Commit c2fd7ed9 authored by Spctrl's avatar Spctrl

Make multiple installs possible.

Add Scope option (still needs testing)
First steps in remove script for more elegant removal of DB
Add TODO in the README.md
parent 1cab9c80
......@@ -24,9 +24,9 @@ Mobile clients that are known to work well:
I'm using this package as a way to learn packaging for yunohost. This package is far from perfect and should not be used on production servers. If you have recommendations, please let me know on the fediverse at `@Ilja@mastodon.pirateparty.be`
What should work:
* Installation
* Installation (I made changes that need still testing atm)
* Removal
* Backup
* Backup (Should check if it still works properly with the last changes)
* Restore (You'll need to remove the instance prior to restore. This should change in the future.)
What does not work:
......@@ -39,10 +39,21 @@ What is not implemented:
* I'll may want to add the Pleroma source in the package eventually. Right now I get it from the Pleroma repo directly during install
Extra info:
* Multiple installs are possible
* On installation you'll be able to chose a dedicated domain for Pleroma. You'll also be asked for a username and password for a user. This user will have moderator rights. Note that the password will be visible if you install using the `--debug` flag!
* Pleroma will be listed in the admin-panel under services, so you can stop and start the service there
* Postgresql will also be listed in the admin-panel
* You can choose to close regstrations on installation, but then you'll need to create invite tokens if you want others to join your instance as well. You can do this by accessing your yunohost server over ssh and run `cd /var/www/pleroma/pleroma/ && MIX_ENV=prod mix generate_invite_token`. See: https://git.pleroma.social/pleroma/pleroma/wikis/Admin%20tasks
* On installation you can choose to enable scopes on the Pleroma-FE
* If you're not afraid of the terminal, check out https://git.pleroma.social/pleroma/pleroma/wikis/home to see what more you can do with your awesome instance!
* You can upgrade your Pleroma instance by logging in over ssh as root and run `su - pleroma -c "cd /var/www/pleroma/pleroma;git pull;MIX_ENV=prod mix deps.get;MIX_ENV=prod mix ecto.migrate;" && systemctl restart pleroma`
* To check your current Pleroma version you can go to `yourdomain.tld/api/v1/instance`
TODO:
* Test the installation (esp scope setting)
* Make dependencys version independant (ie postgressql uses 9.6 atm, higher should also be possible)
* Make the remove more elegant (esp the removal of the DB)
* Make backup and restore work as expected
* Use psql helpers for backup/restore if possible
* Make update work properly (atm there's only a very naive implementation)
* Check with linter/community... to add to the community packages
......@@ -25,14 +25,14 @@
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
proxy_pass http://localhost:4000;
proxy_pass http://localhost:{PORT};
client_max_body_size 16m;
}
location /proxy {
proxy_cache pleroma_media_cache;
proxy_cache {APP}_media_cache;
proxy_cache_lock on;
proxy_ignore_client_abort on;
proxy_pass http://localhost:4000;
proxy_pass http://localhost:{PORT};
}
proxy_cache_path /tmp/pleroma-media-cache levels=1:2 keys_zone=pleroma_media_cache:10m max_size=10g
proxy_cache_path /tmp/{APP}-media-cache levels=1:2 keys_zone={APP}_media_cache:10m max_size=10g
inactive=720m use_temp_path=off;
{
"name": "Pleroma tryout app",
"id": "pleroma",
"id": "pleroma_ynh",
"packaging_format": 1,
"description": {
"en": "Pleroma package for YunoHost application."
......@@ -16,7 +16,7 @@
"requirements": {
"yunohost": ">= 3.0.0"
},
"multi_instance": false,
"multi_instance": true,
"services": [
"nginx"
],
......@@ -45,6 +45,14 @@
},
"default": true
},
{
"name": "allow_scopes",
"type": "boolean",
"ask": {
"en": "Should message scopes be enabled on the Pleroma-FE? (Scopes are always available through the Mastodon-FE)"
},
"default": false
},
{
"name": "instance_user",
"ask": {
......
