parent
38cac57301
commit
7a8efe59ce
@ -0,0 +1,2 @@
|
|||||||
|
calculate:default/amd64/20/server
|
||||||
|
../..
|
@ -0,0 +1,2 @@
|
|||||||
|
../../../../calculate/profiles/default/amd64/18/server
|
||||||
|
..
|
@ -0,0 +1,3 @@
|
|||||||
|
[main]
|
||||||
|
os_linux_name = 'Calculate Mastodon'
|
||||||
|
os_linux_shortname = 'mastodon'
|
@ -0,0 +1 @@
|
|||||||
|
..
|
@ -0,0 +1 @@
|
|||||||
|
# Calculate os_linux_shortname==mastodon cl_name==calculate-core append=skip
|
@ -0,0 +1 @@
|
|||||||
|
# Calculate env=install ac_install_merge==on mergepkg(www-servers/nginx)!= append=skip
|
@ -0,0 +1,2 @@
|
|||||||
|
# Calculate append=after path=/etc name=#-cut(2,.)-# grep(/etc/#-cut(2,.)-#,#-cut(1,.)-#)== protected
|
||||||
|
mastodon:x:1000:
|
@ -0,0 +1,2 @@
|
|||||||
|
# Calculate append=after path=/etc name=#-cut(2,.)-# grep(/etc/#-cut(2,.)-#,#-cut(1,.)-#)== protected
|
||||||
|
mastodon:x:1000:1000::/var/calculate/www/mastodon:/bin/bash
|
@ -0,0 +1,2 @@
|
|||||||
|
# Calculate append=after path=/etc name=#-cut(2,.)-# grep(/etc/#-cut(2,.)-#,#-cut(1,.)-#)== protected
|
||||||
|
mastodon:!:19425:0:99999:7:::
|
@ -0,0 +1,4 @@
|
|||||||
|
# Calculate path=/var/calculate/www/mastodon name=.bashrc comment=# chown=mastodon:mastodon
|
||||||
|
source ~/.node-live/bin/activate
|
||||||
|
export PATH="$HOME/.rbenv/bin:$PATH"
|
||||||
|
eval "$(rbenv init -)"
|
@ -0,0 +1,68 @@
|
|||||||
|
# Calculate path=/var/calculate/www/mastodon/live name=.env.production chown=mastodon:mastodon comment=# exists(/var/calculate/www/mastodon/live/.env.production.sample)!= protected
