From bdb53883a3e59260867dd829c849b27f72ec9d50 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Sun, 27 Aug 2023 15:30:50 +0000 Subject: [PATCH 01/61] Add script structure --- script_structure.md | 101 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 101 insertions(+) create mode 100644 script_structure.md diff --git a/script_structure.md b/script_structure.md new file mode 100644 index 0000000..57760e4 --- /dev/null +++ b/script_structure.md @@ -0,0 +1,101 @@ +script structure + +1. スクリプト概要の表示 +2. b/env判定(root,linux,arch,ram) - function +3. f/オプション選択 - function + 0. compose.yamlがあるか引数でオプション指定されていればそれを拾う #値が不正な場合、エラーを出す(値を直すか、compose.yamlを削除するように言う) + 1. method選択(dockerhub,docker_build,systemd) + 2. source入力 + - docker_hub + 1. dockerhubリポジトリ入力 + - docker_build + 1. gitリポジトリ入力 + - systemd + 1. gitリポジトリ入力 + 3. 実行ユーザー名入力 + 4. ホスト名入力 + 5. misskeyのポート入力 + 6. nginx入れるか確認 + - 入れない + 0. nginx, cloudflare, certbotをfalseにする + - 入れる + 1. ポート開けるか(ufw/iptables/no)、開ける場合はsshポートも聞く + 2. certbot入れるか + - 入れない + - 入れる + 1. 認証方法の選択(dns-cloudflare,http) + - dns-cloudflare + 1. cloudflareのメールアドレスとapikeyの入力 #ここで入力したメールアドレスが証明書取得にも使用されることに注意 + 2. cloudflare.iniに書き込む + - http + 1. メールアドレス入力 #証明書取得に使用 + 7. postgresql入れるか確認 + - 入れない #すでに構築済みの場合(構築していない場合は予め構築するように言う) + 1. hostとportを入力 + - 入れる + 1. hostはmisskeyと同じ、portは5432 + 8. postgresqlのユーザー名とパスワード、db名を入力 + 9. redis入れるか確認 + i. 入れない #すでに構築済みの場合(構築していない場合は予め構築するように言う) + 1. hostとportを入力 + ii. 入れる + 1. hostはmisskeyと同じ、portは6379 + 10. redisのパスワードを入力 + 11. swap確認 + - 十分なメモリがある場合 + - 十分なメモリがない場合 + 1. swapを作成するか確認 + - 作成する + - 作成しない + 1. メモリ不足でインストールが失敗する可能性がある旨を表示 + 12. 設定内容の確認 #compose.yamlがあるか引数でオプション指定されていた場合、確認を出すかどうか確認する必要がある #installed = trueの場合、失敗する&データが失われる可能性がある旨の警告を出す + 13. 設定内容の保存 #compose.yamlに保存する(上書き) +4. b/インストール - function + 1. compose.yamlでinstalled = trueにする #再実行された場合に警告するため + #methodによらず共通設定 + 2. ユーザー作成 + 3. apt update && apt install(methodによって入れるパッケージが一部異なる) + 4. すでにmisskeyディレクトリがある場合は削除 + 5. misskey用のconfig.yamlを作成 + 6. nginx入れる場合、ポートを開けて、gpgとリポジトリを追加 + 7. リポジトリ追加 + - systemdの場合 + 1. nodejsのセットアップをする(インストールの前段階) + - docker_hub,docker_buildの場合 + 1. dockerのgpgとリポジトリを追加 + 8. redis入れる場合、gpgとリポジトリを追加 + 9. apt update && apt install(nginx, nodejs, docker, postgresql, いずれもif) + 10. postgresql入れる場合、セットアップスクリプト動かす + 10. systemdの場合、corepackを有効化する + 11. インストール確認(バージョン表示) + - systemdの場合 + 1. node, corepack + 2. redis, nginx, postgresql (if) + - docker_hub,docker_buildの場合 + 1. docker + 2. redis, nginx, postgresql (if) + 11. postgresql入れる場合、DBとユーザーを作成 + 12. redis入れる場合 + 1. redis-serverのservice有効化 + 2. redis.confを設定 + 13. nginx入れる場合 + 1. configファイルを作成 #certbotでcloudflare認証使わない場合に、web認証のために:80でアクセス受け付けないといけないため + 2. certbot入れる場合、証明書取得してnginx.confファイルを設定 + 3. misskeyをnginx.confに設定 + 4. nginx.confの構文チェック + 5. nginxのserviceを有効化 + 14. docker_hub, docker_buildの場合 + 1. misskeyユーザーで実行するように設定 + 2. postgresql使う場合、pg_hba.confとpostgresql.confを設定 + 15. misskeyのセットアップ + - systemdの場合 + 1. セットアップ + 2. service作成 + 3. .misskey.envの作成 + 4. fin + - docker_hub, docker_buildの場合 + 1. docker_buildの場合、ビルド + 2. dockerコンテナの立ち上げ + 3. .misskey-docker.envの作成 + 4. dockerのログ表示 +fin \ No newline at end of file From 3689f8d675aebc3295b749d7ed3c85bd0e4d3411 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Sun, 27 Aug 2023 15:31:25 +0000 Subject: [PATCH 02/61] refactor --- a.sh | 478 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 478 insertions(+) create mode 100755 a.sh diff --git a/a.sh b/a.sh new file mode 100755 index 0000000..7130b67 --- /dev/null +++ b/a.sh @@ -0,0 +1,478 @@ +#!/bin/bash +# Copyright 2023 aqz/tamaina, joinmisskey +# +# Permission is hereby granted, free of charge, to any person +# obtaining a copy of this software and associated documentation files (the "Software"), +# to deal in the Software without restriction, including without limitation the rights +# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, +# and to permit persons to whom the Software is furnished to do so, +# subject to the following conditions: +# +# The above copyright notice and this permission notice +# shall be included in all copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, +# INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +# IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, +# DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +# + +#Version of this script +version="3.2.0_srgr0"; + +#About this script +tput setaf 4; +echo ""; +echo "Misskey setup script for Ubuntu"; +echo "v$version"; +echo ""; + +#Check environment(linux, root, arch) +function envtest() { + tput setaf 2; echo "Checking environment..."; tput setaf 7; + #Check if the script is running on Linux + tput setaf 2; echo -n "Linux; "; tput setaf 7; + if [ "$(command -v uname)" ]; then + if [ "$(uname -s)" == "Linux" ]; then + echo " OK."; + if ! [ -f "/etc/lsb-release" ]; then + echo " Warning: This script has been tested on Ubuntu and may not work on other distributions."; + fi + else + tput setaf 1; echo " NG. This script must be run on Linux."; + exit 1; + fi + else + tput setaf 1; + echo " NG."; + exit 1; + fi + + #Check if the script is running as root + tput setaf 2; echo -n "root; "; tput setaf 7; + if [ "$(whoami)" != 'root' ]; then + tput setaf 1; echo " NG. This script must be run as root."; + exit 1; + else + echo " OK."; + fi + + #Check architecture + tput setaf 2; echo -n "arch;"; tput setaf 7; + case $(uname -m) in + x86_64) + echo " x86_64 (amd64)"; + arch=amd64; + ;; + aarch64) + echo " aarch64 (arm64)"; + arch=arm64; + ;; + *) + tput setaf 1; echo " NG. $(uname -m) is unsupported architecture."; + exit 1; + ;; + esac +} + +#Select options +function options() { + #---reg: Install method--- + tput setaf 3; echo "Install Method"; tput setaf 7; + + #Install method + echo "Which method do you want to use to install Misskey?"; + echo "D = Use Docker Hub / b = Build a Docker image / s = Use Systemd"; + read -r -p "[D/b/s] > " dbs; + case "$dbs" in + [bB]) + #Docker build + echo "Build a Docker image."; + method="docker_build"; + ;; + [sS]) + #Systemd + echo "Use Systemd."; + method="systemd"; + ;; + *) + #Docker Hub + echo "Use Docker Hub."; + method="docker_hub"; + ;; + esac + #---end-reg--- + + echo ""; + + #---reg: Misskey setting--- + tput setaf 3; echo "Misskey setting"; tput setaf 7; + + #Git/Docker Repository + if [ $method = "docker_hub" ]; then + echo "Enter repository:tag of Docker Hub image:"; + read -r -p "> " -e -i "misskey/misskey:latest" docker_repository; + misskey_directory=misskey; + else + if [ $method = "docker_build" ]; then + docker_repository="local/misskey:latest"; + fi + echo "Enter repository url where you want to install:"; + read -r -p "> " -e -i "https://github.com/misskey-dev/misskey.git" git_repository; + echo "Enther the branch or tag"; + read -r -p "> " -e -i "master" git_branch; + echo "Enter the name of a new directory to clone:"; + read -r -p "> " -e -i "misskey" misskey_directory; + fi + + echo ""; + + #Username + echo "Enter the name of user with which you want to execute Misskey:"; + read -r -p "> " -e -i "misskey" misskey_user; + + echo ""; + + #Hostname + echo "Enter host where you want to install Misskey:"; + read -r -p "> " -e -i "example.com" host; + hostarr=(${host//./ }); + echo "OK, let's install $host!"; + + echo ""; + + #Port + echo "Enter the port number you want to use for Misskey:"; + read -r -p "> " -e -i "3000" misskey_port; + #---end-reg--- + + echo ""; + + #---reg: Nginx setting--- + tput setaf 3; echo "Nginx setting"; tput setaf 7; + + #Nginx(including certbot) + echo "Do you want to setup nginx?:"; + read -r -p "[Y/n] > " yn; + case "$yn" in + [nN]) + #Not to install nginx + echo "Nginx and Let's encrypt certificate will not be installed."; + echo "You should open ports manually."; + nginx_local=false; + certbot=false; + ;; + *) + #Install nginx + echo "Nginx will be installed on this computer."; + echo "Port 80 and 443 will be opened by modifying iptables."; + nginx_local=true; + + echo ""; + + #Method to open ports + echo "Do you want it to open ports, to setup ufw or iptables?:"; + echo "u = To setup ufw / i = To setup iptables / N = Not to open ports"; + read -r -p "[u/i/N] > " yn2; + case "$yn2" in + [uU]) + #ufw + echo "OK, it will use ufw."; + ufw=true; + iptables=false; + echo "SSH port: "; + read -r -p "> " -e -i "22" ssh_port; + ;; + [iI]) + #iptables + echo "OK, it will use iptables."; + ufw=false; + iptables=true; + echo "SSH port: "; + read -r -p "> " -e -i "22" ssh_port; + ;; + *) + #Not to open ports + echo "OK, you should open ports manually."; + ufw=false; + iptables=false; + ;; + esac + + echo ""; + + #---sub-reg: Certbot setting--- + tput setaf 3; echo "Certbot setting"; tput setaf 7; + + #Certbot + echo "Do you want it to setup certbot to connect with https?:"; + read -r -p "[Y/n] > " yn2; + case "$yn2" in + [nN]) + #Not to use certbot + certbot=false; + echo "OK, you don't setup certbot."; + ;; + *) + #Use certbot + certbot=true; + echo "OK, you want to setup certbot."; + ;; + esac + + echo ""; + + #Method to verify domain + if [ $certbot = true ]; then + echo "Do you use Cloudflare DNS?:"; + read -r -p "[Y/n] > " yn3; + case "$yn3" in + [nN]) + #Not to use Cloudflare DNS + certbot_dns_cloudflare=false; + certbot_http=true; + echo "OK, you don't use Cloudflare."; + echo ""; + echo "The domain is authenticated by http challenge. "; + echo "Make sure that your DNS is configured to this machine."; + + echo ""; + + echo "Enter Email address to register Let's Encrypt certificate"; + read -r -p "> " certbot_mailaddress; + ;; + *) + #Use Cloudflare DNS + certbot_dns_cloudflare=true; + certbot_http=false; + echo "OK, you want to use Cloudflare DNS. Let's set up Cloudflare DNS."; + echo ""; + echo "The domain is authenticated by DNS challenge. "; + echo "Make sure that Cloudflare DNS is configured and is in proxy mode."; + + echo ""; + + echo "Enter Email address you registered to Cloudflare:"; + echo "It also used to register Let's Encrypt certificate"; + read -r -p "> " certbot_cloudflare_mail; + echo "Open https://dash.cloudflare.com/profile/api-tokens to get Global API Key and enter here it."; + echo "Cloudflare API Key: "; + read -r -p "> " certbot_cloudflare_key; + + mkdir -p /etc/cloudflare; + cat > /etc/cloudflare/cloudflare.ini <<-_EOF + dns_cloudflare_email = $certbot_cloudflare_mail + dns_cloudflare_api_key = $certbot_cloudflare_key +_EOF + + chmod 600 /etc/cloudflare/cloudflare.ini; + ;; + esac + fi + #---end-sub-reg--- + + fi + #---end-reg--- + + echo ""; + + #---reg: Database (PostgreSQl) setting--- + tput setaf 3; echo "Database (PostgreSQL) setting"; tput setaf 7; + + #PostgreSQL + echo "Do you want to install postgres locally?:"; + echo "(If you have run this script before in this computer, choose