SELECT pg_terminate_backend(pg_stat_activity.pid)
FROM pg_stat_activity
WHERE pg_stat_activity.datname = '{DB_NAME}'
AND pid <> pg_backend_pid();
REVOKE ALL PRIVILEGES ON ALL TABLES IN {DB_NAME} public FROM {APP};
REVOKE ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public FROM {APP};
REVOKE ALL PRIVILEGES ON ALL FUNCTIONS IN SCHEMA public FROM {APP};
REVOKE ALL PRIVILEGES ON SCHEMA public FROM {APP};
DROP DATABASE IF EXISTS {DB_NAME};
DROP USER {APP};
......@@ -59,7 +59,7 @@ ynh_backup "$final_path"
# BACKUP LOGROTATE
#=================================================
ynh_backup "/etc/logrotate.d/$app"
#ynh_backup "/etc/logrotate.d/$app"
#=================================================
# BACKUP SYSTEMD
......
#!/bin/bash
# yunohost app install --debug ./pleroma_ynh/ --args "domain=plrm.spectral.pirate&instance_name=pirate&is_public=yes&allow_scopes=no&instance_user=spctrl&instance_user_password=neutrinet&instance_user_password_verify=neutrinet&instance_user_mail=me@pl.ma"
#=================================================
# GENERIC START
#=================================================
......@@ -28,15 +28,16 @@ instance_user_password_verify=$YNH_APP_ARG_INSTANCE_USER_PASSWORD_VERIFY
instance_user_mail=$YNH_APP_ARG_INSTANCE_USER_MAIL
email=$instance_user_mail
is_public=$YNH_APP_ARG_IS_PUBLIC
allow_scopes=$YNH_APP_ARG_ALLOW_SCOPES
app=$YNH_APP_INSTANCE_NAME
db_name="pleroma_dev" # TODO: Change this to $app when DB-name can be easily chosen. see: https://git.pleroma.social/pleroma/pleroma/merge_requests/243
db_name=$app
#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
if [ $instance_user_password != $instance_user_password_verify ]
then ynh_die "Passwords didn't match"
then ynh_die "Passwords didn't match"
fi
final_path=/var/www/$app
......@@ -50,13 +51,18 @@ ynh_webpath_available $domain $path_url
# Register (book) web path
ynh_webpath_register $app $domain $path_url
# Find a free port
port=$(ynh_find_port 4000)
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
ynh_app_setting_set $app domain $domain
ynh_app_setting_set $app path $path_url
ynh_app_setting_set $app port $port
ynh_app_setting_set $app is_public $is_public
ynh_app_setting_set $app allow_scopes $allow_scopes
ynh_app_setting_set $app final_path $final_path
ynh_app_setting_set $app db_name $db_name
......@@ -79,7 +85,6 @@ then
rm erlang_solutions.asc
fi
apt-get update
# TODO: For some reason I get an error during update the first time I try to install this. The second time it only gets 19 things instead of 51. Do I do something wrong when adding erlang-solution?