|
||||||
|
# https://docs.joinmastodon.org/admin/config/ for the full documentation.
|
||||||
|
|
||||||
|
# Federation
|
||||||
|
# ----------
|
||||||
|
# This identifies your server and cannot be changed safely later
|
||||||
|
# ----------
|
||||||
|
LOCAL_DOMAIN=example.com
|
||||||
|
|
||||||
|
# Redis
|
||||||
|
# -----
|
||||||
|
REDIS_HOST=localhost
|
||||||
|
REDIS_PORT=6379
|
||||||
|
|
||||||
|
# PostgreSQL
|
||||||
|
# ----------
|
||||||
|
DB_HOST=/var/run/postgresql
|
||||||
|
DB_USER=mastodon
|
||||||
|
DB_NAME=mastodon_production
|
||||||
|
DB_PASS=
|
||||||
|
DB_PORT=5432
|
||||||
|
|
||||||
|
# Elasticsearch (optional)
|
||||||
|
# ------------------------
|
||||||
|
#ES_ENABLED=true
|
||||||
|
#ES_HOST=localhost
|
||||||
|
#ES_PORT=9200
|
||||||
|
# Authentication for ES (optional)
|
||||||
|
#ES_USER=
|
||||||
|
#ES_PASS=
|
||||||
|
|
||||||
|
# Secrets
|
||||||
|
# -------
|
||||||
|
# Make sure to use `rake secret` to generate secrets
|
||||||
|
# -------
|
||||||
|
SECRET_KEY_BASE=
|
||||||
|
OTP_SECRET=
|
||||||
|
|
||||||
|
# Web Push
|
||||||
|
# --------
|
||||||
|
# Generate with `rake mastodon:webpush:generate_vapid_key`
|
||||||
|
# --------
|
||||||
|
VAPID_PRIVATE_KEY=
|
||||||
|
VAPID_PUBLIC_KEY=
|
||||||
|
|
||||||
|
# Sending mail
|
||||||
|
# ------------
|
||||||
|
SMTP_SERVER=
|
||||||
|
SMTP_PORT=587
|
||||||
|
SMTP_LOGIN=
|
||||||
|
SMTP_PASSWORD=
|
||||||
|
SMTP_FROM_ADDRESS=notifications@example.com
|
||||||
|
|
||||||
|
# File storage (optional)
|
||||||
|
# -----------------------
|
||||||
|
#S3_ENABLED=true
|
||||||
|
#S3_BUCKET=files.example.com
|
||||||
|
#AWS_ACCESS_KEY_ID=
|
||||||
|
#AWS_SECRET_ACCESS_KEY=
|
||||||
|
#S3_ALIAS_HOST=files.example.com
|
||||||
|
|
||||||
|
# IP and session retention
|
||||||
|
# -----------------------
|
||||||
|
# Make sure to modify the scheduling of ip_cleanup_scheduler in config/sidekiq.yml
|
||||||
|
# to be less than daily if you lower IP_RETENTION_PERIOD below two days (172800).
|
||||||
|
# -----------------------
|
||||||
|
#IP_RETENTION_PERIOD=31556952
|
||||||
|
#SESSION_RETENTION_PERIOD=31556952
|
@ -0,0 +1,15 @@
|
|||||||
|
# Calculate format=samba path=/var/calculate chmod=600 chown=mastodon:mastodon grep(/var/calculate/ini.env,local_domain)== protected
|
||||||
|
|
||||||
|
[mastodon]
|
||||||
|
local_domain=calculate.social
|
||||||
|
node=16.18.0
|
||||||
|
git_tag=4.1.1
|
||||||
|
ruby=3.0.4
|
||||||
|
login=owner
|
||||||
|
smtp_from_address=Mastodon <support@calculate.ru>
|
||||||
|
smtp_login=
|
||||||
|
smtp_password=
|
||||||
|
smtp_port=465
|
||||||
|
smtp_server=mail.spb.calculate.ru
|
||||||
|
|
||||||
|
|
@ -0,0 +1,22 @@
|
|||||||
|
# Calculate path=/etc/init.d name=#-cut(1,.)-# chmod=755 comment=# exists(/var/calculate/www/mastodon/.node-live)!=
|
||||||
|
#!/sbin/openrc-run
|
||||||
|
|
||||||
|
name="Mastodon Sidekiq daemon"
|
||||||
|
description=""
|
||||||
|
pidfile=/run/mastodon-sidekiq.pid
|
||||||
|
command_user=mastodon
|
||||||
|
output_log=/var/log/mastodon-sidekiq.log
|
||||||
|
error_log=/var/log/mastodon-sidekiq.log
|
||||||
|
directory=/var/calculate/www/mastodon/live
|
||||||
|
start_stop_daemon_args="-e RAILS_ENV=production -e DB_POOL=25 -e MALLOC_ARENA_MAX=2"
|
||||||
|
command=/var/calculate/www/mastodon/.rbenv/shims/bundle
|
||||||
|
command_args="exec sidekiq -c 25"
|
||||||
|
command_background=true
|
||||||
|
|
||||||
|
depend() {
|
||||||
|
use postgresql net redis
|
||||||
|
}
|
||||||
|
|
||||||
|
start_pre() {
|
||||||
|
checkpath -f -o mastodon -m 0600 /var/log/mastodon-sidekiq.log
|
||||||
|
}
|
@ -0,0 +1,21 @@
|
|||||||
|
# Calculate path=/etc/init.d name=#-cut(1,.)-# chmod=755 comment=# exists(/var/calculate/www/mastodon/.node-live)!=
|
||||||
|
#!/sbin/openrc-run
|
||||||
|
name="Mastodon streaming daemon"
|
||||||
|
description=""
|
||||||
|
pidfile=/run/mastodon-streaming.pid
|
||||||
|
command_user=mastodon
|
||||||
|
output_log=/var/log/mastodon-streaming.log
|
||||||
|
error_log=/var/log/mastodon-streaming.log
|
||||||
|
directory=/var/calculate/www/mastodon/live
|
||||||
|
start_stop_daemon_args="-e NODE_ENV=production -e PORT=4000 -e STREAMING_CLUSTER_NUM=1"
|
||||||
|
command=/var/calculate/www/mastodon/.node-live/bin/node
|
||||||
|
command_args="./streaming"