n and enter values you have set.)"; + read -r -p "[Y/n] > " yn + case "$yn" in + [nN]) + #Not to install postgres locally + echo "You should prepare postgres manually until database is created."; + db_local=false; + + echo "Database host: "; + read -r -p "> " -e -i "$misskey_localhost" db_host; + echo "Database port:"; + read -r -p "> " -e -i "5432" db_port; + ;; + *) + #Install postgres locally + echo "PostgreSQL will be installed on this computer at $misskey_localhost:5432."; + db_local=true; + + db_host=$misskey_localhost; + db_port=5432; + ;; + esac + + #Database user name and password, database name + echo "Database user name: "; + read -r -p "> " -e -i "misskey" db_user; + echo "Database user password: "; + read -r -p "> " db_pass; + echo "Database name:"; + read -r -p "> " -e -i "mk1" db_name; + #---end-reg--- + + echo ""; + + #---reg: Redis setting--- + tput setaf 3; echo "Redis setting"; tput setaf 7; + + #Redis + echo "Do you want to install redis locally?:"; + echo "(If you have run this script before in this computer, choose n and enter values you have set.)" + read -r -p "[Y/n] > " yn + case "$yn" in + [nN]) + #Not to install redis locally + echo "You should prepare Redis manually."; + redis_local=false; + + echo "Redis host:"; + read -r -p "> " -e -i "$misskey_localhost" redis_host; + echo "Redis port:"; + read -r -p "> " -e -i "6379" redis_port; + ;; + *) + #Install redis locally + echo "Redis will be installed on this computer at $misskey_localhost:6379."; + redis_local=true; + + redis_host=$misskey_localhost; + redis_port=6379; + ;; + esac + + #Redis password + echo "Redis password:"; + read -r -p "> " redis_pass; + #---end-reg--- + + #---reg: Swap setting--- + #Only if the memory is less than 3GB + mem_all=$(free -t --si -g | tail -n 1); + mem_allarr=(${mem_all//\\t/ }); + mem_swap=$(free | tail -n 1); + mem_swaparr=(${mem_swap//\\t/ }); + if [ "${mem_allarr[1]}" -lt 3 ]; then + tput setaf 3; echo "Swap setting"; tput setaf 7; + + echo "This computer doesn't have enough RAM (>= 3GB, Current ${mem_allarr[1]}GB)."; + echo "Do you want to make swap?:"; + read -r -p "[Y/n] > " yn; + case "$yn" in + [nN]) + #Not to make swap + echo "OK, you don't make swap. But the system may not work properly."; + swap=false; + ;; + *) + #Make swap + echo "OK, you make swap."; + swap=true; + swap_size=(3 - "${mem_allarr[1]}")*1024; + echo "Swap size: ${swap_size}MB"; + ;; + esac + fi + #---end-reg--- +} + +#Confirm options +function confirm_options() { + tput setaf 3; echo "Confirm"; tput setaf 7; + + #---reg: Install method--- + echo "Install method: $method"; + #---end-reg--- + + #---reg: Misskey setting--- + if [ $method = "docker_hub" ]; then + echo "Docker Repository: $docker_repository"; + else + echo "Git Repository: $git_repository"; + echo "Git branch or tag: $git_branch"; + echo "Misskey directory: $misskey_directory"; + fi + echo "Misskey user: $misskey_user"; + echo "Host: $host"; + echo "Misskey port: $misskey_port"; + #---end-reg--- + + #---reg: Nginx setting--- + echo "Nginx: $nginx_local"; + if [ $nginx_local = true ]; then + echo "UFW: $ufw"; + echo "iptables: $iptables"; + echo "Certbot: $certbot"; + if [ $certbot = true ]; then + echo "Certbot DNS_Cloudflare: $certbot_dns_cloudflare"; + echo "Certbot HTTP: $certbot_http"; + if [ $certbot_dns_cloudflare = true ]; then + echo "Certbot Cloudflare mail: $certbot_cloudflare_mail"; + echo "Certbot Cloudflare key: **********"; + else + echo "Certbot mailaddress: $certbot_mailaddress"; + fi + fi + fi + #---end-reg--- + + #---reg: Database (PostgreSQL) setting--- + echo "PostgreSQL: $db_local"; + echo "Database host: $db_host"; + echo "Database port: $db_port"; + echo "Database user: $db_user"; + echo "Database password: **********"; + echo "Database name: $db_name"; + #---end-reg--- + + #---reg: Redis setting--- + echo "Redis: $redis_local"; + echo "Redis host: $redis_host"; + echo "Redis port: $redis_port"; + echo "Redis password: **********"; + #---end-reg--- + + #---reg: Swap setting--- + echo "Swap: $swap"; + if [ $swap = true ]; then + echo "Swap size: ${swap_size}MB"; + fi + #---end-reg--- + + echo ""; + + if [ $skip_confirm != true ]; then + echo "Is this correct? [Y/n]"; + read -r -p "> " yn; + case "$yn" in + [nN]) + #Not to install + echo "OK, you don't install Misskey."; + echo "if you want to change options and install Misskey, run this script again."; + exit 1; + ;; + *) + #Install + echo "OK, let's install Misskey!"; + ;; + esac + fi +} + +#Install Misskey +function install() { +} + + +function main() { + envtest; + #if envか因数があればoptionsをスキップ + options; + confirm_options; +} + +main; \ No newline at end of file From 944583577646957f377d7e79a65ec09b3136d90a Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Tue, 29 Aug 2023 07:40:39 +0000 Subject: [PATCH 03/61] refactor --- a.sh | 139 ++++++++++++++++++++++++++++++++++++++++++-- script_structure.md | 2 +- 2 files changed, 135 insertions(+), 6 deletions(-) diff --git a/a.sh b/a.sh index 7130b67..a8a019d 100755 --- a/a.sh +++ b/a.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/bin/bash -eu # Copyright 2023 aqz/tamaina, joinmisskey # # Permission is hereby granted, free of charge, to any person @@ -77,6 +77,114 @@ function envtest() { esac } +#Load options +function load_options() { + #Load options + source "$2"; + + #Check if the options are valid + #Install method + if [ "$method" != "docker_hub" ] && [ "$method" != "docker_build" ] && [ "$method" != "systemd" ]; then + tput setaf 1; echo "Error: method is invalid."; tput setaf 7; + exit 1; + fi + + #Misskey setting + if [ "$method" = "docker_hub" ]; then + if [ -z "$docker_repository" ]; then + tput setaf 1; echo "Error: docker_repository is not set."; tput setaf 7; + exit 1; + fi + else + if [ -z "$git_repository" ]; then + tput setaf 1; echo "Error: git_repository is not set."; tput setaf 7; + exit 1; + fi + if [ -z "$git_branch" ]; then + tput setaf 1; echo "Error: git_branch is not set."; tput setaf 7; + exit 1; + fi + if [ -z "$misskey_directory" ]; then + tput setaf 1; echo "Error: misskey_directory is not set."; tput setaf 7; + exit 1; + fi + fi + if [ -z "$misskey_user" ]; then + tput setaf 1; echo "Error: misskey_user is not set."; tput setaf 7; + exit 1; + fi + if [ -z "$host" ]; then + tput setaf 1; echo "Error: host is not set."; tput setaf 7; + exit 1; + fi + if [ -z "$misskey_port" ]; then + tput setaf 1; echo "Error: misskey_port is not set."; tput setaf 7; + exit 1; + fi + + #Nginx setting + if [ "$nginx_local" != true ] && [ "$nginx_local" != false ]; then + tput setaf 1; echo "Error: nginx_local is invalid."; tput setaf 7; + exit 1; + fi + if [ "$nginx_local" = true]; then + +} + + +#Save options +function save_options() { + #Temporarily allow undefined variables + set +u; + cat > options.txt <<-_EOF + #Install method + method=$method + + #Misskey setting + docker_repository=$docker_repository + git_repository=$git_repository + git_branch=$git_branch + misskey_directory=$misskey_directory + misskey_user=$misskey_user + host=$host + misskey_port=$misskey_port + + #Nginx setting + nginx_local=$nginx_local + ufw=$ufw + iptables=$iptables + certbot=$certbot + certbot_dns_cloudflare=$certbot_dns_cloudflare + certbot_http=$certbot_http + certbot_mailaddress=$certbot_mailaddress + certbot_cloudflare_mail=$certbot_cloudflare_mail + certbot_cloudflare_key=$certbot_cloudflare_key + + #Database (PostgreSQL) setting + db_local=$db_local + db_host=$db_host + db_port=$db_port + db_user=$db_user + db_pass=$db_pass + db_name=$db_name + + #Redis setting + redis_local=$redis_local + redis_host=$redis_host + redis_port=$redis_port + redis_pass=$redis_pass + + #Swap setting + swap=$swap + swap_size=$swap_size + + #Skip confirm + #skip_confirm=false +_EOF + #Disallow undefined variables again + set -u; +} + #Select options function options() { #---reg: Install method--- @@ -445,7 +553,8 @@ function confirm_options() { echo ""; - if [ $skip_confirm != true ]; then + #Confirm options if skip_confirm is not true or not set + if [ -z ${skip_confirm+x} ] || [ $skip_confirm != true ]; then echo "Is this correct? [Y/n]"; read -r -p "> " yn; case "$yn" in @@ -467,12 +576,32 @@ function confirm_options() { function install() { } - +#Main function main() { + #First, check environment envtest; - #if envか因数があればoptionsをスキップ - options; + + #Second, select options + #If a yaml file is specified with the -c option, load the file. Otherwise, run options. + if [ "$1" = "-c" ]; then + if [ -f "$2" ]; then + load_options; + else + tput setaf 1; echo "Error: $2 is not found or is not a file."; + exit 1; + fi + else + options; + fi + + #Third, confirm options confirm_options; + + #Fourth, save options + save_options; + + #Fifth, install Misskey + install; } main; \ No newline at end of file diff --git a/script_structure.md b/script_structure.md index 57760e4..6cd5be7 100644 --- a/script_structure.md +++ b/script_structure.md @@ -3,7 +3,7 @@ script structure 1. スクリプト概要の表示 2. b/env判定(root,linux,arch,ram) - function 3. f/オプション選択 - function - 0. compose.yamlがあるか引数でオプション指定されていればそれを拾う #値が不正な場合、エラーを出す(値を直すか、compose.yamlを削除するように言う) + 0. compose.yamlが指定されていればそれを読み込む #値が不正な場合、エラーを出す(値を直すか、compose.yamlを削除するように言う) 1. method選択(dockerhub,docker_build,systemd) 2. source入力 - docker_hub From 6b6c2a63da284bf9dfb7f0b26f34e7ef008bf518 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Wed, 6 Sep 2023 00:31:57 +0900 Subject: [PATCH 04/61] refactor --- a.sh | 899 +++++++++++++++++++++++++++++++++++++++++--- script_structure.md | 9 +- 2 files changed, 846 insertions(+), 62 deletions(-) diff --git a/a.sh b/a.sh index a8a019d..f03cdb5 100755 --- a/a.sh +++ b/a.sh @@ -20,7 +20,7 @@ # #Version of this script -version="3.2.0_srgr0"; +version="s0.1.0"; #About this script tput setaf 4; @@ -31,7 +31,8 @@ echo ""; #Check environment(linux, root, arch) function envtest() { - tput setaf 2; echo "Checking environment..."; tput setaf 7; + tput setaf 3; echo "Checking environment..."; tput setaf 7; + #Check if the script is running on Linux tput setaf 2; echo -n "Linux; "; tput setaf 7; if [ "$(command -v uname)" ]; then @@ -79,6 +80,8 @@ function envtest() { #Load options function load_options() { + tput setaf 3; echo "Loading options from $2..."; tput setaf 7; + #Load options source "$2"; @@ -127,66 +130,162 @@ function load_options() { tput setaf 1; echo "Error: nginx_local is invalid."; tput setaf 7; exit 1; fi - if [ "$nginx_local" = true]; then - -} - - -#Save options -function save_options() { - #Temporarily allow undefined variables - set +u; - cat > options.txt <<-_EOF - #Install method - method=$method - - #Misskey setting - docker_repository=$docker_repository - git_repository=$git_repository - git_branch=$git_branch - misskey_directory=$misskey_directory - misskey_user=$misskey_user - host=$host - misskey_port=$misskey_port - - #Nginx setting - nginx_local=$nginx_local - ufw=$ufw - iptables=$iptables - certbot=$certbot - certbot_dns_cloudflare=$certbot_dns_cloudflare - certbot_http=$certbot_http - certbot_mailaddress=$certbot_mailaddress - certbot_cloudflare_mail=$certbot_cloudflare_mail - certbot_cloudflare_key=$certbot_cloudflare_key + if [ "$nginx_local" = true ]; then + if [ "$ufw" != true ] && [ "$ufw" != false ]; then + tput setaf 1; echo "Error: ufw is invalid."; tput setaf 7; + exit 1; + fi + if [ "$iptables" != true ] && [ "$iptables" != false ]; then + tput setaf 1; echo "Error: iptables is invalid."; tput setaf 7; + exit 1; + fi + if [ "$certbot" != true ] && [ "$certbot" != false ]; then + tput setaf 1; echo "Error: certbot is invalid."; tput setaf 7; + exit 1; + fi + if [ "$certbot" = true ]; then + if [ "$certbot_dns_cloudflare" != true ] && [ "$certbot_dns_cloudflare" != false ]; then + tput setaf 1; echo "Error: certbot_dns_cloudflare is invalid."; tput setaf 7; + exit 1; + fi + if [ "$certbot_http" != true ] && [ "$certbot_http" != false ]; then + tput setaf 1; echo "Error: certbot_http is invalid."; tput setaf 7; + exit 1; + fi + if [ "$certbot_dns_cloudflare" = true ]; then + if [ -z "$certbot_cloudflare_mail" ]; then + tput setaf 1; echo "Error: certbot_cloudflare_mail is not set."; tput setaf 7; + exit 1; + fi + if [ -z "$certbot_cloudflare_key" ]; then + tput setaf 1; echo "Error: certbot_cloudflare_key is not set."; tput setaf 7; + exit 1; + fi + else + if [ -z "$certbot_mailaddress" ]; then + tput setaf 1; echo "Error: certbot_mailaddress is not set."; tput setaf 7; + exit 1; + fi + fi + fi + fi #Database (PostgreSQL) setting - db_local=$db_local - db_host=$db_host - db_port=$db_port - db_user=$db_user - db_pass=$db_pass - db_name=$db_name + if [ "$db_local" != true ] && [ "$db_local" != false ]; then + tput setaf 1; echo "Error: db_local is invalid."; tput setaf 7; + exit 1; + fi + if [ -z "$db_host" ]; then + tput setaf 1; echo "Error: db_host is not set."; tput setaf 7; + exit 1; + fi + if [ -z "$db_port" ]; then + tput setaf 1; echo "Error: db_port is not set."; tput setaf 7; + exit 1; + fi + if [ -z "$db_user" ]; then + tput setaf 1; echo "Error: db_user is not set."; tput setaf 7; + exit 1; + fi + if [ -z "$db_pass" ]; then + tput setaf 1; echo "Error: db_pass is not set."; tput setaf 7; + exit 1; + fi + if [ -z "$db_name" ]; then + tput setaf 1; echo "Error: db_name is not set."; tput setaf 7; + exit 1; + fi #Redis setting - redis_local=$redis_local - redis_host=$redis_host - redis_port=$redis_port - redis_pass=$redis_pass + if [ "$redis_local" != true ] && [ "$redis_local" != false ]; then + tput setaf 1; echo "Error: redis_local is invalid."; tput setaf 7; + exit 1; + fi + if [ -z "$redis_host" ]; then + tput setaf 1; echo "Error: redis_host is not set."; tput setaf 7; + exit 1; + fi + if [ -z "$redis_port" ]; then + tput setaf 1; echo "Error: redis_port is not set."; tput setaf 7; + exit 1; + fi + if [ -z "$redis_pass" ]; then + tput setaf 1; echo "Error: redis_pass is not set."; tput setaf 7; + exit 1; + fi #Swap setting - swap=$swap - swap_size=$swap_size + if [ "$swap" != true ] && [ "$swap" != false ]; then + tput setaf 1; echo "Error: swap is invalid."; tput setaf 7; + exit 1; + fi + if [ "$swap" = true ]; then + if [ -z "$swap_size" ]; then + tput setaf 1; echo "Error: swap_size is not set."; tput setaf 7; + exit 1; + fi + fi +} + +#Save options +function save_options() { + tput setaf 3; echo "Saving options to ./misskey_compose.txt..."; tput setaf 7; - #Skip confirm - #skip_confirm=false -_EOF + #Temporarily allow undefined variables + set +u; + cat > ./misskey_compose.txt <<-EOF + #Install method + method=$method + + #Misskey setting + docker_repository=$docker_repository + git_repository=$git_repository + git_branch=$git_branch + misskey_directory=$misskey_directory + misskey_user=$misskey_user + host=$host + misskey_port=$misskey_port + + #Nginx setting + nginx_local=$nginx_local + ufw=$ufw + iptables=$iptables + certbot=$certbot + certbot_dns_cloudflare=$certbot_dns_cloudflare + certbot_http=$certbot_http + certbot_mailaddress=$certbot_mailaddress + certbot_cloudflare_mail=$certbot_cloudflare_mail + certbot_cloudflare_key=$certbot_cloudflare_key + + #Database (PostgreSQL) setting + db_local=$db_local + db_host=$db_host + db_port=$db_port + db_user=$db_user + db_pass=$db_pass + db_name=$db_name + + #Redis setting + redis_local=$redis_local + redis_host=$redis_host + redis_port=$redis_port + redis_pass=$redis_pass + + #Swap setting + swap=$swap + swap_size=$swap_size + + #Skip confirm + #skip_confirm=false + EOF #Disallow undefined variables again set -u; } #Select options function options() { + tput setaf 3; echo "Select options."; tput setaf 7; + #---reg: Install method--- tput setaf 3; echo "Install Method"; tput setaf 7; @@ -370,10 +469,11 @@ function options() { read -r -p "> " certbot_cloudflare_key; mkdir -p /etc/cloudflare; - cat > /etc/cloudflare/cloudflare.ini <<-_EOF + cat > /etc/cloudflare/cloudflare.ini <<-EOF dns_cloudflare_email = $certbot_cloudflare_mail dns_cloudflare_api_key = $certbot_cloudflare_key -_EOF + EOF + #↑tab indent chmod 600 /etc/cloudflare/cloudflare.ini; ;; @@ -484,13 +584,16 @@ _EOF echo "Swap size: ${swap_size}MB"; ;; esac + else + #Need not to make swap + swap=false; fi #---end-reg--- } #Confirm options function confirm_options() { - tput setaf 3; echo "Confirm"; tput setaf 7; + tput setaf 3; echo "Confirm options."; tput setaf 7; #---reg: Install method--- echo "Install method: $method"; @@ -574,33 +677,715 @@ function confirm_options() { #Install Misskey function install() { + tput setaf 3; echo "Install Misskey."; tput setaf 7; + + #Check if Misskey is already installed + if [ -f "/root/.misskey_installed" ]; then + tput setaf 1; echo "Error: Misskey is marked as already installed."; tput setaf 7; + echo "if you want to install Misskey forcibly, delete /root/.misskey_installed."; + exit 1; + fi + touch /root/.misskey_installed; + + #Install Packeges + function install_packages() { + tput setaf 3; echo "Process: apt install #1;"; tput setaf 7; + + apt -qq update -y; + apt -qq install -y curl nano jq gnupg2 apt-transport-https ca-certificates lsb-release software-properties-common uidmap$($certbot && echo " certbot")$($nginx_local && ($ufw && echo " ufw" || $iptables && echo " iptables-persistent"))$($certbot_dns_cloudflare && echo " python3-certbot-dns-cloudflare")$([ $method != "docker_hub" ] && echo " git")$([ $method == "systemd" ] && echo " ffmpeg build-essential"); + } + + #Create a user to run Misskey + function add_user() { + tput setaf 3; echo "Process: add misskey user ($misskey_user);"; tput setaf 7; + + if ! id -u "$misskey_user" > /dev/null 2>&1; then + useradd -m -U -s /bin/bash "$misskey_user"; + else + echo "Error: $misskey_user already exists."; + fi + echo "misskey_user=\"$misskey_user\"" > /root/.misskey.env + echo "version=\"$version\"" >> /root/.misskey.env + } + + #Delete Misskey directory if exists + function delete_misskey_directory() { + tput setaf 3; echo "Process: delete misskey directory ($misskey_directory);"; tput setaf 7; + + if [ -e "/home/$misskey_user/$misskey_directory" ]; then + rm -rf "/home/$misskey_user/$misskey_directory"; + fi + } + + #Clone git repository + function git_clone() { + tput setaf 3; echo "Process: clone git repository;"; tput setaf 7; + + sudo -iu "$misskey_user" git clone -b "$branch" --depth 1 --recursive "$repository" "$misskey_directory"; + } + + #Create misskey config file + function create_config() { + tput setaf 3; echo "Process: create config;"; tput setaf 7; + + sudo -iu "$misskey_user" cat > "$misskey_directory/.config/default.yml" <<-EOF + url: https://$host + port: $misskey_port + + # PostgreSQL + db: + host: '$db_host' + port: $db_port + db : '$db_name' + user: '$db_user' + pass: '$db_pass' + + # Redis + redis: + host: '$redis_host' + port: $redis_port + pass: '$redis_pass' + + # ID type + id: 'aid' + + # Proxy remote files (default: true) + # Proxy remote files by this instance or mediaProxy to prevent remote files from running in remote domains. + proxyRemoteFiles: true + + # Sign to ActivityPub GET request (default: true) + signToActivityPubGet: true + + proxyBypassHosts: + - api.deepl.com + - api-free.deepl.com + - www.recaptcha.net + - hcaptcha.com + - challenges.cloudflare.com + - summaly.arkjp.net + EOF + } + + #Open ports + function open_ports() { + tput setaf 3; echo "Process: open ports;"; tput setaf 7; + + #ufw + if $ufw; then + ufe default deny; + ufw allow "$ssh_port/tcp"; + ufw allow 80; + ufw allow 443; + ufw --force enable; + ufw status; + fi + + #iptables + if $iptables; then + if iptables -C INPUT -p tcp --dport "$ssh_port" -j ACCEPT &> /dev/null; then + echo "iptables rule for port $ssh_port already exists" + else + iptables -I INPUT -p tcp --dport "$ssh_port" -j ACCEPT + echo "iptables rule for port $ssh_port added" + fi + + if iptables -C INPUT -p tcp --dport 80 -j ACCEPT &> /dev/null; then + echo "iptables rule for port 80 already exists" + else + iptables -I INPUT -p tcp --dport 80 -j ACCEPT + echo "iptables rule for port 80 added" + fi + + if iptables -C INPUT -p tcp --dport 443 -j ACCEPT &> /dev/null; then + echo "iptables rule for port 443 already exists" + else + iptables -I INPUT -p tcp --dport 443 -j ACCEPT + echo "iptables rule for port 443 added" + fi + + if ip6tables -C INPUT -p tcp --dport "$ssh_port" -j ACCEPT &> /dev/null; then + echo "ip6tables rule for port $ssh_port already exists" + else + ip6tables -I INPUT -p tcp --dport "$ssh_port" -j ACCEPT + echo "ip6tables rule for port $ssh_port added" + fi + + if ip6tables -C INPUT -p tcp --dport 80 -j ACCEPT &> /dev/null; then + echo "ip6tables rule for port 80 already exists" + else + ip6tables -I INPUT -p tcp --dport 80 -j ACCEPT + echo "ip6tables rule for port 80 added" + fi + + if ip6tables -C INPUT -p tcp --dport 443 -j ACCEPT &> /dev/null; then + echo "ip6tables rule for port 443 already exists" + else + ip6tables -I INPUT -p tcp --dport 443 -j ACCEPT + echo "ip6tables rule for port 443 added" + fi + + iptables-save > /etc/iptables/rules.v4 + ip6tables-save > /etc/iptables/rules.v6 + iptables -L; + ip6tables -L; + fi + } + + #Install Nginx + function prepare_nginx() { + tput setaf 3; echo "Process: prepare nginx;"; tput setaf 7; + + #Add nginx gpg key + curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor | sudo tee /usr/share/keyrings/nginx-archive-keyring.gpg > /dev/null; + + #Check nginx gpg key + if gpg --dry-run --quiet --no-keyring --import --import-options import-show /usr/share/keyrings/nginx-archive-keyring.gpg | grep -q 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; then + echo "OK. nginx gpg key is valid."; + else + tput setaf 1; echo "Error: nginx gpg key is invalid."; tput setaf 7; + exit 1; + fi + + #Setup nginx repository + echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] http://nginx.org/packages/ubuntu $(lsb_release -cs) nginx" | sudo tee /etc/apt/sources.list.d/nginx.list; + echo -e "Package: *\nPin: origin nginx.org\nPin: release o=nginx\nPin-Priority: 900\n" | sudo tee /etc/apt/preferences.d/99nginx; + + #Install nginx + apt -qq update -y; + apt -qq install -y nginx; + + #Check version + tput setaf 3; + echo "Nginx version:"; + nginx -v; + tput setaf 7; + } + + #Install Nodejs + function prepare_nodejs() { + tput setaf 3; echo "Process: prepare nodejs;"; tput setaf 7; + + #Add nodejs gpg key + curl -sL https://deb.nodesource.com/setup_20.x | sudo -E bash -; + + #Install nodejs + apt -qq update -y; + apt -qq install -y nodejs libjemalloc-dev; + + #Check version + tput setaf 3; + echo "Nodejs version:"; + node -v; + tput setaf 7; + + #Enable corepack + corepack enable; + + #Check version + tput setaf 3; + echo "Corepack version:"; + corepack -v; + tput setaf 7; + } + + #Install Docker + function prepare_docker() { + tput setaf 3; echo "Process: prepare docker;"; tput setaf 7; + + #Add docker gpg key + if ! [ -e /usr/share/keyrings/docker-archive-keyring.gpg ]; then + curl -sL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg + fi + + #Setup docker repository + echo "deb [arch=$arch signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null + + #Install docker + apt -qq update -y; + apt install -qq -y docker-ce docker-ce-cli containerd.io; + + #Check version + tput setaf 3; + echo "Docker version:"; + docker --version; + tput setaf 7; + } + + #Install Redis + function prepare_redis() { + tput setaf 3; echo "Process: prepare redis;"; tput setaf 7; + + #Add redis gpg key + curl -fsSL https://packages.redis.io/gpg | sudo gpg --dearmor -o /usr/share/keyrings/redis-archive-keyring.gpg; + + #Setup redis repository + echo "deb [signed-by=/usr/share/keyrings/redis-archive-keyring.gpg] https://packages.redis.io/deb $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/redis.list; + + #Install redis + apt -qq update -y; + apt -qq install -y redis; + + #Check version + tput setaf 3; + echo "Redis version:"; + redis-server --version; + tput setaf 7; + } + + #Install PostgreSQL + function prepare_postgresql() { + tput setaf 3; echo "Process: prepare postgresql;"; tput setaf 7; + + #Install postgresql + apt -qq install -y postgresql-common; + + #Setup + sh /usr/share/postgresql-common/pgdg/apt.postgresql.org.sh -i -v 15; + + #Check version + tput setaf 3; + echo "PostgreSQL version:"; + psql --version; + tput setaf 7; + } + + #Create DB and user + function create_db() { + tput setaf 3; echo "Process: create db and user;"; tput setaf 7; + + #Create user + sudo -iu postgres psql -c "CREATE ROLE $db_user LOGIN PASSWORD '$db_pass';"; + + #Create database + sudo -iu postgres psql -c "CREATE DATABASE $db_name OWNER $db_user;"; + } + + #Setup Redis + function setup_redis() { + #Activate Redis daemon + tput setaf 3; echo "Process: activate redis daemon;"; tput setaf 7; + systemctl start redis-server; + systemctl enable redis-server; + + #Create Redis config file + tput setaf 3; echo "Process: create redis config file;"; tput setaf 7; + if [ -f /etc/redis/redis.conf ]; then + echo "requirepass $redis_pass" > /etc/redis/misskey.conf + [ $method != "systemd" ] && echo "bind $docker_host_ip" >> /etc/redis/misskey.conf + + if ! grep "include /etc/redis/misskey.conf" /etc/redis/redis.conf; then + echo "include /etc/redis/misskey.conf" >> /etc/redis/redis.conf; + else + echo " skip" + fi + else + echo "Couldn't find /etc/redis/redis.conf." + echo "Please modify redis config in another shell like following." + echo "" + echo "requirepass $redis_pass" + [ $method != "systemd" ] && echo "bind $docker_host_ip" + echo "" + read -r -p "Press Enter key to continue> " + fi + + #Restart Redis daemon + systemctl restart redis-server; + } + + #Setup Nginx + function setup_nginx() { + if certbot; then + #With certbot(https & http) + #Create nginx config file for http + tput setaf 3; echo "Process: create nginx config file for http;"; tput setaf 7; + + cat > "/etc/nginx/conf.d/$host.conf" <<-EOF + # nginx configuration for Misskey + # Created by joinmisskey/bash-install v$version + + # For WebSocket + map \$http_upgrade \$connection_upgrade { + default upgrade; + '' close; + } + + proxy_cache_path /tmp/nginx_cache levels=1:2 keys_zone=cache1:16m max_size=1g inactive=720m use_temp_path=off; + + server { + listen 80; + listen [::]:80; + server_name $host; + + # For SSL domain validation + root /var/www/html; + location /.well-known/acme-challenge/ { allow all; } + location /.well-known/pki-validation/ { allow all; } + + # with https + location / { return 301 https://\$server_name\$request_uri; } + } + EOF + + #Get certificate + tput setaf 3; echo "Process: get certificate;"; tput setaf 7; + + nginx -t; + systemctl restart nginx; + if $cloudflare; then + certbot certonly -t -n --agree-tos --dns-cloudflare --dns-cloudflare-credentials /etc/cloudflare/cloudflare.ini --dns-cloudflare-propagation-seconds 60 --server https://acme-v02.api.letsencrypt.org/directory $([ ${#hostarr[*]} -eq 2 ] && echo " -d $host -d *.$host" || echo " -d $host") -m "$cf_mail"; + else + mkdir -p /var/www/html; + certbot certonly -t -n --agree-tos --webroot --webroot-path /var/www/html $([ ${#hostarr[*]} -eq 2 ] && echo " -d $host" || echo " -d $host") -m "$cf_mail"; + fi + + #Modify nginx config file for https + tput setaf 3; echo "Process: edit nginx config file for https;"; tput setaf 7; + + cat > "/etc/nginx/conf.d/$host.conf" <<-EOF + server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name $host; + + ssl_session_timeout 1d; + ssl_session_cache shared:ssl_session_cache:10m; + ssl_session_tickets off; + + # To use Let's Encrypt certificate + ssl_certificate /etc/letsencrypt/live/$host/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/$host/privkey.pem; + + # SSL protocol settings + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; + ssl_prefer_server_ciphers off; + ssl_stapling on; + ssl_stapling_verify on; + + # Change to your upload limit + client_max_body_size 80m; + + # Proxy to Node + location / { + proxy_pass http://127.0.0.1:$misskey_port; + proxy_set_header Host \$host; + proxy_http_version 1.1; + proxy_redirect off; + + $($certbot_dns_cloudflare || echo "# If it's behind another reverse proxy or CDN, remove the following.") + $($certbot_dns_cloudflare || echo "proxy_set_header X-Real-IP \$remote_addr;") + $($certbot_dns_cloudflare || echo "proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;") + $($certbot_dns_cloudflare || echo "proxy_set_header X-Forwarded-Proto https;") + + # For WebSocket + proxy_set_header Upgrade \$http_upgrade; + proxy_set_header Connection \$connection_upgrade; + + # Cache settings + proxy_cache cache1; + proxy_cache_lock on; + proxy_cache_use_stale updating; + proxy_force_ranges on; + add_header X-Cache \$upstream_cache_status; + EOF + + else + #Not with certbot(http only) + #Create nginx config file for http + tput setaf 3; echo "Process: create nginx config file;"; tput setaf 7; + + cat > "/etc/nginx/conf.d/$host.conf" <<-EOF + # nginx configuration for Misskey + # Created by joinmisskey/bash-install v$version + + # For WebSocket + map \$http_upgrade \$connection_upgrade { + default upgrade; + '' close; + } + + proxy_cache_path /tmp/nginx_cache levels=1:2 keys_zone=cache1:16m max_size=1g inactive=720m use_temp_path=off; + + server { + listen 80; + listen [::]:80; + server_name $host; + + # For SSL domain validation + root /var/www/html; + location /.well-known/acme-challenge/ { allow all; } + location /.well-known/pki-validation/ { allow all; } + + # Change to your upload limit + client_max_body_size 80m; + + # Proxy to Node + location / { + proxy_pass http://127.0.0.1:$misskey_port; + proxy_set_header Host \$host; + proxy_http_version 1.1; + proxy_redirect off; + + # If it's behind another reverse proxy or CDN, remove the following.") + proxy_set_header X-Real-IP \$remote_addr;") + proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;") + proxy_set_header X-Forwarded-Proto https;") + + # For WebSocket + proxy_set_header Upgrade \$http_upgrade; + proxy_set_header Connection \$connection_upgrade; + + # Cache settings + proxy_cache cache1; + proxy_cache_lock on; + proxy_cache_use_stale updating; + proxy_force_ranges on; + add_header X-Cache \$upstream_cache_status; + } + EOF + fi + + #Check config + tput setaf 3; echo "Process: check nginx config;"; tput setaf 7; + nginx -t; + + #Activate nginx daemon + tput setaf 3; echo "Process: activate nginx daemon;"; tput setaf 7; + systemctl restart nginx; + systemctl enable nginx; + + #Check response + tput setaf 3; echo "Process: check response;"; tput setaf 7; + if curl http://localhost | grep -q nginx; then + echo " OK."; + else + tput setaf 1; echo " NG."; + exit 1; + fi + } + + #Setup Docker + function setup_docker() { + #Enable rootless docker + tput setaf 3; echo "Process: use rootless docker;" tput setaf 7; + systemctl disable --now docker.service docker.socket + loginctl enable-linger "$misskey_user" + sleep 5 + sudo -iu "$misskey_user" <<-EOF + set -eu; + cd ~; + export XDG_RUNTIME_DIR=/run/user/$m_uid; + export DOCKER_HOST=unix:///run/user/$m_uid/docker.sock; + systemctl --user --no-pager + dockerd-rootless-setuptool.sh install + docker ps; + EOF + + #Modify postgresql config + if $db_local; then + tput setaf 3; echo "Process: modify postgres confs;" tput setaf 7; + #hba file + pg_hba=$(sudo -iu postgres psql -t -P format=unaligned -c 'show hba_file') + #config file + pg_conf=$(sudo -iu postgres psql -t -P format=unaligned -c 'show config_file') + #docker host ip + [[ $(ip addr | grep "$docker_host_ip") =~ /([0-9]+) ]] && subnet=${BASH_REMATCH[1]}; + + #Check hba file and add a line if not exists + hba_text="host $db_name $db_user $docker_host_ip/$subnet md5" + if ! grep "$hba_text" "$pg_hba"; then + echo "$hba_text" >> "$pg_hba"; + fi + + #Check config file and edit a line if not exists + pgconf_search="#listen_addresses = 'localhost'" + pgconf_text="listen_addresses = '$docker_host_ip'" + if grep "$pgconf_search" "$pg_conf"; then + sed -i'.mkmoded' -e "s/$pgconf_search/$pgconf_text/g" "$pg_conf"; + elif grep "$pgconf_text" "$pg_conf"; then + echo " skip" + else + echo "Please edit postgresql.conf to set [listen_addresses = '$docker_host_ip'] by your hand." + read -r -p "Enter the editor command and press Enter key > " -e -i "nano" editorcmd + $editorcmd "$pg_conf"; + fi + systemctl restart postgresql; + fi + } + + #Setup Misskey for systemd + function setup_misskey_systemd() { + #Setup misskey + tput setaf 3; echo "Process: setup misskey;" tput setaf 7; + sudo -iu "$misskey_user" <<-EOF; + set -eu; + cd ~ + cd "$misskey_directory"; + + tput setaf 3; echo "Process: install npm packages;" tput setaf 7; + NODE_ENV=production pnpm install --frozen-lockfile; + + tput setaf 3; echo "Process: build misskey;" tput setaf 7; + NODE_OPTIONS=--max_old_space_size=3072 NODE_ENV=production pnpm run build; + + tput setaf 3; echo "Process: initialize database;" tput setaf 7; + NODE_OPTIONS=--max_old_space_size=3072 pnpm run init; + + tput setaf 3; echo "Check: If Misskey starts correctly;" tput setaf 7; + if NODE_ENV=production timeout 40 npm start 2> /dev/null | grep -q "Now listening on port"; then + echo " OK."; + else + tput setaf 1; echo " NG."; + fi + EOF + + #Create misskey daemon + tput setaf 3; echo "Process: create misskey daemon;" tput setaf 7; + cat > "/etc/systemd/system/$host.service" <<-EOF; + [Unit] + Description=Misskey daemon + + [Service] + Type=simple + User=$misskey_user + ExecStart=$(command -v npm) start + WorkingDirectory=/home/$misskey_user/$misskey_directory + Environment="NODE_ENV=production" + Environment="LD_PRELOAD=/usr/lib/$(uname -m)-linux-gnu/libjemalloc.so.2" + TimeoutSec=60 + StandardOutput=journal + StandardError=journal + SyslogIdentifier="$host" + Restart=always + + [Install] + WantedBy=multi-user.target + EOF + + #Enable misskey daemon + tput setaf 3; echo "Process: enable misskey daemon;" tput setaf 7; + systemctl daemon-reload; + systemctl enable "$host"; + systemctl start "$host"; + systemctl status "$host" --no-pager; + + #Create .misskey.env + tput setaf 3; echo "Process: create .misskey.env;" tput setaf 7; + su "$misskey_user" <<-EOF + set -eu; + cd ~; + + cat > ".misskey.env" <<-_EOF + host="$host" + misskey_port=$misskey_port + misskey_directory="$misskey_directory" + misskey_localhost="$misskey_localhost" + version="$version" + _EOF + EOF + + tput setaf 2; + tput bold; + echo "ALL MISSKEY INSTALLATION PROCESSES ARE COMPLETE!"; + echo "Jump to https://$host/ and continue setting up your instance."; + tput setaf 7; + echo "This script version is v$version."; + echo "Please follow @joinmisskey@misskey.io to address bugs and updates."; + } + + #Setup Misskey for docker(docker_hub and docker_build) + function setup_misskey_docker() { + if [ $method == "docker_build" ]; then + tput setaf 3; echo "Process: build docker image;"; tput setaf 7; + sudo -iu "$misskey_user" XDG_RUNTIME_DIR=/run/user/$m_uid DOCKER_HOST=unix:///run/user/$m_uid/docker.sock docker build -t $docker_repository "/home/$misskey_user/$misskey_directory"; + fi + + #Create .misskey-docker.env + tput setaf 3; echo "Process: create misskey-docker.env;"; tput setaf 7; + su "$misskey_user" <<-MKEOF + set -eu; + cd ~; + + cat > ".misskey-docker.env" <<-_EOF + method="$method" + host="$host" + misskey_port=$misskey_port + misskey_directory="$misskey_directory" + misskey_localhost="$misskey_localhost" + docker_host_ip=$docker_host_ip + docker_repository="$docker_repository" + docker_container="$docker_container" + version="$version" + _EOF + MKEOF + + tput setaf 2; + tput bold; + echo "ALL MISSKEY INSTALLATION PROCESSES ARE COMPLETE!"; + echo "Now all we need to do is run docker run." + tput setaf 7; + echo "Watch the screen." + echo "When it shows \"Now listening on port $misskey_port on https://$host\"," + echo "press Ctrl+C to exit logs and jump to https://$host/ and continue setting up your instance."; + echo "" + echo "This script version is v$version."; + echo "Please follow @joinmisskey@misskey.io to address bugs and updates."; + echo "" + read -r -p "Press Enter key to execute docker run> "; + echo "" + + #Run docker container + tput setaf 3; echo "Process: docker run;" tput setaf 7; + docker_container=$(sudo -iu "$misskey_user" XDG_RUNTIME_DIR=/run/user/$m_uid DOCKER_HOST=unix:///run/user/$m_uid/docker.sock docker run -d -p $misskey_port:$misskey_port --add-host=$misskey_localhost:$docker_host_ip -v "/home/$misskey_user/$misskey_directory/files":/misskey/files -v "/home/$misskey_user/$misskey_directory/.config/default.yml":/misskey/.config/default.yml:ro --restart unless-stopped -t "$docker_repository"); + echo "$docker_container"; + + #Show docker container logs + sudo -iu "$misskey_user" XDG_RUNTIME_DIR=/run/user/$m_uid DOCKER_HOST=unix:///run/user/$m_uid/docker.sock docker logs -f $docker_container; + } + + install_packages; + add_user; + delete_misskey_directory; + if [ $method != "docker_hub" ]; then git_clone; fi + create_config; + if $nginx_local; then open_ports; prepare_nginx; fi + if [ $method == "systemd" ]; then prepare_nodejs; else prepare_docker; fi + if $redis_local; then prepare_redis; fi + if $db_local; then prepare_postgresql; fi + create_db; + if $redis_local; then setup_redis; fi + if $nginx_local; then setup_nginx; fi + if [ $method != "systemd" ]; then setup_docker; fi + if [ $method == "systemd" ]; then setup_misskey_systemd; else setup_misskey_docker; fi } #Main function main() { - #First, check environment + #Check environment envtest; - #Second, select options + #Select options #If a yaml file is specified with the -c option, load the file. Otherwise, run options. if [ "$1" = "-c" ]; then if [ -f "$2" ]; then + echo "Compose file is specified. Load options from $2."; load_options; else tput setaf 1; echo "Error: $2 is not found or is not a file."; exit 1; fi else + echo "Compose file is not specified. Select options interactively."; options; fi - #Third, confirm options + #Confirm options confirm_options; - #Fourth, save options + #Save options save_options; - #Fifth, install Misskey + #Install Misskey install; } diff --git a/script_structure.md b/script_structure.md index 6cd5be7..e40a85e 100644 --- a/script_structure.md +++ b/script_structure.md @@ -51,16 +51,15 @@ script structure 12. 設定内容の確認 #compose.yamlがあるか引数でオプション指定されていた場合、確認を出すかどうか確認する必要がある #installed = trueの場合、失敗する&データが失われる可能性がある旨の警告を出す 13. 設定内容の保存 #compose.yamlに保存する(上書き) 4. b/インストール - function - 1. compose.yamlでinstalled = trueにする #再実行された場合に警告するため - #methodによらず共通設定 + 1. /root/.misskey_installedを作成 2. ユーザー作成 3. apt update && apt install(methodによって入れるパッケージが一部異なる) - 4. すでにmisskeyディレクトリがある場合は削除 + 4. すでにmisskeyディレクトリがある場合は削除、systemdかdocker_buildの場合はgit clone 5. misskey用のconfig.yamlを作成 6. nginx入れる場合、ポートを開けて、gpgとリポジトリを追加 - 7. リポジトリ追加 + 7. apt用のリポジトリ追加 - systemdの場合 - 1. nodejsのセットアップをする(インストールの前段階) + 1. nodejsのインストール準備のスクリプトを動かす - docker_hub,docker_buildの場合 1. dockerのgpgとリポジトリを追加 8. redis入れる場合、gpgとリポジトリを追加 From c44947d51c38f7021c7a5baa7f4bfa1efda719f3 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Sat, 16 Sep 2023 18:49:30 +0900 Subject: [PATCH 05/61] fix --- a.sh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/a.sh b/a.sh index f03cdb5..7151b30 100755 --- a/a.sh +++ b/a.sh @@ -480,8 +480,7 @@ function options() { esac fi #---end-sub-reg--- - - fi + esac #---end-reg--- echo ""; From 12fca8f1aa1e1e3295ab15ad86f611d956253b08 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Sat, 16 Sep 2023 18:58:43 +0900 Subject: [PATCH 06/61] fix --- a.sh | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/a.sh b/a.sh index 7151b30..9dbbee4 100755 --- a/a.sh +++ b/a.sh @@ -1365,6 +1365,11 @@ function main() { #Select options #If a yaml file is specified with the -c option, load the file. Otherwise, run options. + if [ -z "$1" ]; then + echo "Compose file is not specified. Select options interactively."; + options; + fi + if [ "$1" = "-c" ]; then if [ -f "$2" ]; then echo "Compose file is specified. Load options from $2."; @@ -1374,7 +1379,7 @@ function main() { exit 1; fi else - echo "Compose file is not specified. Select options interactively."; + tput setaf 1; echo "Invalid option."; options; fi From 14c8b29fb43b24b498ce29e834f1b91cf963ec73 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Sat, 16 Sep 2023 19:00:07 +0900 Subject: [PATCH 07/61] fix --- a.sh | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/a.sh b/a.sh index 9dbbee4..6484cfc 100755 --- a/a.sh +++ b/a.sh @@ -1368,19 +1368,19 @@ function main() { if [ -z "$1" ]; then echo "Compose file is not specified. Select options interactively."; options; - fi - - if [ "$1" = "-c" ]; then - if [ -f "$2" ]; then - echo "Compose file is specified. Load options from $2."; - load_options; + else + if [ "$1" = "-c" ]; then + if [ -f "$2" ]; then + echo "Compose file is specified. Load options from $2."; + load_options; + else + tput setaf 1; echo "Error: $2 is not found or is not a file."; + exit 1; + fi else - tput setaf 1; echo "Error: $2 is not found or is not a file."; - exit 1; + tput setaf 1; echo "Invalid option."; + options; fi - else - tput setaf 1; echo "Invalid option."; - options; fi #Confirm options From 84e7d519c02655d04b1ecce1e183e50e2f4f21d9 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Sat, 16 Sep 2023 19:10:18 +0900 Subject: [PATCH 08/61] fix --- a.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/a.sh b/a.sh index 6484cfc..059bcf9 100755 --- a/a.sh +++ b/a.sh @@ -1365,7 +1365,7 @@ function main() { #Select options #If a yaml file is specified with the -c option, load the file. Otherwise, run options. - if [ -z "$1" ]; then + if [ $# = 0 ]; then echo "Compose file is not specified. Select options interactively."; options; else From 465a969df5e5146bd90970a8e622f3308f8ee94b Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Wed, 22 Nov 2023 00:05:53 +0900 Subject: [PATCH 09/61] beta --- a.sh | 128 ++++++++++++++++++++++++++++++++++++++++++----------------- 1 file changed, 91 insertions(+), 37 deletions(-) diff --git a/a.sh b/a.sh index 059bcf9..384c62d 100755 --- a/a.sh +++ b/a.sh @@ -1,5 +1,8 @@ #!