ynh_install_app_dependencies git build-essential postgresql-9.6 postgresql-contrib-9.6 elixir erlang-dev erlang-parsetools erlang-xmerl erlang-tools esl-erlang
#=================================================
......@@ -94,9 +99,10 @@ useradd $app --home-dir=$final_path
#=================================================
git clone https://git.pleroma.social/pleroma/pleroma $final_path/pleroma
# TODO: replace the generate_config file with a modified one to have it non-interactive
# There's a merge comming in Pleroma that makes it all non-interactive
# replace the generate_config file with a modified one to have it non-interactive
# TODO: there's a merge comming in Pleroma that makes it all non-interactive
# https://git.pleroma.social/pleroma/pleroma/merge_requests/243
# this will simplify this whole block
cp ../conf/generate_config.ex $final_path/pleroma/lib/mix/tasks/generate_config.ex
chown -R $app: $final_path
......@@ -104,8 +110,23 @@ ynh_replace_string "{DOMAIN}" "$domain" "$final_path/pleroma/lib/mix/tasks/gener
ynh_replace_string "{SERVER_NAME}" "$server_name" "$final_path/pleroma/lib/mix/tasks/generate_config.ex"
ynh_replace_string "{EMAIL}" "$email" "$final_path/pleroma/lib/mix/tasks/generate_config.ex"
# Compile and build the Pleroma instance
su - $app -c "cd $final_path/pleroma;mix local.hex --force;mix deps.get;mix local.rebar --force;mix generate_config;cp config/generated_config.exs config/prod.secret.exs;"
# Replace the default Pleroma variables in the config files whit the ones to use on ynh
ynh_replace_string "pleroma" "PLACEHOLDER" "$final_path/pleroma/config/setup_db.psql"
ynh_replace_string "PLACEHOLDER_dev" "$db_name" "$final_path/pleroma/config/setup_db.psql"
ynh_replace_string "PLACEHOLDER" "$app" "$final_path/pleroma/config/setup_db.psql"
ynh_replace_string "username: \"pleroma\"" "username: \"$app\"" "$final_path/pleroma/config/generated_config.exs"
ynh_replace_string "pleroma_dev" "$db_name" "$final_path/pleroma/config/generated_config.exs"
ynh_replace_string "username: \"pleroma\"" "username: \"$app\"" "$final_path/pleroma/config/prod.secret.exs"
ynh_replace_string "pleroma_dev" "$db_name" "$final_path/pleroma/config/prod.secret.exs"
ynh_replace_string "port: 4000" "port: $port" "$final_path/pleroma/config/prod.exs"
ynh_replace_string "port: 4000" "port: $port" "$final_path/pleroma/config/dev.exs"
# Check that there are no unreplaced variables in the generated config files
cat $final_path/pleroma/config/generated_config.exs | grep "<%= .* %>" && ynh_die "$final_path/pleroma/config/generated_config.exs has unset variables"
cat $final_path/pleroma/config/setup_db.psql | grep "<%= .* %>" && ynh_die "$final_path/pleroma/config/setup_db.psql has unset variables"
......@@ -114,7 +135,7 @@ cat $final_path/pleroma/config/setup_db.psql | grep "<%= .* %>" && ynh_die "$fin
# CREATE A POSTGRESQL DATABASE
#=================================================
# Fail installation if database already exists.
# Fail installation if database already exists
! su - postgres -c "psql -lqt" | cut -d \| -f 1 | grep -ws $db_name || ynh_die 'The database $db_name already exists'
chmod +x $final_path/pleroma/config/setup_db.psql
......@@ -130,16 +151,44 @@ su - $app -c "cd $final_path/pleroma;mix local.rebar --force;mix local.hex --for
# CUSTOM PLEROMA CONFIGURATION
#=================================================
if ! [ $is_public -eq 1 ]
# Check and set registrations open/closed
if [ $is_public -eq 1 ]
then
ynh_replace_string " registrations_open: true" " registrations_open: false" "$final_path/pleroma/config/prod.secret.exs"
ynh_replace_string "registrations_open: false" "registrations_open: true" "$final_path/pleroma/config/prod.secret.exs"
else
ynh_replace_string "registrations_open: true" "registrations_open: false" "$final_path/pleroma/config/prod.secret.exs"
fi
# TODO: To be tested!
# Check if scope setting is already in the file
if ! ( cat "$final_path/pleroma/config/prod.secret.exs" | grep "scope_options_enabled: " )
then
if ( cat "$final_path/pleroma/config/prod.secret.exs" | grep "config :pleroma, :fe," )
then
# The scope option is not in the config file. The _config :pleroma, :fe_ is already in the file, so we add the _scope enabled_ option
# Note that we leave a trailling comma. Since _config :pleroma, :fe_ is in the file, we know that there is at least one option for it as well.
