Merge pull request 'remove old setup script' (#17) from benjaminlyng/mastodon:chore/remove_old_setup_script into main

Reviewed-on: #17
Reviewed-by: decentral1se <decentral1se@noreply.git.coopcloud.tech>

.drone.yml

@@ -38,7 +38,7 @@ steps:
         from_secret: drone_abra-bot_token
       fork: true
       repositories:
-        - coop-cloud/auto-recipes-catalogue-json
+        - toolshed/auto-recipes-catalogue-json
 
 trigger:
   event: tag

.env.sample

@@ -15,6 +15,10 @@ LETS_ENCRYPT_ENV=production
 
 COMPOSE_FILE="compose.yml"
 
+# Set the maximum length for toots (posts). Longer posts from other servers will still be displayed, this limit only applies to users on this instance.
+#MAX_CHARS=500
+#COMPOSE_FILE="$COMPOSE_FILE:compose.character-limit.yml"
+
 # Federation
 # ----------
 # DO NOT CHANGE DOMAIN VARIABLES AFTER DEPLOYMENT! WILL BREAK FEDERATION!!
@@ -79,9 +83,9 @@ SECRET_OTP_SECRET_VERSION=v1
 SECRET_VAPID_PRIVATE_KEY_VERSION=v1
 SECRET_DB_PASSWORD_VERSION=v1
 SECRET_SMTP_PASSWORD_VERSION=v1
-SECRET_ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY_VERSION=v1
-SECRET_ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT_VERSION=v1
-SECRET_ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY_VERSION=v1
+SECRET_ARE_DETERMINISTIC_KEY_VERSION=v1
+SECRET_ARE_KEY_DERIVATION_SALT_VERSION=v1
+SECRET_ARE_PRIMARY_KEY_VERSION=v1
 
 # Web Push
 # ========

README.md

@@ -22,10 +22,10 @@ the [`abra.sh`](./abra.sh) for more.
 
 1. `abra app new mastodon`
 1. `abra app cmd --local <domain> secrets`
+1. `abra app cmd --local <domain> secrets_activerecord`
 1. `abra app secret insert <domain> smtp_password v1 <password>`
 1. `abra app config <domain>` (uncomment SMTP details)
 1. `abra app deploy <domain>`
-1. `abra app cmd <domain> streaming setup`
 
 Then, on your host (outside of the containers), you'll need to fix permissions
 for the volume (see [#10](https://git.coopcloud.tech/coop-cloud/mastodon/issues/10)):
@@ -37,7 +37,7 @@ chown -R 991:991 /var/lib/docker/volumes/<domain>_app/_data
 And finally, within the `app` container, create an admin account:
 
 ```
-abra app cmd <domain> admin -- <username> <email>
+abra app cmd <domain> app admin -- <username> <email>
 ```
 
 ## Tips & tricks

abra.sh

@@ -1,6 +1,18 @@
-export ENTRYPOINT_CONF_VERSION=v5
+export ENTRYPOINT_CONF_VERSION=v6
 export ENTRYPOINT_STREAMING_CONF_VERSION=v1
 
+grep=grep
+if ! $grep -P --version 2>/dev/null 1>/dev/null
+then
+    echo "$grep doesn't have -P option, trying ggrep"
+    grep=ggrep
+    if ! $grep -P --version 2>/dev/null 1>/dev/null
+    then
+      echo "If you're on a mac try running \`brew install grep\`"
+      exit 1
+    fi
+fi
+
 file_env() {
   local var="$1"
   local fileVar="${var}_FILE"
@@ -45,6 +57,7 @@ admin() {
   environment
 
   bin/tootctl accounts create "$1" --email "$2" --confirmed --role Owner
+  bin/tootctl accounts approve "$1"
 }
 
 shell() {
@@ -53,28 +66,22 @@ shell() {
     bash $@
 }
 
-setup() {
-  environment
-
-  RAILS_ENV=production bundle exec rake db:setup
-}
-
 secrets() {
   set -e
 
   docker context use default > /dev/null 2>&1
 
-  MASTO_VERSION="v4.3.1"
+  MASTO_VERSION="v4.3.8"
 
   echo "Generating secrets for a new Mastodon deployment..."
   echo ""
 
-  SECRET_KEY_BASE=$(docker run --rm tootsuite/mastodon:$MASTO_VERSION bundle exec rake secret)
+  SECRET_KEY_BASE=$(docker run --rm tootsuite/mastodon:$MASTO_VERSION bundle exec rails secret)
   abra app secret insert "$APP_NAME" secret_key_base v1 "$SECRET_KEY_BASE"
   echo "SECRET_KEY_BASE = $SECRET_KEY_BASE"
   echo ""
 
