Spaces:

OmniGroup
/

W

Runtime error

App Files Files Community

W / init.sh

madibaalbert

Upload 3 files

e84e0e9 verified 13 days ago

raw

history blame contribute delete

12.5 kB

	#!/bin/bash
	set -e

	echo "=========================================="
	echo " MASTODON ALL-IN-ONE - Initialisation"
	echo "=========================================="

	export RBENV_ROOT=/usr/local/rbenv
	export PATH="/usr/local/rbenv/shims:/usr/local/rbenv/bin:$PATH"

	# ---------------------------------------------------------------------------
	# 0. Permissions
	# ---------------------------------------------------------------------------
	echo "[0/8] Correction des permissions sur /data..."
	mkdir -p /data/postgresql /data/redis /data/mastodon/public/system /data/mastodon/tmp

	chown -R postgres:postgres /data/postgresql 2>/dev/null \|\| true
	chmod 700 /data/postgresql 2>/dev/null \|\| true
	chown -R redis:redis /data/redis
	chown -R mastodon:mastodon /data/mastodon

	mkdir -p /var/run/postgresql /var/log/postgresql
	chown postgres:postgres /var/run/postgresql /var/log/postgresql

	echo " Permissions OK"

	# ---------------------------------------------------------------------------
	# 1. Nettoyage crash PostgreSQL
	# ---------------------------------------------------------------------------
	if [ -f /data/postgresql/postmaster.pid ]; then
	echo "[1/8] Nettoyage postmaster.pid residuel..."
	rm -f /data/postgresql/postmaster.pid
	fi

	# ---------------------------------------------------------------------------
	# 2. Vérification / réinitialisation PostgreSQL
	# ---------------------------------------------------------------------------
	NEED_INIT=false

	if [ ! -f /data/postgresql/PG_VERSION ]; then
	echo "[2/8] Premier demarrage detecte."
	NEED_INIT=true
	fi

	if [ -f /data/postgresql/.force_reinit ]; then
	echo "[2/8] Reinitialisation forcee demandee."
	rm -rf /data/postgresql/*
	rm -f /data/postgresql/.force_reinit
	NEED_INIT=true
	fi

	if [ "$NEED_INIT" = "false" ]; then
	for critical in pg_notify pg_wal pg_commit_ts pg_dynshmem pg_logical pg_replslot pg_serial pg_snapshots pg_stat pg_stat_tmp pg_subtrans pg_tblspc pg_twophase global base; do
	if [ ! -d "/data/postgresql/$critical" ]; then
	echo "[2/8] CORRUPTION DETECTEE : repertoire '$critical' manquant."
	echo " Suppression et reinitialisation de PostgreSQL..."
	rm -rf /data/postgresql/*
	NEED_INIT=true
	break
	fi
	done
	fi

	if [ "$NEED_INIT" = "true" ]; then
	echo " Initialisation de PostgreSQL..."
	su - postgres -c "/usr/lib/postgresql/15/bin/initdb -D /data/postgresql --locale=C --encoding=UTF8"

	echo "unix_socket_directories = '/var/run/postgresql'" >> /data/postgresql/postgresql.conf
	mkdir -p /var/run/postgresql
	chown postgres:postgres /var/run/postgresql

	su - postgres -c "/usr/lib/postgresql/15/bin/pg_ctl -D /data/postgresql -l /var/log/postgresql/init.log start"
	sleep 3

	RETRIES=0
	until su - postgres -c "psql -c '\\q'" >/dev/null 2>&1; do
	RETRIES=$((RETRIES+1))
	if [ $RETRIES -gt 30 ]; then
	echo " ERREUR : PostgreSQL ne demarre pas apres 30s."
	su - postgres -c "/usr/lib/postgresql/15/bin/pg_ctl -D /data/postgresql stop" \|\| true
	exit 1
	fi
	echo " Attente de PostgreSQL... ($RETRIES/30)"
	sleep 1
	done

	su - postgres -c "psql -c \"CREATE USER mastodon WITH PASSWORD 'mastodon';\""
	su - postgres -c "psql -c \"CREATE DATABASE mastodon_production OWNER mastodon ENCODING 'UTF8' TEMPLATE template0;\""
	su - postgres -c "psql -c \"CREATE EXTENSION pg_trgm;\" mastodon_production"
	su - postgres -c "psql -c \"CREATE EXTENSION unaccent;\" mastodon_production"
	su - postgres -c "psql -c \"CREATE EXTENSION pgcrypto;\" mastodon_production"

	su - postgres -c "/usr/lib/postgresql/15/bin/pg_ctl -D /data/postgresql stop"
	echo " PostgreSQL initialise."
	else
	echo "[2/8] PostgreSQL deja initialise et sain."
	fi

	# ---------------------------------------------------------------------------
	# 3. Permissions PG finales
	# ---------------------------------------------------------------------------
	echo "[3/8] Verification des permissions PostgreSQL..."
	chown -R postgres:postgres /data/postgresql 2>/dev/null \|\| true
	chmod 700 /data/postgresql 2>/dev/null \|\| true
	mkdir -p /var/run/postgresql
	chown postgres:postgres /var/run/postgresql
	echo " OK"

	# ---------------------------------------------------------------------------
	# 4. Secrets & .env.production
	# ---------------------------------------------------------------------------
	echo "[4/8] Configuration de Mastodon (.env.production)..."

