#!/bin/bash die() { echo >&2 "ERROR: $@" ; exit 1 ; } info() { echo >&2 "$@" ; } DIRNAME="$(dirname $0)" cd "$DIRNAME" source ../env.production source ./env.production mkdir -p ../data/mastodon/system chmod 777 ../data/mastodon/system SECRETS="../data/mastodon/env.secrets" if [ -r "$SECRETS" ]; then docker-compose up -d || die "unable to restart mastodon" exit 0 fi # have to bring it all down before we touch the files docker-compose down OIDC_CLIENT_SECRET="$(openssl rand -hex 32)" # create the secrets file, # along with some parameters that should be in the environment mkdir -p "$(dirname "$SECRETS")" cat < "$SECRETS" # DO NOT CHECK IN WEB_DOMAIN=$MASTODON_HOSTNAME LOCAL_DOMAIN=$DOMAIN_NAME OIDC_DISPLAY_NAME=$REALM OIDC_ISSUER=https://$KEYCLOAK_HOSTNAME/realms/$REALM OIDC_REDIRECT_URI=https://$MASTODON_HOSTNAME/auth/auth/openid_connect/callback OIDC_CLIENT_SECRET=$OIDC_CLIENT_SECRET SECRET_KEY_BASE=$(openssl rand -hex 32) OTP_SECRET=$(openssl rand -hex 32) EOF info "mastodon: creating push keys" docker-compose run --rm mastodon \ rails mastodon:webpush:generate_vapid_key \ >> "$SECRETS" \ || die "unable to generate vapid key" info "mastodon: setting up database" docker-compose run --rm mastodon \ rails db:setup \ || die "unable to login" source "$SECRETS" info "mastodon: creating keycloak interface" ../keycloak/client-delete mastodon ../keycloak/client-create <