#!/bin/bash die() { echo >&2 "ERROR: $@" ; exit 1 ; } info() { echo >&2 "$@" ; } DIRNAME="$(dirname $0)" cd "$DIRNAME" source ../env.production source ./env.production mkdir -p data/system chmod 777 data/system if [ -r "./env.secrets" ]; then docker-compose up -d || die "unable to restart mastodon" exit 0 fi # have to bring it all down before we touch the files docker-compose down OIDC_CLIENT_SECRET="$(openssl rand -hex 32)" # create the secrets file, # along with some parameters that should be in the environment cat < env.secrets # DO NOT CHECK IN LOCAL_DOMAIN=$MASTODON_HOSTNAME OIDC_DISPLAY_NAME=$REALM OIDC_ISSUER=https://$KEYCLOAK_HOSTNAME/realms/$REALM OIDC_REDIRECT_URI=https://$MASTODON_HOSTNAME/auth/auth/openid_connect/callback OIDC_CLIENT_SECRET=$OIDC_CLIENT_SECRET SECRET_KEY_BASE=$(openssl rand -hex 32) OTP_SECRET=$(openssl rand -hex 32) EOF info "mastodon: creating push keys" docker-compose run --rm mastodon \ rails mastodon:webpush:generate_vapid_key \ >> env.secrets \ || die "unable to generate vapid key" info "mastodon: setting up database" docker-compose run --rm mastodon \ rails db:setup \ || die "unable to login" source ./env.secrets info "mastodon: creating keycloak interface" ../keycloak/client-delete mastodon ../keycloak/client-create <