|
||||||
|
command_background=true
|
||||||
|
|
||||||
|
depend() {
|
||||||
|
use postgresql net redis
|
||||||
|
}
|
||||||
|
|
||||||
|
start_pre() {
|
||||||
|
checkpath -f -o mastodon -m 0600 /var/log/mastodon-streaming.log
|
||||||
|
}
|
@ -0,0 +1,29 @@
|
|||||||
|
# Calculate path=/etc/init.d name=#-cut(1,.)-# chmod=755 comment=# exists(/var/calculate/www/mastodon/.node-live)!=
|
||||||
|
#!/sbin/openrc-run
|
||||||
|
name="Mastodon Web daemon"
|
||||||
|
description=""
|
||||||
|
pidfile=/run/mastodon-web.pid
|
||||||
|
extra_commands="reload"
|
||||||
|
command_user=mastodon
|
||||||
|
output_log=/var/log/mastodon-web.log
|
||||||
|
error_log=/var/log/mastodon-web.log
|
||||||
|
directory=/var/calculate/www/mastodon/live
|
||||||
|
start_stop_daemon_args="-e RAILS_ENV=production -e PORT=3000"
|
||||||
|
command=/var/calculate/www/mastodon/.rbenv/shims/bundle
|
||||||
|
command_args="exec puma -C config/puma.rb"
|
||||||
|
command_background=true
|
||||||
|
|
||||||
|
depend() {
|
||||||
|
need nginx postgresql
|
||||||
|
need mastodon-streaming mastodon-sidekiq
|
||||||
|
}
|
||||||
|
|
||||||
|
start_pre() {
|
||||||
|
checkpath -f -o mastodon -m 0600 /var/log/mastodon-web.log
|
||||||
|
}
|
||||||
|
|
||||||
|
reload() {
|
||||||
|
einfo "Reload $name"
|
||||||
|
kill -USR1 $(cat $pidfile)
|
||||||
|
}
|
||||||
|
|
@ -0,0 +1 @@
|
|||||||
|
# Calculate path=/usr/sbin name=#-cut(1,.)-# link=/var/db/repos/container/scripts/mastodon/setup.sh symbolic protected
|
@ -0,0 +1 @@
|
|||||||
|
# Calculate path=/etc/runlevels/default name=#-cut(1,.)-# link=/etc/init.d/#-cut(1,.)-# protected symbolic exists(/var/calculate/www/mastodon/.node-live)!=
|
@ -0,0 +1 @@
|
|||||||
|
# Calculate path=/etc/runlevels/default name=#-cut(1,.)-# link=/etc/init.d/#-cut(1,.)-# protected symbolic exists(/var/calculate/www/mastodon/.node-live)!=
|
@ -0,0 +1 @@
|
|||||||
|
# Calculate path=/etc/runlevels/default name=#-cut(1,.)-# link=/etc/init.d/#-cut(1,.)-# protected symbolic exists(/var/calculate/www/mastodon/.node-live)!=
|
@ -0,0 +1 @@
|
|||||||
|
# Calculate path=/var/calculate
|
@ -0,0 +1 @@
|
|||||||
|
# Calculate chmod=750 chown=mastodon:nginx
|
@ -0,0 +1 @@
|
|||||||
|
# Calculate env=install ac_install_merge==on mergepkg(www-servers/nginx)!= append=skip
|
@ -0,0 +1,161 @@
|
|||||||
|
# Calculate path=/etc/nginx/sites-enabled exists(/etc/nginx/sites-enabled/#-cut()-#)== comment=#
|
||||||
|
map $http_upgrade $connection_upgrade {
|
||||||
|
default upgrade;
|
||||||
|
'' close;
|
||||||
|
}
|
||||||
|
|
||||||
|
upstream backend {
|
||||||
|
server 127.0.0.1:3000 fail_timeout=0;
|
||||||
|
}
|
||||||
|
|
||||||
|
upstream streaming {
|
||||||
|
server 127.0.0.1:4000 fail_timeout=0;
|
||||||
|
}
|
||||||
|
|
||||||
|
proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=CACHE:10m inactive=7d max_size=1g;
|
||||||
|
|
||||||
|
server {
|
||||||
|
listen 80;
|
||||||
|
listen [::]:80;
|
||||||
|
server_name calculate.social;
|
||||||
|
root /var/calculate/www/mastodon/live/public/;
|
||||||
|
location /.well-known/acme-challenge/ { allow all; }
|
||||||
|
location / { return 301 https://$host$request_uri; }
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
listen 443 ssl http2;
|
||||||
|
listen [::]:443 ssl http2;
|
||||||
|
server_name calculate.social;
|
||||||
|
|
||||||
|
ssl_protocols TLSv1.2 TLSv1.3;
|
||||||
|
ssl_ciphers HIGH:!MEDIUM:!LOW:!aNULL:!NULL:!SHA;
|
||||||
|
ssl_prefer_server_ciphers on;
|
||||||
|
ssl_session_cache shared:SSL:10m;
|
||||||
|
ssl_session_tickets off;
|
||||||
|
|
||||||
|
# Uncomment these lines once you acquire a certificate:
|
||||||
|
ssl_certificate /etc/nginx/ssl/fullchain.pem;
|
||||||
|
ssl_certificate_key /etc/nginx/ssl/privkey.pem;
|
||||||
|
|
||||||
|
keepalive_timeout 70;
|
||||||
|
sendfile on;
|
||||||
|
client_max_body_size 80m;
|
||||||
|
|
||||||
|
root /var/calculate/www/mastodon/live/public/;
|
||||||
|
|
||||||
|
gzip on;
|
||||||
|
gzip_disable "msie6";
|
||||||
|
gzip_vary on;
|
||||||
|
gzip_proxied any;
|
||||||
|
gzip_comp_level 6;
|
||||||
|
gzip_buffers 16 8k;
|
||||||
|
gzip_http_version 1.1;
|
||||||
|
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml image/x-icon;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
try_files $uri @proxy;