ynh_replace_string "config :pleroma, :fe," "config :pleroma, :fe,\r\n scope_options_enabled: false," "$final_path/pleroma/config/prod.secret.exs"
else
# Neither the scope option nor the pleroma fe config is in the file, so we add both
# There isn't a second option, so no trailing comma
echo "config :pleroma, :fe," >> "$final_path/pleroma/config/prod.secret.exs"
echo " scope_options_enabled: false" >> "$final_path/pleroma/config/prod.secret.exs"
fi
fi
# Check and set scopes on/off
if [ $allow_scopes -eq 1 ]
then
ynh_replace_string "scope_options_enabled: false" "scope_options_enabled: true" "$final_path/pleroma/config/prod.secret.exs"
else
ynh_replace_string "scope_options_enabled: true" "scope_options_enabled: false" "$final_path/pleroma/config/prod.secret.exs"
fi
#=================================================
# ADD USER TO INSTANCE
#=================================================
# the tasks fails, so I have to set the the pasword for the postgresql DB-user first.
# The tasks fails, so I have to set the the pasword for the postgresql DB-user first
sudo -u postgres psql -c "ALTER USER postgres PASSWORD 'postgres';"
su - $app -c "cd $final_path/pleroma; MIX_ENV=prod mix local.hex --force; MIX_ENV=prod mix register_user $instance_user $instance_user $instance_user_mail 'Moderator of this instance' $instance_user_password; MIX_ENV=prod mix set_moderator $instance_user true;"
......@@ -148,12 +197,16 @@ su - $app -c "cd $final_path/pleroma; MIX_ENV=prod mix local.hex --force; MIX_EN
#=================================================
cp -rf "../conf/nginx.conf" "/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_replace_string "{APP}" "$app" "/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_replace_string "{PORT}" "$port" "/etc/nginx/conf.d/$domain.d/$app.conf"
cp -rf "../conf/pleroma_cache.conf" "/etc/nginx/conf.d/$app-cache.conf"
ynh_replace_string "{APP}" "$app" "/etc/nginx/conf.d/$app-cache.conf"
ynh_store_file_checksum "/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# SETUP SYSTEMD
#=================================================
systemd_location=/usr/lib/systemd/system
mkdir --parents $systemd_location
cp ../conf/pleroma.service $systemd_location/$app.service
......@@ -166,8 +219,9 @@ systemctl enable --now $app.service
# SETUP LOGROTATE
#=================================================
# TODO: figure out what to do with this
# Use logrotate to manage application logfile(s)
ynh_use_logrotate
# ynh_use_logrotate
#=================================================
# ADVERTISE SERVICE IN ADMIN PANEL
......@@ -191,6 +245,7 @@ systemctl reload nginx
# Restart 'cause I always have an internal server error the first time.
sleep 10
systemctl restart nginx
systemctl restart $app
echo "If you're not afraid of the terminal, check out https://git.pleroma.social/pleroma/pleroma/wikis/home to see what more you can do with your awesome instance!"
......@@ -47,7 +47,16 @@ fi
# REMOVE THE DATABASE
#=================================================
# TODO: I wrote this in a script an ran that, but it failed and I don't know why, so I 'fixed' it like this.
PLSQL_HOME= #get postgres user home
cp -rf "./_remove_db.sql" "$PLSQL_HOME/drop_$db_name.psql"
ynh_replace_string "{APP}" "$app" "$PLSQL_HOME/drop_$db_name.psql"
ynh_replace_string "{DB_NAME}" "$db_name" "$PLSQL_HOME/drop_$db_name.psql"
chown postgres: $PLSQL_HOME/drop_$db_name.psql
su - postgres -c "psql -f drop_$db_name.psql"
rm $PLSQL_HOME/drop_$db_name.psql
# TODO: old way in case previous didn't work
su - postgres -c "
touch drop_$db_name.psql
> drop_$db_name.psql
......@@ -65,6 +74,8 @@ psql -f drop_$db_name.psql
rm drop_$db_name.psql
"
#=================================================
# REMOVE APP MAIN DIR
#=================================================
......@@ -83,7 +94,7 @@ rm /etc/nginx/conf.d/$app-cache.conf
#=================================================
# Remove the app-specific logrotate config
ynh_remove_logrotate
#ynh_remove_logrotate
#=================================================
# REMOVE DEPENDENCIES
......