	LOCAL_DOMAIN="${MASTODON_LOCAL_DOMAIN:-__CHANGE_ME__}"
	ADMIN_EMAIL="${MASTODON_ADMIN_EMAIL:-__CHANGE_ME__}"
	ADMIN_PASSWORD="${MASTODON_ADMIN_PASSWORD:-__CHANGE_ME__}"

	if [ -z "$SECRET_KEY_BASE" ]; then
	SECRET_KEY_BASE=$(openssl rand -hex 64)
	echo " SECRET_KEY_BASE genere."
	fi
	if [ -z "$OTP_SECRET" ]; then
	OTP_SECRET=$(openssl rand -hex 64)
	echo " OTP_SECRET genere."
	fi

	if [ -z "$ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY" ]; then
	ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY=$(openssl rand -hex 32)
	echo " ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY genere."
	fi
	if [ -z "$ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY" ]; then
	ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=$(openssl rand -hex 32)
	echo " ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY genere."
	fi
	if [ -z "$ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT" ]; then
	ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=$(openssl rand -hex 32)
	echo " ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT genere."
	fi

	if [ -z "$VAPID_PRIVATE_KEY" ] \|\| [ -z "$VAPID_PUBLIC_KEY" ]; then
	echo " Generation des cles VAPID..."
	VAPID_JSON=$(su - mastodon -c 'cd /opt/mastodon && export PATH="/usr/local/rbenv/shims:/usr/local/rbenv/bin:$PATH" && bundle exec ruby -e "require \"webpush\"; v = WebPush.generate_key; puts({public: v.public_key, private: v.private_key}.to_json)"' 2>/dev/null \|\| echo "")
	if [ -n "$VAPID_JSON" ]; then
	VAPID_PUBLIC_KEY=$(echo "$VAPID_JSON" \| ruby -rjson -e 'puts JSON.parse(STDIN.read)["public"]')
	VAPID_PRIVATE_KEY=$(echo "$VAPID_JSON" \| ruby -rjson -e 'puts JSON.parse(STDIN.read)["private"]')
	fi
	fi

	cat > /opt/mastodon/.env.production <<EOF
	RAILS_ENV=production
	NODE_ENV=production

	LOCAL_DOMAIN=$LOCAL_DOMAIN
	SINGLE_USER_MODE=false

	SECRET_KEY_BASE=$SECRET_KEY_BASE
	OTP_SECRET=$OTP_SECRET

	ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY=$ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY
	ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=$ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY
	ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=$ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT

	VAPID_PRIVATE_KEY=$VAPID_PRIVATE_KEY
	VAPID_PUBLIC_KEY=$VAPID_PUBLIC_KEY

	DB_POOL=25
	DB_HOST=/var/run/postgresql
	DB_PORT=5432
	DB_NAME=mastodon_production
	DB_USER=mastodon
	DB_PASS=mastodon

	REDIS_HOST=127.0.0.1
	REDIS_PORT=6379
	REDIS_PASSWORD=

	PAPERCLIP_ROOT_PATH=/data/mastodon/public/system
	PAPERCLIP_ROOT_URL=/system

	S3_ENABLED=false

	SMTP_SERVER=
	SMTP_PORT=587
	SMTP_LOGIN=
	SMTP_PASSWORD=
	SMTP_FROM_ADDRESS=
	SMTP_DELIVERY_METHOD=none
	SMTP_AUTH_METHOD=none
	SMTP_OPENSSL_VERIFY_MODE=none
	SMTP_ENABLE_STARTTLS_AUTO=false

	STREAMING_API_BASE_URL=wss://$LOCAL_DOMAIN

	BIND=0.0.0.0
	PORT=3000
	STREAMING_PORT=4000
	EOF

	chown mastodon:mastodon /opt/mastodon/.env.production
	chmod 600 /opt/mastodon/.env.production
	echo " .env.production cree."

	# ---------------------------------------------------------------------------
	# 5. Précompilation des assets
	# ---------------------------------------------------------------------------
	echo "[5/8] Precompilation des assets..."
	if [ ! -f /data/mastodon/.assets_precompiled ] \|\| [ -f /data/mastodon/.force_recompile ]; then
	su - mastodon -c 'cd /opt/mastodon && export PATH="/usr/local/rbenv/shims:/usr/local/rbenv/bin:$PATH" && export RAILS_ENV=production && bundle exec rails assets:precompile' && \
	touch /data/mastodon/.assets_precompiled && \
	rm -f /data/mastodon/.force_recompile
	echo " Assets precompiles."
	else
	echo " Assets deja presents."
	fi

	# ---------------------------------------------------------------------------
	# 6. Demarrage temporaire de PostgreSQL pour les ops DB
	# ---------------------------------------------------------------------------
	echo "[6/8] Demarrage temporaire de PostgreSQL..."
	su - postgres -c "/usr/lib/postgresql/15/bin/pg_ctl -D /data/postgresql -l /var/log/postgresql/init.log start"
	sleep 3

	RETRIES=0
	until su - postgres -c "psql -c '\\q'" >/dev/null 2>&1; do
	RETRIES=$((RETRIES+1))
	if [ $RETRIES -gt 30 ]; then
	echo " ERREUR : PostgreSQL ne demarre pas apres 30s."
	su - postgres -c "/usr/lib/postgresql/15/bin/pg_ctl -D /data/postgresql stop" \|\| true
	exit 1
	fi
	echo " Attente de PostgreSQL... ($RETRIES/30)"
	sleep 1
	done
	echo " PostgreSQL pret."