|
||||||
|
}
|
||||||
|
|
||||||
|
# If Docker is used for deployment and Rails serves static files,
|
||||||
|
# then needed must replace line `try_files $uri =404;` with `try_files $uri @proxy;`.
|
||||||
|
location = /sw.js {
|
||||||
|
add_header Cache-Control "public, max-age=604800, must-revalidate";
|
||||||
|
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
|
||||||
|
try_files $uri =404;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~ ^/assets/ {
|
||||||
|
add_header Cache-Control "public, max-age=2419200, must-revalidate";
|
||||||
|
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
|
||||||
|
try_files $uri =404;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~ ^/avatars/ {
|
||||||
|
add_header Cache-Control "public, max-age=2419200, must-revalidate";
|
||||||
|
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
|
||||||
|
try_files $uri =404;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~ ^/emoji/ {
|
||||||
|
add_header Cache-Control "public, max-age=2419200, must-revalidate";
|
||||||
|
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
|
||||||
|
try_files $uri =404;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~ ^/headers/ {
|
||||||
|
add_header Cache-Control "public, max-age=2419200, must-revalidate";
|
||||||
|
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
|
||||||
|
try_files $uri =404;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~ ^/packs/ {
|
||||||
|
add_header Cache-Control "public, max-age=2419200, must-revalidate";
|
||||||
|
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
|
||||||
|
try_files $uri =404;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~ ^/shortcuts/ {
|
||||||
|
add_header Cache-Control "public, max-age=2419200, must-revalidate";
|
||||||
|
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
|
||||||
|
try_files $uri =404;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~ ^/sounds/ {
|
||||||
|
add_header Cache-Control "public, max-age=2419200, must-revalidate";
|
||||||
|
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
|
||||||
|
try_files $uri =404;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~ ^/system/ {
|
||||||
|
add_header Cache-Control "public, max-age=2419200, immutable";
|
||||||
|
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
|
||||||
|
try_files $uri =404;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ^~ /api/v1/streaming {
|
||||||
|
proxy_set_header Host $host;
|
||||||
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||||||
|
proxy_set_header Proxy "";
|
||||||
|
|
||||||
|
proxy_pass http://streaming;
|
||||||
|
proxy_buffering off;
|
||||||
|
proxy_redirect off;
|
||||||
|
proxy_http_version 1.1;
|
||||||
|
proxy_set_header Upgrade $http_upgrade;
|
||||||
|
proxy_set_header Connection $connection_upgrade;
|
||||||
|
|
||||||
|
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
|
||||||
|
|
||||||
|
tcp_nodelay on;
|
||||||
|
}
|
||||||
|
|
||||||
|
location @proxy {
|
||||||
|
proxy_set_header Host $host;
|
||||||
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||||||
|
proxy_set_header Proxy "";
|
||||||
|
proxy_pass_header Server;
|
||||||
|
|
||||||
|
proxy_pass http://backend;
|
||||||
|
proxy_buffering on;
|
||||||
|
proxy_redirect off;
|
||||||
|
proxy_http_version 1.1;
|
||||||
|
proxy_set_header Upgrade $http_upgrade;
|
||||||
|
proxy_set_header Connection $connection_upgrade;
|
||||||
|
|
||||||
|
proxy_cache CACHE;
|
||||||
|
proxy_cache_valid 200 7d;
|
||||||
|
proxy_cache_valid 410 24h;
|
||||||
|
proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
|
||||||
|
add_header X-Cached $upstream_cache_status;
|
||||||
|
|
||||||
|
tcp_nodelay on;
|
||||||
|
}
|
||||||
|
|
||||||
|
