export ENTRYPOINT_CONF_VERSION=v5 export ENTRYPOINT_STREAMING_CONF_VERSION=v1 file_env() { local var="$1" local fileVar="${var}_FILE" local def="${2:-}" if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then echo >&2 "error: both $var and $fileVar are set (but are exclusive)" exit 1 fi local val="$def" if [ "${!var:-}" ]; then val="${!var}" elif [ "${!fileVar:-}" ]; then val="$(< "${!fileVar}")" fi declare -x -g "$var"="$val" unset "$fileVar" } environment() { # for sidekiq service bundle exec env var threading file_env "DB_PASS" file_env "OTP_SECRET" file_env "SECRET_KEY_BASE" file_env "VAPID_PRIVATE_KEY" file_env "ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY" file_env "ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT" file_env "ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY" declare -x RAILS_ENV=production } assets() { environment bundle exec rails assets:precompile } admin() { environment bin/tootctl accounts create "$1" --email "$2" --confirmed --role Owner } shell() { ## Run a shell with proper environment environment bash $@ } setup() { environment RAILS_ENV=production bundle exec rake db:setup } secrets() { set -e docker context use default > /dev/null 2>&1 MASTO_VERSION="v4.3.1" echo "Generating secrets for a new Mastodon deployment..." echo "" SECRET_KEY_BASE=$(docker run --rm tootsuite/mastodon:$MASTO_VERSION bundle exec rake secret) abra app secret insert "$APP_NAME" secret_key_base v1 "$SECRET_KEY_BASE" echo "SECRET_KEY_BASE = $SECRET_KEY_BASE" echo "" OTP_SECRET=$(docker run --rm tootsuite/mastodon:$MASTO_VERSION bundle exec rake secret) abra app secret insert "$APP_NAME" otp_secret v1 "$OTP_SECRET" echo "OTP_SECRET = $OTP_SECRET" echo "" docker run \ -e SECRET_KEY_BASE="$SECRET_KEY_BASE" \ -e OTP_SECRET="$OTP_SECRET" \ --rm tootsuite/mastodon:$MASTO_VERSION \ bundle exec rake mastodon:webpush:generate_vapid_key \ > /tmp/key.txt VAPID_PRIVATE_KEY=$(grep -oP "VAPID_PRIVATE_KEY=\K.+" "/tmp/key.txt") VAPID_PUBLIC_KEY=$(grep -oP "VAPID_PUBLIC_KEY=\K.+" "/tmp/key.txt") rm -rf /tmp/key.txt echo "VAPID_PUBLIC_KEY = $VAPID_PUBLIC_KEY" echo "!IMPORTANT! you MUST insert this VAPID_PUBLIC_KEY into your app .env config !IMPORTANT!" echo "" abra app secret insert "$APP_NAME" vapid_private_key v1 "$VAPID_PRIVATE_KEY" echo "VAPID_PRIVATE_KEY = $VAPID_PRIVATE_KEY" echo "" abra app secret generate "$APP_NAME" db_password v1 echo "" echo "don't forget to insert your smtp_password! your deployment won't work without it" echo "run \"abra app secret insert $APP_NAME smtp_password v1 YOURSMTPPASSWORD\"" echo "" } secrets_activerecord() { set -e docker context use default > /dev/null 2>&1 MASTO_VERSION="v4.3.1" echo "Generating activerecord secrets for an updated deployment" echo "" docker run \ -e SECRET_KEY_BASE="$SECRET_KEY_BASE" \ -e OTP_SECRET="$OTP_SECRET" \ --rm tootsuite/mastodon:$MASTO_VERSION \ bundle exec rake db:encryption:init \ > /tmp/activerecord.txt ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=$(grep ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY /tmp/activerecord.txt | cut -d'=' -f2) abra app secret insert "$APP_NAME" active_record_encryption_deterministic_key v1 "$ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY" echo "ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY = $ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY" echo "" ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=$(grep ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT /tmp/activerecord.txt | cut -d'=' -f2) abra app secret insert "$APP_NAME" active_record_encryption_key_derivation_salt v1 "$ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT" echo "ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT = $ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT" echo "" ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY=$(grep ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY /tmp/activerecord.txt | cut -d'=' -f2) abra app secret insert "$APP_NAME" active_record_encryption_primary_key v1 "$ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY" echo "ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY = $ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY" echo "" rm -rf /tmp/activerecord.txt }