-  OTP_SECRET=$(docker run --rm tootsuite/mastodon:$MASTO_VERSION bundle exec rake secret)
+  OTP_SECRET=$(docker run --rm tootsuite/mastodon:$MASTO_VERSION bundle exec rails secret)
   abra app secret insert "$APP_NAME" otp_secret v1 "$OTP_SECRET"
   echo "OTP_SECRET = $OTP_SECRET"
   echo ""
@@ -86,8 +93,8 @@ secrets() {
     bundle exec rake mastodon:webpush:generate_vapid_key \
     > /tmp/key.txt
 
-  VAPID_PRIVATE_KEY=$(grep -oP "VAPID_PRIVATE_KEY=\K.+" "/tmp/key.txt")
-  VAPID_PUBLIC_KEY=$(grep -oP "VAPID_PUBLIC_KEY=\K.+" "/tmp/key.txt")
+  VAPID_PRIVATE_KEY=$($grep -oP "VAPID_PRIVATE_KEY=\K.+" "/tmp/key.txt")
+  VAPID_PUBLIC_KEY=$($grep -oP "VAPID_PUBLIC_KEY=\K.+" "/tmp/key.txt")
   rm -rf /tmp/key.txt
 
   echo "VAPID_PUBLIC_KEY = $VAPID_PUBLIC_KEY"
@@ -111,7 +118,7 @@ secrets_activerecord() {
 
   docker context use default > /dev/null 2>&1
 
-  MASTO_VERSION="v4.3.1"
+  MASTO_VERSION="v4.3.8"
 
   echo "Generating activerecord secrets for an updated deployment"
   echo ""
@@ -123,18 +130,18 @@ secrets_activerecord() {
     bundle exec rake db:encryption:init \
     > /tmp/activerecord.txt
 
-  ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=$(grep ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY /tmp/activerecord.txt | cut -d'=' -f2)
-  abra app secret insert "$APP_NAME" active_record_encryption_deterministic_key v1 "$ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY"
+  ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=$($grep ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY /tmp/activerecord.txt | cut -d'=' -f2)
+  abra app secret insert "$APP_NAME" are_deterministic_key v1 "$ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY"
   echo "ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY = $ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY"
   echo ""
 
-  ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=$(grep ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT /tmp/activerecord.txt | cut -d'=' -f2)
-  abra app secret insert "$APP_NAME" active_record_encryption_key_derivation_salt v1 "$ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT"
+  ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=$($grep ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT /tmp/activerecord.txt | cut -d'=' -f2)
+  abra app secret insert "$APP_NAME" are_key_derivation_salt v1 "$ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT"
   echo "ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT = $ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT"
   echo ""
 
-  ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY=$(grep ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY /tmp/activerecord.txt | cut -d'=' -f2)
-  abra app secret insert "$APP_NAME" active_record_encryption_primary_key v1 "$ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY"
+  ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY=$($grep ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY /tmp/activerecord.txt | cut -d'=' -f2)
+  abra app secret insert "$APP_NAME" are_primary_key v1 "$ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY"
   echo "ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY = $ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY"
   echo ""
 

compose.character-limit.yml

@@ -0,0 +1,12 @@
+---
+version: "3.8"
+
+services:
+  app:
+    environment:
+    - MAX_CHARS
+    # NOTE: See [0] for background on why this is necessary
+    # [0]: See https://github.com/mastodon/mastodon/pull/30091
+    user: root
+    command: >
+      /bin/sh -c 'set -x && ls && sed -i -e "s/500/$MAX_CHARS/g" app/javascript/mastodon/features/compose/components/compose_form.jsx && sed -i -e "s/500/$MAX_CHARS/g" app/validators/status_length_validator.rb && RAILS_ENV=production && rm -f /mastodon/tmp/pids/server.pid && su -c "bundle exec rails s -p 3000"'

compose.yml

@@ -3,7 +3,7 @@ version: "3.8"
 