error_page 404 500 501 502 503 504 /500.html;
|
||||||
|
}
|
||||||
|
|
@ -0,0 +1,5 @@
|
|||||||
|
# Calculate exec=/bin/bash exists(/etc/nginx/ssl/privkey.pem)==||exists(/etc/nginx/ssl/fullchain.pem)==
|
||||||
|
|
||||||
|
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -subj '/CN=calculate.social' -keyout /etc/nginx/ssl/privkey.pem -out /etc/nginx/ssl/fullchain.pem &>/dev/null
|
||||||
|
|
||||||
|
true
|
@ -0,0 +1 @@
|
|||||||
|
# Calculate path=/etc/runlevels/default name=#-cut(1,.)-# link=/etc/init.d/#-cut(1,.)-# protected symbolic exists(/var/calculate/www/mastodon/live/)!=
|
@ -0,0 +1 @@
|
|||||||
|
# Calculate env=install ac_install_merge==on mergepkg(dev-db/postgresql)!= append=skip
|
@ -0,0 +1,5 @@
|
|||||||
|
# Calculate run=/bin/bash
|
||||||
|
|
||||||
|
ver=$(ls -d /var/db/pkg/dev-db/postgresql-*)
|
||||||
|
ver=${ver#*postgresql-}
|
||||||
|
echo ${ver%%.*} > /tmp/pgsqlver
|
@ -0,0 +1 @@
|
|||||||
|
# Calculate path=/var/calculate name=postgresql chmod=700 chown=postgres:postgres
|
@ -0,0 +1 @@
|
|||||||
|
# Calculate path=/etc name=postgresql-#-load(char,/tmp/pgsqlver)-#
|
@ -0,0 +1,10 @@
|
|||||||
|
# Calculate chmod=600 comment=# chown=postgres:postgres
|
||||||
|
|
||||||
|
# TYPE DATABASE USER ADDRESS METHOD
|
||||||
|
|
||||||
|
# "local" is for Unix domain socket connections only
|
||||||
|
local all all password
|
||||||
|
# IPv4 local connections:
|
||||||
|
host all all 127.0.0.1/32 password
|
||||||
|
# IPv6 local connections:
|
||||||
|
host all all ::1/128 password
|
@ -0,0 +1 @@
|
|||||||
|
# Calculate chmod=600 comment=# chown=postgres:postgres
|
@ -0,0 +1,18 @@
|
|||||||
|
# Calculate chmod=600 comment=# chown=postgres:postgres
|
||||||
|
|
||||||
|
max_connections = 100 # (change requires restart)
|
||||||
|
shared_buffers = 128MB # min 128kB
|
||||||
|
dynamic_shared_memory_type = posix # the default is the first option
|
||||||
|
max_wal_size = 1GB
|
||||||
|
min_wal_size = 80MB
|
||||||
|
log_timezone = 'W-SU'
|
||||||
|
datestyle = 'iso, dmy'
|
||||||
|
timezone = 'W-SU'
|
||||||
|
lc_messages = 'ru_RU.UTF-8' # locale for system error message
|
||||||
|
lc_monetary = 'ru_RU.UTF-8' # locale for monetary formatting
|
||||||
|
lc_numeric = 'C' # locale for number formatting
|
||||||
|
lc_time = 'ru_RU.UTF-8' # locale for time formatting
|
||||||
|
default_text_search_config = 'pg_catalog.russian'
|
||||||
|
plperl.on_init = 'use utf8; use re; package utf8; require "utf8_heavy.pl";'
|
||||||
|
|
||||||
|
listen_addresses = '127.0.0.1'
|
@ -0,0 +1,6 @@
|
|||||||
|
# Calculate format=samba chown=mastodon:mastodon path=/var/calculate grep(/var/calculate/ini.env,postgresql)== comment=# protected
|
||||||
|
[postgresql]
|
||||||
|
postgres_password = #-rnd(pas,12)-#
|
||||||
|
mastodon_user = mastodon
|
||||||
|
mastodon_password = #-rnd(pas,12)-#
|
||||||
|
mastodon_database = mastodon_production
|
@ -0,0 +1 @@
|
|||||||
|
# Calculate path=/var/lib name=postgresql link=/var/calculate/postgresql symbolic protected
|
@ -0,0 +1,3 @@
|
|||||||
|
# Calculate path=/root name=.pgpass chmod=600 comment=# protected
|
||||||
|
localhost:*:*:postgres:#-ini(postgresql.postgres_password)-#
|
||||||
|
localhost:*:*:mastodon:#-ini(postgresql.mastodon_password)-#
|
@ -0,0 +1 @@
|
|||||||
|
# Calculate env=install ac_install_merge==on mergepkg(dev-db/redis)!= append=skip
|
@ -0,0 +1,73 @@
|
|||||||
|
# Calculate path=/etc/redis exists(/etc/redis/#-cut()-#)== comment=#
|
||||||
|
bind 127.0.0.1 -::1
|
||||||
|
protected-mode yes
|
||||||
|
port 6379
|
||||||
|
tcp-backlog 511
|
||||||
|
timeout 0
|
||||||
|
tcp-keepalive 300
|
||||||
|
daemonize no
|
||||||
|
pidfile /run/redis/redis.pid
|
||||||
|
loglevel notice
|
||||||
|
logfile /var/log/redis/redis.log
|
