docker-compose environment for the entire v.st system https://v.st/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
env/mastodon/setup

64 lines
1.7 KiB

#!/bin/bash
die() { echo >&2 "ERROR: $@" ; exit 1 ; }
info() { echo >&2 "$@" ; }
DIRNAME="$(dirname $0)"
cd "$DIRNAME"
source ../env.production
source ./env.production
mkdir -p data/system
chmod 777 data/system
if [ -r "./env.secrets" ]; then
docker-compose up -d || die "unable to restart mastodon"
exit 0
fi
# have to bring it all down before we touch the files
docker-compose down
OIDC_CLIENT_SECRET="$(openssl rand -hex 32)"
# create the secrets file,
# along with some parameters that should be in the environment
cat <<EOF > env.secrets
# DO NOT CHECK IN
LOCAL_DOMAIN=$MASTODON_HOSTNAME
OIDC_DISPLAY_NAME=$REALM
OIDC_ISSUER=https://$KEYCLOAK_HOSTNAME/realms/$REALM
OIDC_REDIRECT_URI=https://$MASTODON_HOSTNAME/auth/auth/openid_connect/callback
OIDC_CLIENT_SECRET=$OIDC_CLIENT_SECRET
SECRET_KEY_BASE=$(openssl rand -hex 32)
OTP_SECRET=$(openssl rand -hex 32)
EOF
info "mastodon: creating push keys"
docker-compose run --rm mastodon \
rails mastodon:webpush:generate_vapid_key \
>> env.secrets \
|| die "unable to generate vapid key"
info "mastodon: setting up database"
docker-compose run --rm mastodon \
rails db:setup \
|| die "unable to login"
source ./env.secrets
info "mastodon: creating keycloak interface"
../keycloak/client-delete mastodon
../keycloak/client-create <<EOF || die "Unable to create keycloak client"
{
"clientId": "mastodon",
"rootUrl": "https://$MASTODON_HOSTNAME/",
"adminUrl": "https://$MASTODON_HOSTNAME/",
"redirectUris": [ "https://$MASTODON_HOSTNAME/*" ],
"webOrigins": [ "https://$MASTODON_HOSTNAME" ],
"clientAuthenticatorType": "client-secret",
"secret": "$OIDC_CLIENT_SECRET"
}
EOF
docker-compose up -d || die "mastodon: unable to start container"