„create.sh“ ändern
parent
e5359b8f46
commit
274d027aae
118
create.sh
118
create.sh
|
|
@ -1,48 +1,73 @@
|
|||
#/bin/bash
|
||||
# https://sleeplessbeastie.eu/2022/05/02/how-to-take-advantage-of-docker-to-install-mastodon/
|
||||
# inspiration to make an automated script
|
||||
#!/bin/bash
|
||||
|
||||
## CHANGE
|
||||
DOMAIN=REPLACE.to.your.domain
|
||||
USER=setYOURuser
|
||||
EMAIL=your@user.email
|
||||
|
||||
## UPDATE SYSTEM
|
||||
apt update
|
||||
apt upgrade
|
||||
|
||||
## setup repo
|
||||
apt-get install \
|
||||
ca-certificates \
|
||||
curl \
|
||||
gnupg \
|
||||
lsb-release -y
|
||||
|
||||
mkdir -p /etc/apt/keyrings
|
||||
curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
|
||||
|
||||
|
||||
|
||||
echo \
|
||||
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian \
|
||||
$(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
|
||||
|
||||
apt-get update
|
||||
apt-get install nginx docker-ce docker-ce-cli containerd.io docker-compose-plugin docker-compose -y
|
||||
|
||||
## increase mapareas
|
||||
echo "vm.max_map_count=262144" | sudo tee /etc/sysctl.d/90-max_map_count.conf
|
||||
sysctl --load /etc/sysctl.d/90-max_map_count.conf
|
||||
echo "vm.max_map_count=262144" | tee /etc/sysctl.d/90-max_map_count.conf
|
||||
systemctl --load /etc/sysctl.d/90-max_map_count.conf
|
||||
|
||||
## DOCKER
|
||||
# apt install docker.io docker-compose
|
||||
#
|
||||
|
||||
echo Set Domain:
|
||||
read DOMAIN
|
||||
echo Setup for $DOMAIN
|
||||
|
||||
echo Create Folders
|
||||
mkdir -p/opt/mastodon/
|
||||
|
||||
mkdir -p /opt/mastodon/database/{postgresql,redis,elasticsearch}
|
||||
mkdir -p /opt/mastodon/web/{public,system}
|
||||
|
||||
echo Set Permissions
|
||||
chown 991:991 /opt/mastodon/web/{public,system}
|
||||
chown 1000 /opt/mastodon/database/elasticsearch
|
||||
|
||||
echo Change into folder
|
||||
cd /opt/mastodon
|
||||
echo Download docker compose
|
||||
wget https://git.dev-c.at/Theenoro/mastodon-docker-stack/raw/branch/main/docker-compose.yml
|
||||
|
||||
echo Create ENV Files
|
||||
touch /opt/mastodon/application.env
|
||||
touch /opt/mastodon/database.env
|
||||
|
||||
echo Generate Keys and Secrets
|
||||
|
||||
docker-compose -f /opt/mastodon/docker-compose.yml run --rm shell bundle exec rake secret
|
||||
|
||||
SECRET_KEY_BASE=$(docker-compose -f /opt/mastodon/docker-compose.yml run --rm shell bundle exec rake secret)
|
||||
OTP_SECRET=$(docker-compose -f /opt/mastodon/docker-compose.yml run --rm shell bundle exec rake secret)
|
||||
|
||||
docker-compose -f /opt/mastodon/docker-compose.yml run --rm shell bundle exec rake mastodon:webpush:generate_vapid_key > /tmp/tmpFileCode
|
||||
VAPID_PRIVATE_KEY=$(awk '/VAPID_PRIVATE_KEY=([A-z0-9=]*)/{gsub("VAPID_PRIVATE_KEY=","",$0);print $0}' /tmp/tmpFileCode)
|
||||
|
||||
VAPID_PUBLIC_KEY=$(awk '/VAPID_PUBLIC_KEY=([A-z0-9=]*)/{gsub("VAPID_PUBLIC_KEY=","",$0);print $0}' /tmp/tmpFileCode)