||||||
|
databases 16
|
||||||
|
always-show-logo no
|
||||||
|
set-proc-title yes
|
||||||
|
proc-title-template "{title} {listen-addr} {server-mode}"
|
||||||
|
stop-writes-on-bgsave-error yes
|
||||||
|
rdbcompression yes
|
||||||
|
rdbchecksum yes
|
||||||
|
dbfilename dump.rdb
|
||||||
|
rdb-del-sync-files no
|
||||||
|
dir /var/lib/redis/
|
||||||
|
replica-serve-stale-data yes
|
||||||
|
replica-read-only yes
|
||||||
|
repl-diskless-sync yes
|
||||||
|
repl-diskless-sync-delay 5
|
||||||
|
repl-diskless-sync-max-replicas 0
|
||||||
|
repl-diskless-load disabled
|
||||||
|
repl-disable-tcp-nodelay no
|
||||||
|
replica-priority 100
|
||||||
|
acllog-max-len 128
|
||||||
|
maxmemory 1024MB
|
||||||
|
lazyfree-lazy-eviction no
|
||||||
|
lazyfree-lazy-expire no
|
||||||
|
lazyfree-lazy-server-del no
|
||||||
|
replica-lazy-flush no
|
||||||
|
lazyfree-lazy-user-del no
|
||||||
|
lazyfree-lazy-user-flush no
|
||||||
|
oom-score-adj no
|
||||||
|
oom-score-adj-values 0 200 800
|
||||||
|
disable-thp yes
|
||||||
|
appendonly no
|
||||||
|
appendfilename "appendonly.aof"
|
||||||
|
appenddirname "appendonlydir"
|
||||||
|
appendfsync everysec
|
||||||
|
no-appendfsync-on-rewrite no
|
||||||
|
auto-aof-rewrite-percentage 100
|
||||||
|
auto-aof-rewrite-min-size 64mb
|
||||||
|
aof-load-truncated yes
|
||||||
|
aof-use-rdb-preamble yes
|
||||||
|
aof-timestamp-enabled no
|
||||||
|
slowlog-log-slower-than 10000
|
||||||
|
slowlog-max-len 128
|
||||||
|
latency-monitor-threshold 0
|
||||||
|
notify-keyspace-events ""
|
||||||
|
hash-max-listpack-entries 512
|
||||||
|
hash-max-listpack-value 64
|
||||||
|
list-max-listpack-size -2
|
||||||
|
list-compress-depth 0
|
||||||
|
set-max-intset-entries 512
|
||||||
|
zset-max-listpack-entries 128
|
||||||
|
zset-max-listpack-value 64
|
||||||
|
hll-sparse-max-bytes 3000
|
||||||
|
stream-node-max-bytes 4096
|
||||||
|
stream-node-max-entries 100
|
||||||
|
activerehashing yes
|
||||||
|
client-output-buffer-limit normal 0 0 0
|
||||||
|
client-output-buffer-limit replica 256mb 64mb 60
|
||||||
|
client-output-buffer-limit pubsub 32mb 8mb 60
|
||||||
|
hz 10
|
||||||
|
dynamic-hz yes
|
||||||
|
aof-rewrite-incremental-fsync yes
|
||||||
|
rdb-save-incremental-fsync yes
|
||||||
|
jemalloc-bg-thread yes
|
File diff suppressed because it is too large
Load Diff
@ -0,0 +1 @@
|
|||||||
|
# Calculate path=/etc/runlevels/default name=#-cut(1,.)-# link=/etc/init.d/#-cut(1,.)-# protected symbolic
|
@ -0,0 +1,12 @@
|
|||||||
|
# Calculate env=update ac_update_sync==on path=/var/lib/portage cl_update_world==merge||cl_update_world==rebuild format=world
|
||||||
|
dev-db/postgresql:14
|
||||||
|
dev-python/nodeenv
|
||||||
|
dev-python/setuptools
|
||||||
|
sys-devel/gettext
|
||||||
|
dev-db/redis
|
||||||
|
media-gfx/imagemagick
|
||||||
|
media-video/ffmpeg
|
||||||
|
www-servers/nginx
|
||||||
|
dev-util/pkgconf
|
||||||
|
dev-libs/protobuf
|
||||||
|
net-dns/libidn
|
@ -0,0 +1,21 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
export PATH="/lib/rc/bin:$PATH"
|
||||||
|
set -ueo pipefail
|
||||||
|
scriptpath=$(dirname $(readlink -f $0))
|
||||||
|
|
||||||
|
. /var/db/repos/calculate/scripts/ini.sh
|
||||||
|
|
||||||
|
echo "Mastodon setup"
|
||||||
|
|
||||||
|
test -f /run/redis/redis.pid && /etc/init.d/redis start
|
||||||
|
|
||||||
|
for script in $scriptpath/stages/*.sh; do
|
||||||
|
"$script"
|
||||||
|
done
|
||||||
|
|
||||||
|
/etc/init.d/redis restart
|
||||||
|
rc-update -u
|
||||||
|
openrc
|
||||||
|
|
||||||
|
echo -e "\nAll is done! Open the link https://${ini[mastodon.local_domain]} on your browser after adding ${ini[mastodon.local_domain]} to dns"
|
@ -0,0 +1,60 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