 services:
   app:
-    image: tootsuite/mastodon:v4.3.1
+    image: tootsuite/mastodon:v4.3.8
     command: |
       bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p 3000"
     networks: &bothNetworks
@@ -20,7 +20,7 @@ services:
         - "traefik.http.routers.${STACK_NAME}_web.rule=Host(`${DOMAIN}`)"
         - "traefik.http.routers.${STACK_NAME}_web.entrypoints=web-secure"
         - "traefik.http.routers.${STACK_NAME}_web.tls.certresolver=${LETS_ENCRYPT_ENV}"
-        - "coop-cloud.${STACK_NAME}.version=1.0.0+v4.3.1"
+        - "coop-cloud.${STACK_NAME}.version=1.1.0+v4.3.8"
     configs: &configs
       - source: entrypoint_sh
         target: /usr/local/bin/entrypoint.sh
@@ -37,13 +37,13 @@ services:
       - secret_key_base
       - smtp_password
       - vapid_private_key
-      - active_record_encryption_deterministic_key
-      - active_record_encryption_key_derivation_salt
-      - active_record_encryption_primary_key
+      - are_deterministic_key
+      - are_key_derivation_salt
+      - are_primary_key
     environment: &env
-      - ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY_FILE=/run/secrets/active_record_encryption_deterministic_key
-      - ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT_FILE=/run/secrets/active_record_encryption_key_derivation_salt
-      - ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY_FILE=/run/secrets/active_record_encryption_primary_key
+      - ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY_FILE=/run/secrets/are_deterministic_key
+      - ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT_FILE=/run/secrets/are_key_derivation_salt
+      - ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY_FILE=/run/secrets/are_primary_key
       - ALLOW_ACCESS_TO_HIDDEN_SERVICE
       - ALTERNATE_DOMAINS
       - AUTHORIZED_FETCH
@@ -129,7 +129,7 @@ services:
       - WEB_DOMAIN
 
   streaming:
-    image: tootsuite/mastodon-streaming:v4.3.1
+    image: tootsuite/mastodon-streaming:v4.3.8
     command: node ./streaming/index.js
     configs: *configs
     entrypoint: /usr/local/bin/entrypoint_streaming.sh
@@ -150,7 +150,7 @@ services:
     volumes: *appVolume
 
   sidekiq:
-    image: tootsuite/mastodon:v4.3.1
+    image: tootsuite/mastodon:v4.3.8
     secrets: *secrets
     command: bundle exec sidekiq
     configs: *configs
@@ -164,7 +164,7 @@ services:
     environment: *env
 
   db:
-    image: postgres:15.2-alpine
+    image: postgres:15.12-alpine
     networks: &internalNetwork
       - internal
     volumes:
@@ -216,14 +216,14 @@ secrets:
   smtp_password:
     name: ${STACK_NAME}_smtp_password_${SECRET_SMTP_PASSWORD_VERSION}
     external: true
-  active_record_encryption_deterministic_key:
-    name: ${STACK_NAME}_active_record_encryption_deterministic_key_${SECRET_ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY_VERSION}
+  are_deterministic_key:
+    name: ${STACK_NAME}_are_deterministic_key_${SECRET_ARE_DETERMINISTIC_KEY_VERSION}
     external: true
-  active_record_encryption_key_derivation_salt:
-    name: ${STACK_NAME}_active_record_encryption_key_derivation_salt_${SECRET_ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT_VERSION}
+  are_key_derivation_salt:
+    name: ${STACK_NAME}_are_key_derivation_salt_${SECRET_ARE_KEY_DERIVATION_SALT_VERSION}
     external: true
-  active_record_encryption_primary_key:
-    name: ${STACK_NAME}_active_record_encryption_primary_key_${SECRET_ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY_VERSION}
+  are_primary_key:
+    name: ${STACK_NAME}_are_primary_key_${SECRET_ARE_PRIMARY_KEY_VERSION}
     external: true
 
 volumes:

entrypoint.sh.tmpl

@@ -40,4 +40,6 @@ file_env "OIDC_CLIENT_SECRET"
 # NOTE: this was working in mastodon 4.2 but breaks in 4.3
 # sed -i '/- admin$/d' /opt/mastodon/config/settings.yml
 
+RAILS_ENV=production bundle exec rake db:migrate
+
 /usr/bin/tini -s -- "$@"

release/1.0.0+v4.3.1

@@ -5,7 +5,7 @@ Run `abra app cmd --local <domain> secrets_activerecord` to generate and store t
 You will also need to add this to your config (`abra app config <domain>`):
 
 ```
-SECRET_ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY_VERSION=v1
-SECRET_ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT_VERSION=v1
-SECRET_ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY_VERSION=v1
+SECRET_ARE_DETERMINISTIC_KEY_VERSION=v1
+SECRET_ARE_KEY_DERIVATION_SALT_VERSION=v1
+SECRET_ARE_PRIMARY_KEY_VERSION=v1
 ```

release/1.1.0+v4.3.8

@@ -0,0 +1 @@
+MAX_CHARS now supported; see ~/.abra/recipes/.env.sample