diff options
author | Jenkins <jenkins@jenkins.ninjawedding.org> | 2018-02-11 18:17:11 +0000 |
---|---|---|
committer | Jenkins <jenkins@jenkins.ninjawedding.org> | 2018-02-11 18:17:11 +0000 |
commit | 5ffa6f0fa12f5711e96b861c9813f3ec53bac3ee (patch) | |
tree | ecee87839ecd165f00a0513d120973fa6ac44c6d | |
parent | efc9ffcb80b995ef8c8d95ab1d8cb0af8efc094d (diff) | |
parent | cf36d184f41b5bfc0c63d6c8409b05cca2eb67ee (diff) |
Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master
-rw-r--r-- | Gemfile | 2 | ||||
-rw-r--r-- | Gemfile.lock | 26 | ||||
-rw-r--r-- | lib/tasks/mastodon.rake | 410 |
3 files changed, 415 insertions, 23 deletions
diff --git a/Gemfile b/Gemfile index 65608b51e..dbdab7cc2 100644 --- a/Gemfile +++ b/Gemfile @@ -78,6 +78,8 @@ gem 'simple-navigation', '~> 4.0' gem 'simple_form', '~> 3.4' gem 'sprockets-rails', '~> 3.2', require: 'sprockets/railtie' gem 'strong_migrations' +gem 'tty-command' +gem 'tty-prompt' gem 'twitter-text', '~> 1.14' gem 'tzinfo-data', '~> 1.2017' gem 'webpacker', '~> 3.0' diff --git a/Gemfile.lock b/Gemfile.lock index 509b65ab6..99acf91bf 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -173,6 +173,7 @@ GEM faraday multi_json encryptor (3.0.0) + equatable (0.5.0) erubi (1.7.0) et-orbi (1.0.8) tzinfo @@ -224,6 +225,7 @@ GEM hashie (3.5.7) highline (1.7.10) hiredis (0.6.1) + hitimes (1.2.6) hkdf (0.3.0) html2text (0.2.1) nokogiri (~> 1.6) @@ -314,6 +316,7 @@ GEM msgpack (1.1.0) multi_json (1.12.2) multipart-post (2.0.0) + necromancer (0.4.0) net-scp (1.2.1) net-ssh (>= 2.6.5) net-ssh (4.2.0) @@ -358,6 +361,9 @@ GEM parallel parser (2.4.0.2) ast (~> 2.3) + pastel (0.7.2) + equatable (~> 0.5.0) + tty-color (~> 0.4.0) pg (0.21.0) pghero (1.7.0) activerecord @@ -553,6 +559,23 @@ GEM thread (0.2.2) thread_safe (0.3.6) tilt (2.0.8) + timers (4.1.2) + hitimes + tty-color (0.4.2) + tty-command (0.7.0) + pastel (~> 0.7.0) + tty-cursor (0.5.0) + tty-prompt (0.15.0) + necromancer (~> 0.4.0) + pastel (~> 0.7.0) + timers (~> 4.0) + tty-cursor (~> 0.5.0) + tty-reader (~> 0.2.0) + tty-reader (0.2.0) + tty-cursor (~> 0.5.0) + tty-screen (~> 0.6.4) + wisper (~> 2.0.0) + tty-screen (0.6.4) twitter-text (1.14.7) unf (~> 0.1.0) tzinfo (1.2.4) @@ -582,6 +605,7 @@ GEM websocket-driver (0.6.5) websocket-extensions (>= 0.1.0) websocket-extensions (0.1.3) + wisper (2.0.0) xpath (2.1.0) nokogiri (~> 1.3) @@ -689,6 +713,8 @@ DEPENDENCIES simplecov (~> 0.14) sprockets-rails (~> 3.2) strong_migrations + tty-command + tty-prompt twitter-text (~> 1.14) tzinfo-data (~> 1.2017) uglifier (~> 3.2) diff --git a/lib/tasks/mastodon.rake b/lib/tasks/mastodon.rake index 486c035de..e144621e5 100644 --- a/lib/tasks/mastodon.rake +++ b/lib/tasks/mastodon.rake @@ -4,6 +4,362 @@ require 'optparse' require 'colorize' namespace :mastodon do + desc 'Configure the instance for production use' + task :setup do + prompt = TTY::Prompt.new + env = {} + + begin + prompt.say('Your instance is identified by its domain name. Changing it afterward will break things.') + env['LOCAL_DOMAIN'] = prompt.ask('Domain name:') do |q| + q.required true + q.modify :strip + q.validate(/\A[a-z0-9\.\-]+\z/i) + q.messages[:valid?] = 'Invalid domain. If you intend to use unicode characters, enter punycode here' + end + + prompt.say "\n" + + prompt.say('Single user mode disables registrations and redirects the landing page to your public profile.') + env['SINGLE_USER_MODE'] = prompt.yes?