set -eo pipefail
|
||||||
|
export PATH="/lib/rc/bin:$PATH"
|
||||||
|
|
||||||
|
SCRIPT=$(readlink -f $0)
|
||||||
|
[[ $UID == 0 ]] && exec su - mastodon -c "$SCRIPT"
|
||||||
|
|
||||||
|
|
||||||
|
. /var/db/repos/container/scripts/functions.sh
|
||||||
|
. /var/db/repos/calculate/scripts/ini.sh
|
||||||
|
|
||||||
|
cd ~/
|
||||||
|
|
||||||
|
if [[ ! -e ~/.node-live ]]
|
||||||
|
then
|
||||||
|
einfo 'Install Node.js'
|
||||||
|
cd ~
|
||||||
|
nodeenv --node=${ini[mastodon.node]} .node-${ini[mastodon.node]%%.*}
|
||||||
|
ln -sfT .node-${ini[mastodon.node]%%.*} .node-live
|
||||||
|
set +u
|
||||||
|
source .node-live/bin/activate
|
||||||
|
set -u
|
||||||
|
einfo 'Install yarn'
|
||||||
|
npm install -g yarn
|
||||||
|
corepack enable
|
||||||
|
yarn set version classic
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [[ ! -e ~/.rbenv ]]; then
|
||||||
|
einfo 'Rbenv Setup: Get the code'
|
||||||
|
git clone --single-branch --depth 1 https://github.com/rbenv/rbenv.git ~/.rbenv
|
||||||
|
eend
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [[ ! -e ~/.rbenv/plugins/ruby-build ]]; then
|
||||||
|
einfo 'Ruby Setup: Get the code'
|
||||||
|
git clone --single-branch --depth 1 https://github.com/rbenv/ruby-build.git ~/.rbenv/plugins/ruby-build
|
||||||
|
eend
|
||||||
|
fi
|
||||||
|
|
||||||
|
export PATH="$HOME/.rbenv/bin:$PATH"
|
||||||
|
eval "$(rbenv init -)"
|
||||||
|
|
||||||
|
if [[ ! -e ~/live ]]; then
|
||||||
|
einfo 'Mastodon Setup: Get the code'
|
||||||
|
git config --global advice.detachedHead false
|
||||||
|
git clone -b v${ini[mastodon.git_tag]} --single-branch --depth 1 https://github.com/tootsuite/mastodon.git ~/live
|
||||||
|
einfo 'Install Ruby'
|
||||||
|
RUBY_CONFIGURE_OPTS=--with-jemalloc rbenv install ${ini[mastodon.ruby]}
|
||||||
|
rbenv global ${ini[mastodon.ruby]}
|
||||||
|
gem install bundler --no-document
|
||||||
|
cd ~/live
|
||||||
|
bundle config deployment 'true'
|
||||||
|
bundle config without 'development test'
|
||||||
|
einfo 'Install gems'
|
||||||
|
bundle install -j$(nproc)
|
||||||
|
eend
|
||||||
|
fi
|
||||||
|
|
@ -0,0 +1,31 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
set -ueo pipefail
|
||||||
|
|
||||||
|
export PATH="/lib/rc/bin:$PATH"
|
||||||
|
|
||||||
|
[[ -n "$(ls -A /var/lib/postgresql)" ]] && exit
|
||||||
|
|
||||||
|
. /var/db/repos/container/scripts/functions.sh
|
||||||
|
. /var/db/repos/calculate/scripts/ini.sh
|
||||||
|
|
||||||
|
pgver() {
|
||||||
|
local ver=$(ls -d /var/db/pkg/dev-db/postgresql-*)
|
||||||
|
ver=${ver#*postgresql-}
|
||||||
|
if [[ ${1:-} == 'slot' ]]; then
|
||||||
|
echo ${ver%%.*}
|
||||||
|
else
|
||||||
|
echo ${ver%%-*}
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
emerge --config dev-db/postgresql
|
||||||
|
|
||||||
|
/etc/init.d/postgresql-$(pgver slot) start
|
||||||
|
|
||||||
|
psql -U postgres -c "ALTER USER postgres WITH PASSWORD '${ini[postgresql.postgres_password]}'"
|
||||||
|
psql -U postgres -c "CREATE ROLE ${ini[postgresql.mastodon_user]} WITH login createdb"
|
||||||
|
psql -U postgres -c "ALTER USER ${ini[postgresql.mastodon_user]} WITH PASSWORD '${ini[postgresql.mastodon_password]}'"
|
||||||
|
|
||||||
|
cl-core-setup -n postgresql -f
|
||||||
|
/etc/init.d/postgresql-$(pgver slot) restart
|
@ -0,0 +1,36 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
set -ueo pipefail
|
||||||
|
export PATH="/lib/rc/bin:$PATH"
|
||||||
|
|
||||||
|
. /var/db/repos/container/scripts/functions.sh
|
||||||
|
. /var/db/repos/calculate/scripts/ini.sh
|
||||||
|
|
||||||
|
cl-setup-system
|
||||||
|
|
||||||
|
cd /var/calculate/www/mastodon
|
||||||
|
configure_conf() {
|
||||||
|
local config=$1
|
||||||
|
einfo "Setting up $config ..."