|
||||
rm /tmp/tmpFileCode
|
||||
|
||||
cat << EOF | sudo tee /opt/mastodon/application.env
|
||||
echo Fill application.env
|
||||
cat << EOF | tee /opt/mastodon/application.env
|
||||
# environment
|
||||
RAILS_ENV=production
|
||||
NODE_ENV=production
|
||||
|
|
@ -79,20 +104,60 @@ VAPID_PRIVATE_KEY=$VAPID_PRIVATE_KEY
|
|||
VAPID_PUBLIC_KEY=$VAPID_PUBLIC_KEY
|
||||
EOF
|
||||
|
||||
### TODO: edit here!!
|
||||
POSTGRES_PASSWORD=$(docker-compose -f /opt/mastodon/docker-compose.yml run --rm shell bundle exec rake secret)
|
||||
ELASTIC_PASSWORD=$(docker-compose -f /opt/mastodon/docker-compose.yml run --rm shell bundle exec rake secret)
|
||||
DB_PASS=$(docker-compose -f /opt/mastodon/docker-compose.yml run --rm shell bundle exec rake secret)
|
||||
|
||||
cat << EOF | tee /opt/mastodon/database.env
|
||||
# postgresql configuration
|
||||
POSTGRES_USER=mastodon
|
||||
POSTGRES_DB=mastodon_production
|
||||
POSTGRES_PASSWORD=$POSTGRES_PASSWORD
|
||||
|
||||
# pgbouncer configuration
|
||||
#POOL_MODE=transaction
|
||||
#ADMIN_USERS=postgres,mastodon
|
||||
#DATABASE_URL="postgres://mastodon:O6lOD6nF2LbhhJs1e7QL@postgresql:5432/mastodon_production"
|
||||
|
||||
# elasticsearch
|
||||
ES_JAVA_OPTS=-Xms512m -Xmx512m
|
||||
ELASTIC_PASSWORD=$ELASTIC_PASSWORD
|
||||
|
||||
# mastodon database configuration
|
||||
#DB_HOST=pgbouncer
|
||||
DB_HOST=postgresql
|
||||
DB_USER=mastodon
|
||||
DB_NAME=mastodon_production
|
||||
DB_PASS=$DB_PASS
|
||||
DB_PORT=5432
|
||||
|
||||
REDIS_HOST=redis
|
||||
REDIS_PORT=6379
|
||||
|
||||
CACHE_REDIS_HOST=redis-volatile
|
||||
CACHE_REDIS_PORT=6379
|
||||
|
||||
ES_ENABLED=true
|
||||
ES_HOST=elasticsearch
|
||||
ES_PORT=9200
|
||||
ES_USER=elastic
|
||||
ES_PASS=$ELASTIC_PASSWORD
|
||||
EOF
|
||||
|
||||
|
||||
|
||||
chmod 777 /opt/mastodon/web/public
|
||||
docker volume create --opt type=none --opt device=/opt/mastodon/web/public --opt o=bind temporary_static
|
||||
docker run --rm -v "temporary_static:/static" tootsuite/mastodon:v3.5.1 bash -c "cp -r /opt/mastodon/public/* /static/"
|
||||
chmod 744 /opt/mastodon/web/public
|
||||
|
||||
mkdir -p /etc/nginx/ssl/
|
||||
openssl req -subj "/commonName=$DOMAIN/" -x509 -nodes -days 730 -newkey rsa:2048 -keyout /etc/nginx/ssl/$DOMAIN.key -out /etc/nginx/ssl/$DOMAIN.crt
|
||||
|
||||
|
||||
echo Fill application.env
|
||||
|
||||
openssl req -subj "/commonName=test.dockersrv02.int/" -x509 -nodes -days 730 -newkey rsa:2048 -keyout /etc/nginx/ssl/test.dockersrv02.int.key -out /etc/nginx/ssl/test.dockersrv02.int.crt
|
||||
|
||||
|
||||
|
||||
cat << 'EOF' | sudo tee /etc/nginx/sites-available/mastodon
|
||||
cat << 'EOF' | tee /etc/nginx/sites-available/mastodon
|
||||
map $http_upgrade $connection_upgrade {
|
||||
default upgrade;
|
||||
'' close;
|
||||
|
|
@ -124,8 +189,8 @@ server {
|
|||
ssl_session_cache shared:SSL:10m;
|
||||
ssl_session_tickets off;
|
||||
|
||||
ssl_certificate /etc/nginx/ssl/test.dockersrv02.int.crt;
|
||||
ssl_certificate_key /etc/nginx/ssl/test.dockersrv02.int.key;
|
||||
ssl_certificate /etc/nginx/ssl/REPLACEDOMAIN.crt;
|
||||
ssl_certificate_key /etc/nginx/ssl/REPLACEDOMAIN.key;
|
||||
|
||||
keepalive_timeout 70;
|
||||
sendfile on;
|
||||
|
|
@ -213,9 +278,6 @@ server {
|
|||
}
|
||||
EOF
|
||||
sed -i "s/REPLACEDOMAIN/$DOMAIN/" /etc/nginx/sites-available/mastodon
|
||||
|
||||
|
||||
|
||||
ln -s /etc/nginx/sites-available/mastodon /etc/nginx/sites-enabled/
|
||||
systemctl restart nginx
|
||||
|
||||
|
|
@ -225,7 +287,7 @@ docker-compose -f /opt/mastodon/docker-compose.yml pull
|
|||
|
||||
|
||||
|
||||
cat << EOF | sudo tee /etc/systemd/system/mastodon.service
|
||||
cat << EOF | tee /etc/systemd/system/mastodon.service
|
||||
[Unit]
|
||||
Description=Mastodon service
|
||||
After=docker.service
|
||||
|
|
@ -258,6 +320,10 @@ systemctl enable --now mastodon.service
|
|||
|
||||
docker-compose -f /opt/mastodon/docker-compose.yml ps
|
||||
|
||||
docker-compose -f /opt/mastodon/docker-compose.yml run --rm shell bin/tootctl accounts create TESTUSER --email TESTUSER@test.int --confirmed --role admin
|
||||
|
||||
docker-compose -f /opt/mastodon/docker-compose.yml run --rm shell bin/tootctl settings registrations close
|
||||
|
||||
docker-compose -f /opt/mastodon/docker-compose.yml run --rm shell bin/tootctl accounts create $USER --email $EMAIL --confirmed --role admin >> ./output.log
|
||||
|
||||
docker-compose -f /opt/mastodon/docker-compose.yml run --rm shell bin/tootctl settings registrations close
|
||||
|
||||
cat ./output.log
|
||||
Loading…
Reference in New Issue