('Do you want to enable single user mode?', default: false) + + %w(SECRET_KEY_BASE PAPERCLIP_SECRET OTP_SECRET).each do |key| + env[key] = SecureRandom.hex(64) + end + + vapid_key = Webpush.generate_key + + env['VAPID_PRIVATE_KEY'] = vapid_key.private_key + env['VAPID_PUBLIC_KEY'] = vapid_key.public_key + + prompt.say "\n" + + using_docker = prompt.yes?('Are you using Docker to run Mastodon?') + db_connection_works = false + + prompt.say "\n" + + loop do + env['DB_HOST'] = prompt.ask('PostgreSQL host:') do |q| + q.required true + q.default using_docker ? 'db' : '/var/run/postgresql' + q.modify :strip + end + + env['DB_PORT'] = prompt.ask('PostgreSQL port:') do |q| + q.required true + q.default 5432 + q.convert :int + end + + env['DB_NAME'] = prompt.ask('Name of PostgreSQL database:') do |q| + q.required true + q.default using_docker ? 'postgres' : 'mastodon_production' + q.modify :strip + end + + env['DB_USER'] = prompt.ask('Name of PostgreSQL user:') do |q| + q.required true + q.default using_docker ? 'postgres' : 'mastodon' + q.modify :strip + end + + env['DB_PASS'] = prompt.ask('Password of PostgreSQL user:') do |q| + q.echo false + end + + # The chosen database may not exist yet. Connect to default database + # to avoid "database does not exist" error. + db_options = { + adapter: :postgresql, + database: 'postgres', + host: env['DB_HOST'], + port: env['DB_PORT'], + user: env['DB_USER'], + password: env['DB_PASS'], + } + + begin + ActiveRecord::Base.establish_connection(db_options) + ActiveRecord::Base.connection + prompt.ok 'Database configuration works! 🎆' + db_connection_works = true + break + rescue StandardError => e + prompt.error 'Database connection could not be established with this configuration, try again.' + prompt.error e.message + break unless prompt.yes?('Try again?') + end + end + + prompt.say "\n" + + loop do + env['REDIS_HOST'] = prompt.ask('Redis host:') do |q| + q.required true + q.default using_docker ? 'redis' : 'localhost' + q.modify :strip + end + + env['REDIS_PORT'] = prompt.ask('Redis port:') do |q| + q.required true + q.default 6379 + q.convert :int + end + + redis_options = { + host: env['REDIS_HOST'], + port: env['REDIS_PORT'], + driver: :hiredis, + } + + begin + redis = Redis.new(redis_options) + redis.ping + prompt.ok 'Redis configuration works! 🎆' + break + rescue StandardError => e + prompt.error 'Redis connection could not be established with this configuration, try again.' + prompt.error e.message + break unless prompt.yes?('Try again?') + end + end + + prompt.say "\n" + + if prompt.yes?('Do you want to store uploaded files on the cloud?', default: false) + case prompt.select('Provider', ['Amazon S3', 'Wasabi', 'Minio']) + when 'Amazon S3' + env['S3_ENABLED'] = 'true' + env['S3_PROTOCOL'] = 'https' + + env['S3_BUCKET'] = prompt.ask('S3 bucket name:') do |q| + q.required true + q.default "files.#{env['LOCAL_DOMAIN']}" + q.modify :strip + end + + env['S3_REGION'] = prompt.ask('S3 region:') do |q| + q.required true + q.default 'us-east-1' + q.modify :strip + end + + env['S3_HOSTNAME'] = prompt.ask('S3 hostname:') do |q| + q.required true + q.default 's3-us-east-1.amazonaws.com' + q.modify :strip + end + + env['AWS_ACCESS_KEY_ID'] = prompt.ask('S3 access key:') do |q| + q.required true + q.modify :strip + end + + env['AWS_SECRET_ACCESS_KEY'] = prompt.ask('S3 secret key:') do |q| + q.required true + q.modify :strip + end + when 'Wasabi' + env['S3_ENABLED'] = 'true' + env['S3_PROTOCOL'] = 'https' + env['S3_REGION'] = 'us-east-1' + env['S3_HOSTNAME'] = 's3.wasabisys.com' + env['S3_ENDPOINT'] = 'https://s3.wasabisys.com/' + + env['S3_BUCKET'] = prompt.ask('Wasabi bucket name:') do |q| + q.required true + q.default "files.