|
||||||
|
test -f $config.old || cp $config $config.old
|
||||||
|
for (( i=0; i < ${#replace[@]}; i += 2 )); do
|
||||||
|
var=${replace[$i]}
|
||||||
|
val=${replace[$i+1]}
|
||||||
|
grep -qE "^([#;]\s*)?\s*?$var\s*[:=]" $config || eerror "Parametr '$var' is not found."
|
||||||
|
sed -i -E "s|^([#;]\s*)?(\s*)(${var})(\s*)([:=])(\s*)?.*$|\2\3\4\5\6${val}|g" \
|
||||||
|
$config
|
||||||
|
done
|
||||||
|
eend
|
||||||
|
}
|
||||||
|
|
||||||
|
replace=(
|
||||||
|
LOCAL_DOMAIN "${ini[mastodon.local_domain]}"
|
||||||
|
DB_USER "${ini[postgresql.mastodon_user]}"
|
||||||
|
DB_PASS "${ini[postgresql.mastodon_password]}"
|
||||||
|
SMTP_FROM_ADDRESS "${ini[mastodon.smtp_from_address]}"
|
||||||
|
SMTP_PORT "${ini[mastodon.smtp_port]}"
|
||||||
|
|
||||||
|
)
|
||||||
|
configure_conf live/.env.production
|
||||||
|
|
||||||
|
/etc/init.d/redis restart
|
@ -0,0 +1,56 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
#set -ueo pipefail
|
||||||
|
|
||||||
|
SCRIPT=$(readlink -f $0)
|
||||||
|
[[ $UID == 0 ]] && exec su - mastodon -c "$SCRIPT"
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
. /var/db/repos/container/scripts/functions.sh
|
||||||
|
. /var/db/repos/calculate/scripts/ini.sh
|
||||||
|
|
||||||
|
set +u
|
||||||
|
source ~/.node-live/bin/activate
|
||||||
|
set -u
|
||||||
|
export PATH="$HOME/.rbenv/bin:$PATH"
|
||||||
|
eval "$(rbenv init -)"
|
||||||
|
|
||||||
|
cd ~/live
|
||||||
|
|
||||||
|
get_variables(){
|
||||||
|
SECRET_KEY_BASE=$(RAILS_ENV=production bundle exec rake secret)
|
||||||
|
OTP_SECRET=$(RAILS_ENV=production bundle exec rake secret)
|
||||||
|
vapid_array=($(RAILS_ENV=production bundle exec rake mastodon:webpush:generate_vapid_key))
|
||||||
|
VAPID_PRIVATE_KEY=$(echo ${vapid_array[0]} | cut -d= -f2,3,4)
|
||||||
|
VAPID_PUBLIC_KEY=$(echo ${vapid_array[1]} | cut -d= -f2,3,4)
|
||||||
|
|
||||||
|
sed -i -E "s|(SECRET_KEY_BASE=).*|\1${SECRET_KEY_BASE}|g" ~/live/.env.production
|
||||||
|
sed -i -E "s|(OTP_SECRET=).*|\1${OTP_SECRET}|g" ~/live/.env.production
|
||||||
|
sed -i -E "s|(VAPID_PRIVATE_KEY=).*|\1${VAPID_PRIVATE_KEY}|g" ~/live/.env.production
|
||||||
|
sed -i -E "s|(VAPID_PUBLIC_KEY=).*|\1${VAPID_PUBLIC_KEY}|g" ~/live/.env.production
|
||||||
|
}
|
||||||
|
|
||||||
|
migrate_pgsql(){
|
||||||
|
RAILS_ENV=production bundle exec rake db:setup
|
||||||
|
RAILS_ENV=production bundle exec rake assets:precompile
|
||||||
|
RAILS_ENV=production bin/tootctl accounts create ${ini[mastodon.login]} \
|
||||||
|
--email ${ini[mastodon.smtp_from_address]} \
|
||||||
|
--confirmed --role Owner
|
||||||
|
|
||||||
|
einfo Mail: ${ini[mastodon.smtp_from_address]}
|
||||||
|
einfo Login: ${ini[mastodon.login]}
|
||||||
|
}
|
||||||
|
|
||||||
|
check_migrate(){
|
||||||
|
data=$(RAILS_ENV=production bundle exec rake db:migrate:status 2>/dev/null)
|
||||||
|
}
|
||||||
|
|
||||||
|
data={:-}
|
||||||
|
|
||||||
|
#if [[ -z $data ]]; then
|
||||||
|
get_variables
|
||||||
|
migrate_pgsql
|
||||||
|
#else
|
||||||
|
check_migrate
|
||||||
|
#fi
|
Loading…
Reference in new issue