	# ---------------------------------------------------------------------------
	# 7. Base de données Mastodon + compte admin
	# ---------------------------------------------------------------------------
	echo "[7/8] Verification de la base de données Mastodon..."

	DB_EXISTS=$(su - postgres -c "psql -tAc \"SELECT 1 FROM pg_database WHERE datname='mastodon_production';\"" \|\| echo "")
	if [ "$DB_EXISTS" = "1" ]; then
	TABLE_EXISTS=$(su - postgres -c "psql -tAc \"SELECT to_regclass('public.accounts');\" mastodon_production" \|\| echo "")
	if [ -z "$TABLE_EXISTS" ]; then
	echo " DB existe mais est vide. Setup initial..."
	su - mastodon -c 'cd /opt/mastodon && export PATH="/usr/local/rbenv/shims:/usr/local/rbenv/bin:$PATH" && export RAILS_ENV=production && bundle exec rails db:schema:load db:seed'
	else
	echo " DB existante. Migration..."
	su - mastodon -c 'cd /opt/mastodon && export PATH="/usr/local/rbenv/shims:/usr/local/rbenv/bin:$PATH" && export RAILS_ENV=production && bundle exec rails db:migrate'
	fi
	else
	echo " Creation de la base..."
	su - postgres -c "psql -c \"CREATE DATABASE mastodon_production OWNER mastodon ENCODING 'UTF8' TEMPLATE template0;\""
	su - postgres -c "psql -c \"CREATE EXTENSION pg_trgm;\" mastodon_production"
	su - postgres -c "psql -c \"CREATE EXTENSION unaccent;\" mastodon_production"
	su - postgres -c "psql -c \"CREATE EXTENSION pgcrypto;\" mastodon_production"
	su - mastodon -c 'cd /opt/mastodon && export PATH="/usr/local/rbenv/shims:/usr/local/rbenv/bin:$PATH" && export RAILS_ENV=production && bundle exec rails db:schema:load db:seed'
	fi

	# Création du compte admin
	if [ -n "$ADMIN_EMAIL" ] && [ "$ADMIN_EMAIL" != "__CHANGE_ME__" ] && \
	[ -n "$ADMIN_PASSWORD" ] && [ "$ADMIN_PASSWORD" != "__CHANGE_ME__" ]; then
	echo " Creation du compte admin..."
	su - mastodon -c "cd /opt/mastodon && export PATH='/usr/local/rbenv/shims:/usr/local/rbenv/bin:$PATH' && export RAILS_ENV=production && bundle exec tootctl accounts create admin --email '$ADMIN_EMAIL' --password '$ADMIN_PASSWORD' --confirmed --role Owner" \|\| true
	fi

	echo " DB OK."

	# ---------------------------------------------------------------------------
	# 8. Arret propre de PostgreSQL avant Supervisor
	# ---------------------------------------------------------------------------
	echo "[8/8] Arret de PostgreSQL temporaire..."
	su - postgres -c "/usr/lib/postgresql/15/bin/pg_ctl -D /data/postgresql stop"
	echo " PostgreSQL arrete."

	# ---------------------------------------------------------------------------
	# 9. Vérification finale
	# ---------------------------------------------------------------------------
	echo "[9/9] Verification des variables critiques..."
	MISSING=0
	if [ "$LOCAL_DOMAIN" = "__CHANGE_ME__" ]; then
	echo " ⚠️ MASTODON_LOCAL_DOMAIN non configure !"
	MISSING=1
	fi
	if [ "$ADMIN_EMAIL" = "__CHANGE_ME__" ]; then
	echo " ⚠️ MASTODON_ADMIN_EMAIL non configure !"
	MISSING=1
	fi
	if [ "$ADMIN_PASSWORD" = "__CHANGE_ME__" ]; then
	echo " ⚠️ MASTODON_ADMIN_PASSWORD non configure !"
	MISSING=1
	fi
	if [ $MISSING -eq 1 ]; then
	echo ""
	echo " ⚠️ DES VARIABLES SONT MANQUANTES."
	echo " Va dans Settings → Variables d'environnement de ton Space HF."
	echo ""
	fi

	# ---------------------------------------------------------------------------
	# 10. Lancement Supervisor
	# ---------------------------------------------------------------------------
	echo "=========================================="
	echo " Lancement de Supervisor..."
	exec supervisord -c /etc/supervisor/conf.d/supervisord.conf