#{env['LOCAL_DOMAIN']}" + q.modify :strip + end + + env['AWS_ACCESS_KEY_ID'] = prompt.ask('Wasabi access key:') do |q| + q.required true + q.modify :strip + end + + env['AWS_SECRET_ACCESS_KEY'] = prompt.ask('Wasabi secret key:') do |q| + q.required true + q.modify :strip + end + when 'Minio' + env['S3_ENABLED'] = 'true' + env['S3_PROTOCOL'] = 'https' + env['S3_REGION'] = 'us-east-1' + + env['S3_ENDPOINT'] = prompt.ask('Minio endpoint URL:') do |q| + q.required true + q.modify :strip + end + + env['S3_PROTOCOL'] = env['S3_ENDPOINT'].start_with?('https') ? 'https' : 'http' + env['S3_HOSTNAME'] = env['S3_ENDPOINT'].gsub(/\Ahttps?:\/\//, '') + + env['S3_BUCKET'] = prompt.ask('Minio bucket name:') do |q| + q.required true + q.default "files.#{env['LOCAL_DOMAIN']}" + q.modify :strip + end + + env['AWS_ACCESS_KEY_ID'] = prompt.ask('Minio access key:') do |q| + q.required true + q.modify :strip + end + + env['AWS_SECRET_ACCESS_KEY'] = prompt.ask('Minio secret key:') do |q| + q.required true + q.modify :strip + end + end + + if prompt.yes?('Do you want to access the uploaded files from your own domain?') + env['S3_CLOUDFRONT_HOST'] = prompt.ask('Domain for uploaded files:') do |q| + q.required true + q.default "files.#{env['LOCAL_DOMAIN']}" + q.modify :strip + end + end + end + + prompt.say "\n" + + loop do + env['SMTP_SERVER'] = prompt.ask('SMTP server:') do |q| + q.required true + q.default 'smtp.mailgun.org' + q.modify :strip + end + + env['SMTP_PORT'] = prompt.ask('SMTP port:') do |q| + q.required true + q.default 587 + q.convert :int + end + + env['SMTP_LOGIN'] = prompt.ask('SMTP username:') do |q| + q.modify :strip + end + + env['SMTP_PASSWORD'] = prompt.ask('SMTP password:') do |q| + q.echo false + end + + env['SMTP_FROM_ADDRESS'] = prompt.ask('E-mail address to send e-mails "from":') do |q| + q.required true + q.default "Mastodon <notifications@#{env['LOCAL_DOMAIN']}>" + q.modify :strip + end + + break unless prompt.yes?('Send a test e-mail with this configuration right now?') + + send_to = prompt.ask('Send test e-mail to:', required: true) + + begin + ActionMailer::Base.smtp_settings = { + :port => env['SMTP_PORT'], + :address => env['SMTP_SERVER'], + :user_name => env['SMTP_LOGIN'].presence, + :password => env['SMTP_PASSWORD'].presence, + :domain => env['LOCAL_DOMAIN'], + :authentication => :plain, + :enable_starttls_auto => true, + } + + ActionMailer::Base.default_options = { + from: env['SMTP_FROM_ADDRESS'], + } + + mail = ActionMailer::Base.new.mail to: send_to, subject: 'Test', body: 'Mastodon SMTP configuration works!' + mail.deliver + rescue StandardError => e + prompt.error 'E-mail could not be sent with this configuration, try again.' + prompt.error e.message + break unless prompt.yes?('Try again?') + end + end + + prompt.say "\n" + prompt.say 'This configuration will be written to .env.production' + + if prompt.yes?('Save configuration?') + cmd = TTY::Command.new(printer: :quiet) + + File.write(Rails.root.join('.env.production'), "# Generated with mastodon:setup on #{Time.now.utc}\n\n" + env.each_pair.map { |key, value| "#{key}=#{value}" }.join("\n") + "\n") + + prompt.say "\n" + prompt.say 'Now that configuration is saved, the database schema must be loaded.' + prompt.warn 'If the database already exists, this will erase its contents.' + + if prompt.yes?('Prepare the database now?') + prompt.say 'Running `RAILS_ENV=production rails db:setup` ...' + prompt.say "\n" + + if cmd.run!