
|
||||
export RAILS_ENV=production
|
||||
|
||||
{{ if eq (env "OIDC_ENABLED") "true" }}
|
||||
file_env "OIDC_CLIENT_SECRET"
|
||||
{{ end }}
|
||||
|
||||
|
||||
bundle exec rake db:setup || /bin/true
|
||||
# bundle exec rake webpacker:verify_install || bundle exec rake webpacker:install
|
||||
#bundle exec rake webpacker:yarn_install
|
||||
# bundle exec rake assets:clobber
|
||||
# bundle exec rake assets:precompile || /bin/true
|
||||
|
||||
|
||||
/usr/bin/tini -s -- "$@"
|
||||
|
|
Loading…
Reference in New Issue