/bin/bash -eu -# Copyright 2023 aqz/tamaina, joinmisskey + +# +# Copyright 2023 aqz/tamaina, joinmisskey (upstream) +# Coryright 2023 Srgr0 (fork) # # Permission is hereby granted, free of charge, to any person # obtaining a copy of this software and associated documentation files (the "Software"), @@ -31,6 +34,7 @@ echo ""; #Check environment(linux, root, arch) function envtest() { + echo ""; tput setaf 3; echo "Checking environment..."; tput setaf 7; #Check if the script is running on Linux @@ -80,6 +84,7 @@ function envtest() { #Load options function load_options() { + echo ""; tput setaf 3; echo "Loading options from $2..."; tput setaf 7; #Load options @@ -98,6 +103,10 @@ function load_options() { tput setaf 1; echo "Error: docker_repository is not set."; tput setaf 7; exit 1; fi + if [ -z "$docker_host_ip" ]; then + tput setaf 1; echo "Error: docker_host_ip is not set."; tput setaf 7; + exit 1; + fi else if [ -z "$git_repository" ]; then tput setaf 1; echo "Error: git_repository is not set."; tput setaf 7; @@ -229,6 +238,7 @@ function load_options() { #Save options function save_options() { + echo ""; tput setaf 3; echo "Saving options to ./misskey_compose.txt..."; tput setaf 7; #Temporarily allow undefined variables @@ -239,6 +249,7 @@ function save_options() { #Misskey setting docker_repository=$docker_repository + docker_host_ip=$docker_host_ip git_repository=$git_repository git_branch=$git_branch misskey_directory=$misskey_directory @@ -284,6 +295,7 @@ function save_options() { #Select options function options() { + echo ""; tput setaf 3; echo "Select options."; tput setaf 7; #---reg: Install method--- @@ -298,18 +310,28 @@ function options() { #Docker build echo "Build a Docker image."; method="docker_build"; + misskey_localhost="docker_host"; ;; [sS]) #Systemd echo "Use Systemd."; method="systemd"; + misskey_localhost=localhost; ;; *) #Docker Hub echo "Use Docker Hub."; method="docker_hub"; + misskey_localhost="docker_host"; ;; esac + + if [ $method = "docker_hub" ] || [ $method = "docker_build" ]; then + echo "Determine the local IP of this computer as docker host."; + echo "The IPs that are supposed to be available are as follows (the result of hostname -I)"; + echo " $(hostname -I)" + read -r -p "> " -e -i "$(hostname -I | cut -f1 -d' ')" docker_host_ip; + fi #---end-reg--- echo ""; @@ -317,31 +339,33 @@ function options() { #---reg: Misskey setting--- tput setaf 3; echo "Misskey setting"; tput setaf 7; + #Username + echo "Enter the name of user with which you want to execute Misskey:"; + read -r -p "> " -e -i "misskey" misskey_user; + + echo ""; + #Git/Docker Repository if [ $method = "docker_hub" ]; then echo "Enter repository:tag of Docker Hub image:"; read -r -p "> " -e -i "misskey/misskey:latest" docker_repository; - misskey_directory=misskey; + misskey_directory=/home/$misskey_user/misskey; else if [ $method = "docker_build" ]; then docker_repository="local/misskey:latest"; + misskey_directory=/home/$misskey_user/misskey; fi echo "Enter repository url where you want to install:"; read -r -p "> " -e -i "https://github.com/misskey-dev/misskey.git" git_repository; echo "Enther the branch or tag"; read -r -p "> " -e -i "master" git_branch; echo "Enter the name of a new directory to clone:"; - read -r -p "> " -e -i "misskey" misskey_directory; + read -r -p "> " -e -i "misskey" misskey_directory_path; + misskey_directory=/home/$misskey_user/$misskey_directory_path; fi echo ""; - #Username - echo "Enter the name of user with which you want to execute Misskey:"; - read -r -p "> " -e -i "misskey" misskey_user; - - echo ""; - #Hostname echo "Enter host where you want to install Misskey:"; read -r -p "> " -e -i "example.com" host; @@ -592,6 +616,7 @@ function options() { #Confirm options function confirm_options() { + echo ""; tput setaf 3; echo "Confirm options."; tput setaf 7; #---reg: Install method--- @@ -601,6 +626,7 @@ function confirm_options() { #---reg: Misskey setting--- if [ $method = "docker_hub" ]; then echo "Docker Repository: $docker_repository"; + echo "Docker host IP: $docker_host_ip"; else echo "Git Repository: $git_repository"; echo "Git branch or tag: $git_branch"; @@ -676,6 +702,7 @@ function confirm_options() { #Install Misskey function install() { + echo ""; tput setaf 3; echo "Install Misskey."; tput setaf 7; #Check if Misskey is already installed @@ -688,6 +715,7 @@ function install() { #Install Packeges function install_packages() { + echo ""; tput setaf 3; echo "Process: apt install #1;"; tput setaf 7; apt -qq update -y; @@ -696,6 +724,7 @@ function install() { #Create a user to run Misskey function add_user() { + echo ""; tput setaf 3; echo "Process: add misskey user ($misskey_user);"; tput setaf 7; if ! id -u "$misskey_user" > /dev/null 2>&1; then @@ -705,19 +734,22 @@ function install() { fi echo "misskey_user=\"$misskey_user\"" > /root/.misskey.env echo "version=\"$version\"" >> /root/.misskey.env + m_uid=$(id -u "$misskey_user") } #Delete Misskey directory if exists function delete_misskey_directory() { + echo ""; tput setaf 3; echo "Process: delete misskey directory ($misskey_directory);"; tput setaf 7; - if [ -e "/home/$misskey_user/$misskey_directory" ]; then - rm -rf "/home/$misskey_user/$misskey_directory"; + if [ -e "$misskey_directory" ]; then + rm -rf "$misskey_directory"; fi } #Clone git repository function git_clone() { + echo ""; tput setaf 3; echo "Process: clone git repository;"; tput setaf 7; sudo -iu "$misskey_user" git clone -b "$branch" --depth 1 --recursive "$repository" "$misskey_directory"; @@ -725,8 +757,11 @@ function install() { #Create misskey config file function create_config() { + echo ""; tput setaf 3; echo "Process: create config;"; tput setaf 7; + sudo -iu "$misskey_user" mkdir -p "$misskey_directory/.config"; + sudo -iu "$misskey_user" cat > "$misskey_directory/.config/default.yml" <<-EOF url: https://$host port: $misskey_port @@ -767,6 +802,7 @@ function install() { #Open ports function open_ports() { + echo ""; tput setaf 3; echo "Process: open ports;"; tput setaf 7; #ufw @@ -832,6 +868,7 @@ function install() { #Install Nginx function prepare_nginx() { + echo ""; tput setaf 3; echo "Process: prepare nginx;"; tput setaf 7; #Add nginx gpg key @@ -862,6 +899,7 @@ function install() { #Install Nodejs function prepare_nodejs() { + echo ""; tput setaf 3; echo "Process: prepare nodejs;"; tput setaf 7; #Add nodejs gpg key @@ -889,6 +927,7 @@ function install() { #Install Docker function prepare_docker() { + echo ""; tput setaf 3; echo "Process: prepare docker;"; tput setaf 7; #Add docker gpg key @@ -912,6 +951,7 @@ function install() { #Install Redis function prepare_redis() { + echo ""; tput setaf 3; echo "Process: prepare redis;"; tput setaf 7; #Add redis gpg key @@ -933,6 +973,7 @@ function install() { #Install PostgreSQL function prepare_postgresql() { + echo ""; tput setaf 3; echo "Process: prepare postgresql;"; tput setaf 7; #Install postgresql @@ -950,6 +991,7 @@ function install() { #Create DB and user function create_db() { + echo ""; tput setaf 3; echo "Process: create db and user;"; tput setaf 7; #Create user @@ -961,6 +1003,8 @@ function install() { #Setup Redis function setup_redis() { + echo ""; + #Activate Redis daemon tput setaf 3; echo "Process: activate redis daemon;"; tput setaf 7; systemctl start redis-server; @@ -993,7 +1037,9 @@ function install() { #Setup Nginx function setup_nginx() { - if certbot; then + echo ""; + + if $certbot; then #With certbot(https & http) #Create nginx config file for http tput setaf 3; echo "Process: create nginx config file for http;"; tput setaf 7; @@ -1125,21 +1171,22 @@ function install() { proxy_http_version 1.1; proxy_redirect off; - # If it's behind another reverse proxy or CDN, remove the following.") - proxy_set_header X-Real-IP \$remote_addr;") - proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;") - proxy_set_header X-Forwarded-Proto https;") - - # For WebSocket - proxy_set_header Upgrade \$http_upgrade; - proxy_set_header Connection \$connection_upgrade; - - # Cache settings - proxy_cache cache1; - proxy_cache_lock on; - proxy_cache_use_stale updating; - proxy_force_ranges on; - add_header X-Cache \$upstream_cache_status; + # If it's behind another reverse proxy or CDN, remove the following. + proxy_set_header X-Real-IP \$remote_addr; + proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto https; + + # For WebSocket + proxy_set_header Upgrade \$http_upgrade; + proxy_set_header Connection \$connection_upgrade; + + # Cache settings + proxy_cache cache1; + proxy_cache_lock on; + proxy_cache_use_stale updating; + proxy_force_ranges on; + add_header X-Cache \$upstream_cache_status; + } } EOF fi @@ -1165,8 +1212,10 @@ function install() { #Setup Docker function setup_docker() { + echo ""; + #Enable rootless docker - tput setaf 3; echo "Process: use rootless docker;" tput setaf 7; + tput setaf 3; echo "Process: use rootless docker;"; tput setaf 7; systemctl disable --now docker.service docker.socket loginctl enable-linger "$misskey_user" sleep 5 @@ -1214,6 +1263,8 @@ function install() { #Setup Misskey for systemd function setup_misskey_systemd() { + echo ""; + #Setup misskey tput setaf 3; echo "Process: setup misskey;" tput setaf 7; sudo -iu "$misskey_user" <<-EOF; @@ -1248,7 +1299,7 @@ function install() { Type=simple User=$misskey_user ExecStart=$(command -v npm) start - WorkingDirectory=/home/$misskey_user/$misskey_directory + WorkingDirectory=$misskey_directory Environment="NODE_ENV=production" Environment="LD_PRELOAD=/usr/lib/$(uname -m)-linux-gnu/libjemalloc.so.2" TimeoutSec=60 @@ -1289,16 +1340,24 @@ function install() { echo "Jump to https://$host/ and continue setting up your instance."; tput setaf 7; echo "This script version is v$version."; - echo "Please follow @joinmisskey@misskey.io to address bugs and updates."; + echo "Please check https://github.com/srgr0/bash-install to address bugs and updates."; } #Setup Misskey for docker(docker_hub and docker_build) function setup_misskey_docker() { + echo ""; + if [ $method == "docker_build" ]; then tput setaf 3; echo "Process: build docker image;"; tput setaf 7; - sudo -iu "$misskey_user" XDG_RUNTIME_DIR=/run/user/$m_uid DOCKER_HOST=unix:///run/user/$m_uid/docker.sock docker build -t $docker_repository "/home/$misskey_user/$misskey_directory"; + sudo -iu "$misskey_user" XDG_RUNTIME_DIR=/run/user/$m_uid DOCKER_HOST=unix:///run/user/$m_uid/docker.sock docker build -t $docker_repository "$misskey_directory"; fi + #Run docker container + tput setaf 3; echo "Process: docker run;" tput setaf 7; + sudo -iu "$misskey_user" mkdir -p "$misskey_directory/files"; + docker_container=$(sudo -iu "$misskey_user" XDG_RUNTIME_DIR=/run/user/$m_uid DOCKER_HOST=unix:///run/user/$m_uid/docker.sock docker run -d -p $misskey_port:$misskey_port --add-host=$misskey_localhost:$docker_host_ip -v "$misskey_directory/files":/misskey/files -v "$misskey_directory/.config/default.yml":/misskey/.config/default.yml:ro --restart unless-stopped -t "$docker_repository"); + echo "$docker_container"; + #Create .misskey-docker.env tput setaf 3; echo "Process: create misskey-docker.env;"; tput setaf 7; su "$misskey_user" <<-MKEOF @@ -1328,16 +1387,11 @@ function install() { echo "press Ctrl+C to exit logs and jump to https://$host/ and continue setting up your instance."; echo "" echo "This script version is v$version."; - echo "Please follow @joinmisskey@misskey.io to address bugs and updates."; + echo "Please check https://github.com/srgr0/bash-install to address bugs and updates."; echo "" read -r -p "Press Enter key to execute docker run> "; echo "" - #Run docker container - tput setaf 3; echo "Process: docker run;" tput setaf 7; - docker_container=$(sudo -iu "$misskey_user" XDG_RUNTIME_DIR=/run/user/$m_uid DOCKER_HOST=unix:///run/user/$m_uid/docker.sock docker run -d -p $misskey_port:$misskey_port --add-host=$misskey_localhost:$docker_host_ip -v "/home/$misskey_user/$misskey_directory/files":/misskey/files -v "/home/$misskey_user/$misskey_directory/.config/default.yml":/misskey/.config/default.yml:ro --restart unless-stopped -t "$docker_repository"); - echo "$docker_container"; - #Show docker container logs sudo -iu "$misskey_user" XDG_RUNTIME_DIR=/run/user/$m_uid DOCKER_HOST=unix:///run/user/$m_uid/docker.sock docker logs -f $docker_container; } From 9ecf6c3fe9f0046a99c3ef8f4e2db69aa94dd37b Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Wed, 22 Nov 2023 00:28:35 +0900 Subject: [PATCH 10/61] beta --- a.sh | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/a.sh b/a.sh index 384c62d..98e04c8 100755 --- a/a.sh +++ b/a.sh @@ -121,6 +121,10 @@ function load_options() { exit 1; fi fi + if [ -z "$misskey_localhost" ]; then + tput setaf 1; echo "Error: misskey_localhost is not set."; tput setaf 7; + exit 1; + fi if [ -z "$misskey_user" ]; then tput setaf 1; echo "Error: misskey_user is not set."; tput setaf 7; exit 1; @@ -249,10 +253,11 @@ function save_options() { #Misskey setting docker_repository=$docker_repository - docker_host_ip=$docker_host_ip + docker_host_ip=$docker_host_ip git_repository=$git_repository git_branch=$git_branch misskey_directory=$misskey_directory + misskey_localhost=$misskey_localhost misskey_user=$misskey_user host=$host misskey_port=$misskey_port @@ -632,6 +637,7 @@ function confirm_options() { echo "Git branch or tag: $git_branch"; echo "Misskey directory: $misskey_directory"; fi + echo "Misskey localhost: $misskey_localhost"; echo "Misskey user: $misskey_user"; echo "Host: $host"; echo "Misskey port: $misskey_port"; From 1ae86f2b69b6a9e9e532dbb57bef8b3ddc6fd259 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Wed, 22 Nov 2023 00:32:42 +0900 Subject: [PATCH 11/61] Create testdev.txt --- testdev.txt | 44 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) create mode 100644 testdev.txt diff --git a/testdev.txt b/testdev.txt new file mode 100644 index 0000000..8ce6764 --- /dev/null +++ b/testdev.txt @@ -0,0 +1,44 @@ + #Install method + method=$method + + #Misskey setting + docker_repository=$docker_repository + docker_host_ip=$docker_host_ip + git_repository=$git_repository + git_branch=$git_branch + misskey_directory=$misskey_directory + misskey_user=$misskey_user + host=$host + misskey_port=$misskey_port + + #Nginx setting + nginx_local=$nginx_local + ufw=$ufw + iptables=$iptables + certbot=$certbot + certbot_dns_cloudflare=$certbot_dns_cloudflare + certbot_http=$certbot_http + certbot_mailaddress=$certbot_mailaddress + certbot_cloudflare_mail=$certbot_cloudflare_mail + certbot_cloudflare_key=$certbot_cloudflare_key + + #Database (PostgreSQL) setting + db_local=$db_local + db_host=$db_host + db_port=$db_port + db_user=$db_user + db_pass=$db_pass + db_name=$db_name + + #Redis setting + redis_local=$redis_local + redis_host=$redis_host + redis_port=$redis_port + redis_pass=$redis_pass + + #Swap setting + swap=$swap + swap_size=$swap_size + + #Skip confirm + #skip_confirm=false From c5b5f3d3a995e294a27f4035fb8dc825d593cd45 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Wed, 22 Nov 2023 00:36:33 +0900 Subject: [PATCH 12/61] Create deploytest.yml --- .github/workflows/deploytest.yml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 .github/workflows/deploytest.yml diff --git a/.github/workflows/deploytest.yml b/.github/workflows/deploytest.yml new file mode 100644 index 0000000..0a1e7a4 --- /dev/null +++ b/.github/workflows/deploytest.yml @@ -0,0 +1,16 @@ +name: deploy test + +on: + workflow_dispatch: + +jobs: + run-script: + runs-on: ubuntu-latest + steps: + - name: checkout repo + uses: actions/checkout@v2 + + - name: run script + run: | + chmod +x ./a.sh + ./a.sh -c ./testdev.txt From a43128f81fb83ed2993efa40b9df1f5a3aeff7aa Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Wed, 22 Nov 2023 00:38:36 +0900 Subject: [PATCH 13/61] Update deploytest.yml --- .github/workflows/deploytest.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/deploytest.yml b/.github/workflows/deploytest.yml index 0a1e7a4..26dc69a 100644 --- a/.github/workflows/deploytest.yml +++ b/.github/workflows/deploytest.yml @@ -10,6 +10,9 @@ jobs: - name: checkout repo uses: actions/checkout@v2 + - name: config + run: echo "TERM=xterm" >> $GITHUB_ENV + - name: run script run: | chmod +x ./a.sh From 796a735b560fa834eba347ee0f3fcf44d1ce70cb Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Wed, 22 Nov 2023 00:39:51 +0900 Subject: [PATCH 14/61] Update deploytest.yml --- .github/workflows/deploytest.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/deploytest.yml b/.github/workflows/deploytest.yml index 26dc69a..6765d38 100644 --- a/.github/workflows/deploytest.yml +++ b/.github/workflows/deploytest.yml @@ -15,5 +15,5 @@ jobs: - name: run script run: | - chmod +x ./a.sh - ./a.sh -c ./testdev.txt + sudo chmod 555 ./a.sh + sudo ./a.sh -c ./testdev.txt From fd16c163dd5c6a5289e3dbf99c7ef1589b93f7c8 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Wed, 22 Nov 2023 00:45:48 +0900 Subject: [PATCH 15/61] Update testdev.txt --- testdev.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/testdev.txt b/testdev.txt index 8ce6764..382f964 100644 --- a/testdev.txt +++ b/testdev.txt @@ -3,7 +3,7 @@ #Misskey setting docker_repository=$docker_repository - docker_host_ip=$docker_host_ip + docker_host_ip=$docker_host_ip git_repository=$git_repository git_branch=$git_branch misskey_directory=$misskey_directory From 71523be484fb9f123d0b3bcd21ea5eb4cb5db9d0 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Wed, 22 Nov 2023 07:25:21 +0900 Subject: [PATCH 16/61] Update testdev.txt --- testdev.txt | 77 +++++++++++++++++++++++++++-------------------------- 1 file changed, 39 insertions(+), 38 deletions(-) diff --git a/testdev.txt b/testdev.txt index 382f964..f7107f6 100644 --- a/testdev.txt +++ b/testdev.txt @@ -1,44 +1,45 @@ - #Install method - method=$method +#Install method +method=docker_hub - #Misskey setting - docker_repository=$docker_repository - docker_host_ip=$docker_host_ip - git_repository=$git_repository - git_branch=$git_branch - misskey_directory=$misskey_directory - misskey_user=$misskey_user - host=$host - misskey_port=$misskey_port +#Misskey setting +docker_repository=misskey/misskey:latest +docker_host_ip=127.0.0.1 +git_repository= +git_branch= +misskey_directory=/home/misskey/misskey +misskey_localhost=docker_host +misskey_user=misskey +host=127.0.0.1 +misskey_port=3000 - #Nginx setting - nginx_local=$nginx_local - ufw=$ufw - iptables=$iptables - certbot=$certbot - certbot_dns_cloudflare=$certbot_dns_cloudflare - certbot_http=$certbot_http - certbot_mailaddress=$certbot_mailaddress - certbot_cloudflare_mail=$certbot_cloudflare_mail - certbot_cloudflare_key=$certbot_cloudflare_key +#Nginx setting +nginx_local=true +ufw=false +iptables=false +certbot=false +certbot_dns_cloudflare= +certbot_http= +certbot_mailaddress= +certbot_cloudflare_mail= +certbot_cloudflare_key= - #Database (PostgreSQL) setting - db_local=$db_local - db_host=$db_host - db_port=$db_port - db_user=$db_user - db_pass=$db_pass - db_name=$db_name +#Database (PostgreSQL) setting +db_local=true +db_host=docker_host +db_port=5432 +db_user=misskey +db_pass=misskey +db_name=misskey - #Redis setting - redis_local=$redis_local - redis_host=$redis_host - redis_port=$redis_port - redis_pass=$redis_pass +#Redis setting +redis_local=true +redis_host=docker_host +redis_port=6379 +redis_pass=misskey - #Swap setting - swap=$swap - swap_size=$swap_size +#Swap setting +swap=true +swap_size=2048 - #Skip confirm - #skip_confirm=false +#Skip confirm +skip_confirm=true From c91dfcf46ba3391d00457972dd813a9be771ac74 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Wed, 22 Nov 2023 18:21:59 +0900 Subject: [PATCH 17/61] update --- .github/workflows/deploytest.yml | 6 +++--- a.sh | 18 ++++++++++-------- 2 files changed, 13 insertions(+), 11 deletions(-) diff --git a/.github/workflows/deploytest.yml b/.github/workflows/deploytest.yml index 6765d38..eb9a8b9 100644 --- a/.github/workflows/deploytest.yml +++ b/.github/workflows/deploytest.yml @@ -7,13 +7,13 @@ jobs: run-script: runs-on: ubuntu-latest steps: - - name: checkout repo + - name: Checkout repository uses: actions/checkout@v2 - - name: config + - name: Set environment variable (for tput command) run: echo "TERM=xterm" >> $GITHUB_ENV - - name: run script + - name: Run install script run: | sudo chmod 555 ./a.sh sudo ./a.sh -c ./testdev.txt diff --git a/a.sh b/a.sh index 98e04c8..468325a 100755 --- a/a.sh +++ b/a.sh @@ -85,10 +85,10 @@ function envtest() { #Load options function load_options() { echo ""; - tput setaf 3; echo "Loading options from $2..."; tput setaf 7; + tput setaf 3; echo "Loading options from "${args[1]}"..."; tput setaf 7; #Load options - source "$2"; + source "${args[1]}"; #Check if the options are valid #Install method @@ -1420,21 +1420,23 @@ function install() { #Main function main() { + args=("$@") + #Check environment envtest; #Select options #If a yaml file is specified with the -c option, load the file. Otherwise, run options. - if [ $# = 0 ]; then + if [ ${#args[@]} -eq 0 ]; then echo "Compose file is not specified. Select options interactively."; options; else - if [ "$1" = "-c" ]; then - if [ -f "$2" ]; then - echo "Compose file is specified. Load options from $2."; + if [ "${args[0]}" = "-c" ]; then + if [ -f "${args[1]}" ]; then + echo "Compose file is specified. Load options from "${args[1]}"."; load_options; else - tput setaf 1; echo "Error: $2 is not found or is not a file."; + tput setaf 1; echo "Error: "${args[1]}" is not found or is not a file."; exit 1; fi else @@ -1453,4 +1455,4 @@ function main() { install; } -main; \ No newline at end of file +main "$@"; \ No newline at end of file From 689156aaa99450ee234521900c107ca6b2ce8cfb Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Wed, 22 Nov 2023 18:38:49 +0900 Subject: [PATCH 18/61] update --- a.sh | 10 +++++++++- testdev.txt | 2 +- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/a.sh b/a.sh index 468325a..13f1b1e 100755 --- a/a.sh +++ b/a.sh @@ -90,6 +90,14 @@ function load_options() { #Load options source "${args[1]}"; + #Set docker host ip address + if [ "$method" = "docker_hub" ] || [ "$method" = "docker_build" ]; then + if [ "$docker_host_ip" = "auto" ] || [ "$docker_host_ip" = "Auto" ]; then + echo "Setting docker host IP..."; + docker_host_ip="$(hostname -I | cut -f1 -d' ')"; + fi + fi + #Check if the options are valid #Install method if [ "$method" != "docker_hub" ] && [ "$method" != "docker_build" ] && [ "$method" != "systemd" ]; then @@ -1359,7 +1367,7 @@ function install() { fi #Run docker container - tput setaf 3; echo "Process: docker run;" tput setaf 7; + tput setaf 3; echo "Process: docker run;"; tput setaf 7; sudo -iu "$misskey_user" mkdir -p "$misskey_directory/files"; docker_container=$(sudo -iu "$misskey_user" XDG_RUNTIME_DIR=/run/user/$m_uid DOCKER_HOST=unix:///run/user/$m_uid/docker.sock docker run -d -p $misskey_port:$misskey_port --add-host=$misskey_localhost:$docker_host_ip -v "$misskey_directory/files":/misskey/files -v "$misskey_directory/.config/default.yml":/misskey/.config/default.yml:ro --restart unless-stopped -t "$docker_repository"); echo "$docker_container"; diff --git a/testdev.txt b/testdev.txt index f7107f6..896e9e0 100644 --- a/testdev.txt +++ b/testdev.txt @@ -3,7 +3,7 @@ method=docker_hub #Misskey setting docker_repository=misskey/misskey:latest -docker_host_ip=127.0.0.1 +docker_host_ip=auto git_repository= git_branch= misskey_directory=/home/misskey/misskey From 3009b7efd4b7953ba310d8c31c0da6561c98a5c8 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Wed, 22 Nov 2023 18:42:04 +0900 Subject: [PATCH 19/61] Update a.sh --- a.