#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get $app domain)
final_path=$(ynh_app_setting_get $app final_path)
db_name=$(ynh_app_setting_get $app db_name)
#=================================================
# STANDARD REMOVE
#=================================================
# STOP AND REMOVE SERVICE
#=================================================
# Remove the dedicated systemd config
ynh_remove_systemd_config
systemctl disable $app
rm /etc/systemd/system/$app.service
rm /etc/systemd/system/$app.service.d
rm /usr/lib/systemd/system/$app.service
rm /usr/lib/systemd/system/$app.service.d
#=================================================
# REMOVE SERVICE FROM ADMIN PANEL
#=================================================
if yunohost service status | grep -q $app
then
echo "Remove $app service"
yunohost service remove $app
fi
#=================================================
# REMOVE THE DATABASE
#=================================================
PLSQL_HOME= #get postgres user home
cp -rf "./_remove_db.sql" "$PLSQL_HOME/drop_$db_name.psql"
ynh_replace_string "{APP}" "$app" "$PLSQL_HOME/drop_$db_name.psql"
ynh_replace_string "{DB_NAME}" "$db_name" "$PLSQL_HOME/drop_$db_name.psql"
chown postgres: $PLSQL_HOME/drop_$db_name.psql
su - postgres -c "psql -f drop_$db_name.psql"
rm $PLSQL_HOME/drop_$db_name.psql
# TODO: old way in case previous didn't work
su - postgres -c "
touch drop_$db_name.psql
> drop_$db_name.psql
echo 'SELECT pg_terminate_backend(pg_stat_activity.pid)' >> drop_$db_name.psql
echo FROM pg_stat_activity >> drop_$db_name.psql
echo WHERE pg_stat_activity.datname = \'$db_name\' >> drop_$db_name.psql
echo ' AND pid <> pg_backend_pid();' >> drop_$db_name.psql
echo 'REVOKE ALL PRIVILEGES ON ALL TABLES IN $db_name public FROM $app;' >> drop_$db_name.psql
echo 'REVOKE ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public FROM $app;' >> drop_$db_name.psql
echo 'REVOKE ALL PRIVILEGES ON ALL FUNCTIONS IN SCHEMA public FROM $app;' >> drop_$db_name.psql
echo 'REVOKE ALL PRIVILEGES ON SCHEMA public FROM $app;' >> drop_$db_name.psql
echo 'DROP DATABASE IF EXISTS $db_name;' >> drop_$db_name.psql
echo 'DROP USER $app;' >> drop_$db_name.psql
psql -f drop_$db_name.psql
rm drop_$db_name.psql
"
#=================================================
# REMOVE APP MAIN DIR
#=================================================
ynh_secure_remove "$final_path"
#=================================================
# REMOVE NGINX CONFIGURATION
#=================================================
ynh_remove_nginx_config
rm /etc/nginx/conf.d/$app-cache.conf
#=================================================
# REMOVE LOGROTATE CONFIGURATION
#=================================================
# Remove the app-specific logrotate config
#ynh_remove_logrotate
#=================================================
# REMOVE DEPENDENCIES
#=================================================
# Remove metapackage and its dependencies
ynh_remove_app_dependencies
#=================================================
# SPECIFIC REMOVE
#=================================================
# REMOVE THE CRON FILE
#=================================================
# Remove the log files
ynh_secure_remove "/var/log/$app/"
# Remove the app folder
rm -rf "$final_path"
#=================================================
# GENERIC FINALIZATION
#=================================================
# REMOVE DEDICATED USER
#=================================================
# Delete the system user
userdel -f $app
......@@ -110,7 +110,7 @@ yunohost service add $app --log "/var/log/$app/APP.log"
# RESTORE THE LOGROTATE CONFIGURATION
#=================================================
ynh_restore_file "/etc/logrotate.d/$app"
#ynh_restore_file "/etc/logrotate.d/$app"
#=================================================
# SETUP SSOWAT
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment