2019-07-17 21:14:32 +00:00
|
|
|
#!/bin/bash
|
2018-10-30 15:46:13 +00:00
|
|
|
|
2019-07-17 21:14:32 +00:00
|
|
|
set -eu
|
2018-10-30 15:46:13 +00:00
|
|
|
|
2019-07-17 21:14:32 +00:00
|
|
|
mkdir -p /tmp/mastodon /app/data/system /run/mastodon
|
2018-10-31 12:53:10 +00:00
|
|
|
|
2019-07-17 21:14:32 +00:00
|
|
|
if [[ ! -f /app/data/env.production ]]; then
|
|
|
|
echo "==> Copying env template on first run"
|
2020-01-06 19:21:25 +00:00
|
|
|
cp /app/pkg/env.template /app/data/env.production
|
2020-01-23 19:26:04 +00:00
|
|
|
|
|
|
|
# LOCAL_DOMAIN is the federation domain. We only set this once on a fresh install
|
|
|
|
# changing this will break federation
|
|
|
|
sed -e "s/LOCAL_DOMAIN=.*/LOCAL_DOMAIN=${CLOUDRON_APP_DOMAIN}/g" -i /app/data/env.production
|
2019-07-17 21:14:32 +00:00
|
|
|
fi
|
2018-10-31 12:53:10 +00:00
|
|
|
|
2019-07-17 21:14:32 +00:00
|
|
|
echo "==> Configuring mastodon"
|
|
|
|
sed -e "s/DB_HOST=.*/DB_HOST=${CLOUDRON_POSTGRESQL_HOST}/g" \
|
|
|
|
-e "s/DB_PORT=.*/DB_PORT=${CLOUDRON_POSTGRESQL_PORT}/g" \
|
|
|
|
-e "s/DB_NAME=.*/DB_NAME=${CLOUDRON_POSTGRESQL_DATABASE}/g" \
|
|
|
|
-e "s/DB_USER=.*/DB_USER=${CLOUDRON_POSTGRESQL_USERNAME}/g" \
|
|
|
|
-e "s/DB_PASS=.*/DB_PASS=${CLOUDRON_POSTGRESQL_PASSWORD}/g" \
|
|
|
|
-e "s/REDIS_HOST=.*/REDIS_HOST=${CLOUDRON_REDIS_HOST}/g" \
|
|
|
|
-e "s/REDIS_PORT=.*/REDIS_PORT=${CLOUDRON_REDIS_PORT}/g" \
|
|
|
|
-e "s/REDIS_PASSWORD=.*/REDIS_PASSWORD=${CLOUDRON_REDIS_PASSWORD}/g" \
|
|
|
|
-e "s/SMTP_SERVER=.*/SMTP_SERVER=${CLOUDRON_MAIL_SMTP_SERVER}/g" \
|
|
|
|
-e "s/SMTP_PORT=.*/SMTP_PORT=${CLOUDRON_MAIL_SMTP_PORT}/g" \
|
|
|
|
-e "s/SMTP_FROM_ADDRESS=.*/SMTP_FROM_ADDRESS=${CLOUDRON_MAIL_FROM}/g" \
|
|
|
|
-e "s/SMTP_LOGIN=.*/SMTP_LOGIN=${CLOUDRON_MAIL_SMTP_USERNAME}/g" \
|
|
|
|
-e "s/SMTP_PASSWORD=.*/SMTP_PASSWORD=${CLOUDRON_MAIL_SMTP_PASSWORD}/g" \
|
2020-01-06 19:27:26 +00:00
|
|
|
-e "s/WEB_DOMAIN=.*/WEB_DOMAIN=${CLOUDRON_APP_DOMAIN}/g" \
|
2019-07-17 21:14:32 +00:00
|
|
|
-i /app/data/env.production
|
|
|
|
|
2024-02-15 11:50:03 +00:00
|
|
|
# migrate LDAP settings to OIDC (should be removed on the next release)
|
2024-02-14 10:13:42 +00:00
|
|
|
if grep -q "^LDAP_ENABLED" /app/data/env.production; then
|
|
|
|
# get rid LDAP settings
|
|
|
|
sed -e "s/LDAP_.*//g" \
|
|
|
|
-e "s/# SSO configuration//g" \
|
|
|
|
-i /app/data/env.production
|
|
|
|
|
|
|
|
cat >> /app/data/env.production <<EOT
|
|
|
|
# SSO configuration
|
|
|
|
OIDC_ENABLED=
|
|
|
|
OIDC_DISPLAY_NAME=
|
|
|
|
OIDC_ISSUER=
|
|
|
|
OIDC_CLIENT_ID=
|
|
|
|
OIDC_CLIENT_SECRET=
|
|
|
|
OIDC_REDIRECT_URI=
|
|
|
|
OIDC_DISCOVERY=
|
|
|
|
OIDC_SCOPE=
|
|
|
|
OIDC_UID_FIELD=
|
2024-02-15 11:50:03 +00:00
|
|
|
OIDC_SECURITY_ASSUME_EMAIL_IS_VERIFIED=
|
2024-02-14 10:13:42 +00:00
|
|
|
EOT
|
|
|
|
fi
|
|
|
|
|
|
|
|
if [[ -n "${CLOUDRON_OIDC_ISSUER:-}" ]]; then
|
2024-02-15 11:50:03 +00:00
|
|
|
# should be removed on the next release
|
|
|
|
echo "==> migrating LDAP users to OIDC"
|
|
|
|
/app/pkg/migrateUsers.js
|
|
|
|
|
2024-02-14 10:13:42 +00:00
|
|
|
echo "==> Setting up OIDC"
|
|
|
|
sed -e "s/OIDC_ENABLED=.*/OIDC_ENABLED=true/g" \
|
|
|
|
-e "s/OIDC_DISPLAY_NAME=.*/OIDC_DISPLAY_NAME=Cloudron/g" \
|
|
|
|
-e "s/OIDC_ISSUER=.*/OIDC_ISSUER=${CLOUDRON_OIDC_ISSUER//\//\\\/}/g" \
|
|
|
|
-e "s/OIDC_CLIENT_ID=.*/OIDC_CLIENT_ID=${CLOUDRON_OIDC_CLIENT_ID}/g" \
|
|
|
|
-e "s/OIDC_CLIENT_SECRET=.*/OIDC_CLIENT_SECRET=${CLOUDRON_OIDC_CLIENT_SECRET}/g" \
|
|
|
|
-e "s/OIDC_REDIRECT_URI=.*/OIDC_REDIRECT_URI=${CLOUDRON_APP_ORIGIN//\//\\\/}\/auth\/auth\/openid_connect\/callback/g" \
|
|
|
|
-e "s/OIDC_DISCOVERY=.*/OIDC_DISCOVERY=true/g" \
|
|
|
|
-e "s/OIDC_SCOPE=.*/OIDC_SCOPE=openid,profile,email/g" \
|
|
|
|
-e "s/OIDC_UID_FIELD=.*/OIDC_UID_FIELD=sub/g" \
|
2024-02-15 11:50:03 +00:00
|
|
|
-e "s/OIDC_SECURITY_ASSUME_EMAIL_IS_VERIFIED=.*/OIDC_SECURITY_ASSUME_EMAIL_IS_VERIFIED=true/g" \
|
2019-07-18 16:50:17 +00:00
|
|
|
-i /app/data/env.production
|
|
|
|
fi
|
|
|
|
|
2020-12-21 18:12:52 +00:00
|
|
|
rm -f /run/mastodon/Gemfile.lock && cp /app/code/Gemfile.lock.original /run/mastodon/Gemfile.lock
|
|
|
|
|
2019-07-17 21:14:32 +00:00
|
|
|
if grep -q "^SECRET_KEY_BASE=$" /app/data/env.production; then
|
|
|
|
echo "==> Generating secrets"
|
|
|
|
export RANDFILE=/tmp/.rnd
|
|
|
|
sed -i -e "s/SECRET_KEY_BASE=.*/SECRET_KEY_BASE=$(openssl rand -hex 64)/" \
|
|
|
|
-e "s/OTP_SECRET=.*/OTP_SECRET=$(openssl rand -hex 64)/" \
|
|
|
|
/app/data/env.production
|
2018-10-30 15:46:13 +00:00
|
|
|
|
2019-07-17 21:14:32 +00:00
|
|
|
echo "==> Generating vapid keys"
|
|
|
|
HOME=/app/data bundle exec rake mastodon:webpush:generate_vapid_key >> /app/data/env.production
|
2018-10-30 15:46:13 +00:00
|
|
|
|
2019-07-17 21:14:32 +00:00
|
|
|
echo "==> Init database"
|
|
|
|
HOME=/app/data SAFETY_ASSURED=1 bundle exec rails db:schema:load db:seed
|
2019-07-18 18:34:51 +00:00
|
|
|
|
2024-02-14 10:13:42 +00:00
|
|
|
if [[ -n "${CLOUDRON_OIDC_ISSUER:-}" ]]; then
|
2019-07-18 18:34:51 +00:00
|
|
|
echo "Disabling registration by default"
|
|
|
|
PGPASSWORD=${CLOUDRON_POSTGRESQL_PASSWORD} psql -h ${CLOUDRON_POSTGRESQL_HOST} -p ${CLOUDRON_POSTGRESQL_PORT} -U ${CLOUDRON_POSTGRESQL_USERNAME} -d ${CLOUDRON_POSTGRESQL_DATABASE} \
|
|
|
|
-c "INSERT INTO settings (var, value) VALUES ('registrations_mode', 'none')"
|
|
|
|
fi
|
2020-03-09 17:02:03 +00:00
|
|
|
else
|
|
|
|
echo "==> Migrating database"
|
|
|
|
HOME=/app/data SAFETY_ASSURED=1 bundle exec rails db:migrate
|
2018-10-31 12:53:10 +00:00
|
|
|
fi
|
2018-10-30 15:46:13 +00:00
|
|
|
|
2023-09-21 17:56:45 +00:00
|
|
|
if ! grep -q UPDATE_CHECK_URL /app/data/env.production; then
|
|
|
|
echo -e "\nUPDATE_CHECK_URL=" >> /app/data/env.production
|
|
|
|
fi
|
|
|
|
|
2022-12-03 11:59:26 +00:00
|
|
|
chown -R cloudron:cloudron /tmp/mastodon /run/mastodon
|
|
|
|
|
|
|
|
if [[ "$(stat -c '%U' /app/data)" != "cloudron" ]]; then
|
2022-12-03 12:28:25 +00:00
|
|
|
chown -R cloudron:cloudron /app/data/* || true # if there are no files
|
|
|
|
chown cloudron:cloudron /app/data
|
2022-12-03 11:59:26 +00:00
|
|
|
fi
|
2018-10-30 15:46:13 +00:00
|
|
|
|
2021-09-23 17:43:48 +00:00
|
|
|
[[ ! -f /app/data/config.sh ]] && cp /app/pkg/config.sh /app/data/config.sh
|
|
|
|
source /app/data/config.sh
|
|
|
|
|
2019-07-17 21:14:32 +00:00
|
|
|
echo "==> Starting mastodon"
|
|
|
|
exec /usr/bin/supervisord --configuration /etc/supervisor/supervisord.conf --nodaemon -i Mastodon
|
2018-10-30 15:46:13 +00:00
|
|
|
|