({ RAILS_ENV: 'production' }, :rails, 'db:setup').failure? + prompt.say "\n" + prompt.error 'That failed! Perhaps your configuration is not right' + else + prompt.say "\n" + prompt.ok 'Done!' + end + end + + prompt.say "\n" + prompt.say 'The final step is compiling CSS/JS assets.' + prompt.say 'This may take a while and consume a lot of RAM.' + + if prompt.yes?('Compile the assets now?') + prompt.say 'Running `RAILS_ENV=production rails assets:precompile` ...' + prompt.say "\n" + + if cmd.run!({ RAILS_ENV: 'production' }, :rails, 'assets:precompile').failure? + prompt.say "\n" + prompt.error 'That failed! Maybe you need swap space?' + else + prompt.say "\n" + prompt.say 'Done!' + end + end + + prompt.say "\n" + prompt.ok 'All done! You can now power on the Mastodon server 🐘' + prompt.say "\n" + + if db_connection_works && prompt.yes?('Do you want to create an admin user straight away?') + env.each_pair do |key, value| + ENV[key] = value.to_s + end + + require_relative '../../config/environment' + disable_log_stdout! + + username = prompt.ask('Username:') do |q| + q.required true + q.default 'admin' + q.validate(/\A[a-z0-9_]+\z/i) + q.modify :strip + end + + email = prompt.ask('E-mail:') do |q| + q.required true + q.modify :strip + end + + password = SecureRandom.hex(16) + + user = User.new(admin: true, email: email, password: password, confirmed_at: Time.now.utc, account_attributes: { username: username }) + user.save(validate: false) + + prompt.ok "You can login with the password: #{password}" + prompt.warn 'You can change your password once you login.' + end + else + prompt.warn 'Nothing saved. Bye!' + end + rescue TTY::Reader::InputInterrupt + prompt.ok 'Aborting. Bye!' + end + end + desc 'Execute daily tasks (deprecated)' task :daily do # No-op @@ -67,32 +423,40 @@ namespace :mastodon do desc 'Add a user by providing their email, username and initial password.' \ 'The user will receive a confirmation email, then they must reset their password before logging in.' task add_user: :environment do - print 'Enter email: ' - email = STDIN.gets.chomp - - print 'Enter username: ' - username = STDIN.gets.chomp - - print 'Create user and send them confirmation mail [y/N]: ' - confirm = STDIN.gets.chomp - puts - - if confirm.casecmp('y').zero? - password = SecureRandom.hex - user = User.new(email: email, password: password, account_attributes: { username: username }) - if user.save - puts 'User added and confirmation mail sent to user\'s email address.' - puts "Here is the random password generated for the user: #{password}" - else - puts 'Following errors occured while creating new user:' - user.errors.each do |key, val| - puts "#{key}: #{val}" + disable_log_stdout! + + prompt = TTY::Prompt.new + + begin + email = prompt.ask('E-mail:', required: true) do |q| + q.modify :strip + end + + username = prompt.ask('Username:', required: true) do |q| + q.modify :strip + end + + role = prompt.select('Role:', %w(user moderator admin)) + + if prompt.yes?('Proceed to create the user?') + user = User.new(email: email, password: SecureRandom.hex, admin: role == 'admin', moderator: role == 'moderator', account_attributes: { username: username }) + + if user.save + prompt.ok 'User created and confirmation mail sent to the user\'s email address.' + prompt.ok "Here is the random password generated for the user: #{password}" + else + prompt.warn 'User was not created because of the following errors:' + + user.errors.each do |key, val| + prompt.error "#{key}: #{val}" + end end + else + prompt.ok 'Aborting. Bye!' end - else - puts 'Aborted by user.' + rescue TTY::Reader::InputInterrupt + prompt.ok 'Aborting. Bye!' end - puts end namespace :media do |