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/a.sh b/a.sh index 13f1b1e..a445ae3 100755 --- a/a.sh +++ b/a.sh @@ -95,6 +95,7 @@ function load_options() { if [ "$docker_host_ip" = "auto" ] || [ "$docker_host_ip" = "Auto" ]; then echo "Setting docker host IP..."; docker_host_ip="$(hostname -I | cut -f1 -d' ')"; + echo "Docker host IP: $docker_host_ip"; fi fi From a6996673994c76cfdc29b5b2539e54eb9a2c114c Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Wed, 22 Nov 2023 19:13:55 +0900 Subject: [PATCH 20/61] Update a.sh --- a.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/a.sh b/a.sh index a445ae3..0f4a457 100755 --- a/a.sh +++ b/a.sh @@ -1009,6 +1009,9 @@ function install() { echo ""; tput setaf 3; echo "Process: create db and user;"; tput setaf 7; + #Start postgresql + service postgresql start + #Create user sudo -iu postgres psql -c "CREATE ROLE $db_user LOGIN PASSWORD '$db_pass';"; From 757514480bca600ea59253b5df3e08bc288ab5d7 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Wed, 22 Nov 2023 20:07:39 +0900 Subject: [PATCH 21/61] Update deploytest.yml --- .github/workflows/deploytest.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/deploytest.yml b/.github/workflows/deploytest.yml index eb9a8b9..32ac3f4 100644 --- a/.github/workflows/deploytest.yml +++ b/.github/workflows/deploytest.yml @@ -16,4 +16,4 @@ jobs: - name: Run install script run: | sudo chmod 555 ./a.sh - sudo ./a.sh -c ./testdev.txt + sudo bash +x ./a.sh -c ./testdev.txt From eaee7b367d02d0506a6e5eee36aa95faf1906552 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Wed, 22 Nov 2023 20:08:59 +0900 Subject: [PATCH 22/61] Update deploytest.yml --- .github/workflows/deploytest.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/deploytest.yml b/.github/workflows/deploytest.yml index 32ac3f4..8d7fcc8 100644 --- a/.github/workflows/deploytest.yml +++ b/.github/workflows/deploytest.yml @@ -16,4 +16,4 @@ jobs: - name: Run install script run: | sudo chmod 555 ./a.sh - sudo bash +x ./a.sh -c ./testdev.txt + sudo bash -x ./a.sh -c ./testdev.txt From f4164b64e104f44ffa3982b3bbebcc10d3410b5e Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Sun, 24 Dec 2023 00:05:42 +0900 Subject: [PATCH 23/61] update --- LICENSE | 2 +- script_structure.md | 6 +++--- testdev.txt | 14 +++++++------- 3 files changed, 11 insertions(+), 11 deletions(-) diff --git a/LICENSE b/LICENSE index 1c414d7..4bd0c1e 100644 --- a/LICENSE +++ b/LICENSE @@ -1,6 +1,6 @@ MIT License -Copyright (c) 2021 aqz/tamaina, joinmisskey +Copyright (c) 2021 aqz/tamaina, Srgr0, joinmisskey Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/script_structure.md b/script_structure.md index e40a85e..596b414 100644 --- a/script_structure.md +++ b/script_structure.md @@ -1,8 +1,8 @@ script structure 1. スクリプト概要の表示 -2. b/env判定(root,linux,arch,ram) - function -3. f/オプション選択 - function +2. env判定(root,linux,arch,ram) +3. オプション選択 0. compose.yamlが指定されていればそれを読み込む #値が不正な場合、エラーを出す(値を直すか、compose.yamlを削除するように言う) 1. method選択(dockerhub,docker_build,systemd) 2. source入力 @@ -50,7 +50,7 @@ script structure 1. メモリ不足でインストールが失敗する可能性がある旨を表示 12. 設定内容の確認 #compose.yamlがあるか引数でオプション指定されていた場合、確認を出すかどうか確認する必要がある #installed = trueの場合、失敗する&データが失われる可能性がある旨の警告を出す 13. 設定内容の保存 #compose.yamlに保存する(上書き) -4. b/インストール - function +4. インストール 1. /root/.misskey_installedを作成 2. ユーザー作成 3. apt update && apt install(methodによって入れるパッケージが一部異なる) diff --git a/testdev.txt b/testdev.txt index 896e9e0..71fbb63 100644 --- a/testdev.txt +++ b/testdev.txt @@ -4,8 +4,8 @@ method=docker_hub #Misskey setting docker_repository=misskey/misskey:latest docker_host_ip=auto -git_repository= -git_branch= +git_repository=https://github.com/misskey-dev/misskey +git_branch=develop misskey_directory=/home/misskey/misskey misskey_localhost=docker_host misskey_user=misskey @@ -17,11 +17,11 @@ nginx_local=true ufw=false iptables=false certbot=false -certbot_dns_cloudflare= -certbot_http= -certbot_mailaddress= -certbot_cloudflare_mail= -certbot_cloudflare_key= +certbot_dns_cloudflare=false +certbot_http=false +certbot_mailaddress=false +certbot_cloudflare_mail=false +certbot_cloudflare_key=false #Database (PostgreSQL) setting db_local=true From a02782b25da5aba9a78179a14ed5418d5d4bb14f Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Sun, 24 Dec 2023 10:28:45 +0900 Subject: [PATCH 24/61] Update testdev.txt --- testdev.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/testdev.txt b/testdev.txt index 71fbb63..d0aa6e2 100644 --- a/testdev.txt +++ b/testdev.txt @@ -5,7 +5,7 @@ method=docker_hub docker_repository=misskey/misskey:latest docker_host_ip=auto git_repository=https://github.com/misskey-dev/misskey -git_branch=develop +git_branch=master misskey_directory=/home/misskey/misskey misskey_localhost=docker_host misskey_user=misskey From fd795db5ad70d1168138af5ac5f43d962683335f Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Sun, 24 Dec 2023 10:36:39 +0900 Subject: [PATCH 25/61] update testenv --- testdev.txt => testenv_docker.txt | 0 testenv_systemd.txt | 45 +++++++++++++++++++++++++++++++ 2 files changed, 45 insertions(+) rename testdev.txt => testenv_docker.txt (100%) create mode 100644 testenv_systemd.txt diff --git a/testdev.txt b/testenv_docker.txt similarity index 100% rename from testdev.txt rename to testenv_docker.txt diff --git a/testenv_systemd.txt b/testenv_systemd.txt new file mode 100644 index 0000000..c8f75af --- /dev/null +++ b/testenv_systemd.txt @@ -0,0 +1,45 @@ +#Install method +method=systemd + +#Misskey setting +docker_repository=misskey/misskey:latest +docker_host_ip=auto +git_repository=https://github.com/misskey-dev/misskey +git_branch=master +misskey_directory=/home/misskey/misskey +misskey_localhost=localhost +misskey_user=misskey +host=127.0.0.1 +misskey_port=3000 + +#Nginx setting +nginx_local=true +ufw=false +iptables=false +certbot=false +certbot_dns_cloudflare=false +certbot_http=false +certbot_mailaddress=false +certbot_cloudflare_mail=false +certbot_cloudflare_key=false + +#Database (PostgreSQL) setting +db_local=true +db_host=localhost +db_port=5432 +db_user=misskey +db_pass=misskey +db_name=misskey + +#Redis setting +redis_local=true +redis_host=localhost +redis_port=6379 +redis_pass=misskey + +#Swap setting +swap=true +swap_size=2048 + +#Skip confirm +skip_confirm=true From 81075985d01a9735e94fb1c429de57ba07767972 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Sun, 24 Dec 2023 10:38:02 +0900 Subject: [PATCH 26/61] working --- a.sh | 112 ++++++++++++++++++++++++++++++++++++++++++++++------------- 1 file changed, 88 insertions(+), 24 deletions(-) diff --git a/a.sh b/a.sh index 0f4a457..f683637 100755 --- a/a.sh +++ b/a.sh @@ -1,8 +1,7 @@ #!/bin/bash -eu # -# Copyright 2023 aqz/tamaina, joinmisskey (upstream) -# Coryright 2023 Srgr0 (fork) +# Copyright 2023 aqz/tamaina, Srgr0, joinmisskey # # Permission is hereby granted, free of charge, to any person # obtaining a copy of this software and associated documentation files (the "Software"), @@ -23,7 +22,8 @@ # #Version of this script -version="s0.1.0"; +version="4.0.0-beta.1"; +NODE_MAJOR="20"; #About this script tput setaf 4; @@ -767,7 +767,7 @@ function install() { echo ""; tput setaf 3; echo "Process: clone git repository;"; tput setaf 7; - sudo -iu "$misskey_user" git clone -b "$branch" --depth 1 --recursive "$repository" "$misskey_directory"; + sudo -iu "$misskey_user" git clone -b "$git_branch" --depth 1 --recursive "$git_repository" "$misskey_directory"; } #Create misskey config file @@ -881,6 +881,73 @@ function install() { fi } + #Setup Cloudflare Tunnel + function setup_cloudflaretunnel() { + read -p "Enter your Cloudflare API key: " cf_apikey; + read -p "Enter your Cloudflare Account ID: " cfaccount_id; + read -p "Enter your Cloudflare Zone ID: " cfzone_id; + read -p "Enter the service: " service; + + echo ""; + tput setaf 3; echo "Process: setup Cloudflare Tunnel;"; tput setaf 7; + + # Verify API key + response=$(curl -s -X GET -w "%{http_code}" \ + -H "Authorization: Bearer $cf_apikey" \ + -H "Content-Type: application/json" \ + "https://api.cloudflare.com/client/v4/user/tokens/verify"); + + if [ "$response" -ne 200 ]; then + echo "Invalid API key."; + exit 1; + fi + + # Create tunnel + cftunnel_name="Misskey_$(date +%Y-%m-%d-%H-%M-%S)"; + create_tunnel_response=$(curl -s -X POST \ + -H "Authorization: Bearer $cf_apikey" \ + -H "Content-Type: application/json" \ + --data "{\"name\":\"$cftunnel_name\",\"config_src\":\"cloudflare\"}" \ + "https://api.cloudflare.com/client/v4/accounts/$cfaccount_id/cfd_tunnel"); + cftunnel_id=$(echo $create_tunnel_response | jq -r '.result.id'); + + # Create DNS record + create_dns_record_response=$(curl --request POST \ + --url https://api.cloudflare.com/client/v4/zones/$cfzone_id/dns_records \ + -H "Authorization: Bearer $cf_apikey" \ + -H "Content-Type: application/json" \ + --data "{\"type\":\"CNAME\",\"proxied\":true,\"name\":\"$host\",\"content\":\"$cftunnel_id.cfargotunnel.com\"}" + ); + + # Set hostnames to tunnel + update_tunnel_response=$(curl --request PUT \ + --url https://api.cloudflare.com/client/v4/accounts/$cfaccount_id/cfd_tunnel/$cftunnel_id/configurations \ + -H "Authorization: Bearer $cf_apikey" \ + -H "Content-Type: application/json" \ + --data "{\"config\":{\"ingress\":[{\"hostname\":\"$host\",\"service\":\"$service\"},{\"service\":\"http_status:404\"}]}}" + ); + + # Get token + get_token_response=$(curl -s -X GET \ + --url https://api.cloudflare.com/client/v4/accounts/$cfaccount_id/cfd_tunnel/$cftunnel_id/token \ + -H "Authorization: Bearer $cf_apikey" \ + -H "Content-Type: application/json" \ + ); + cftunnel_token=$(echo $get_token_response | jq -r '.result'); + + # Install cloudflared + if [ "arch" = "arm64" ]; then + wget https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-arm64.deb; + sudo dpkg -i cloudflared-linux-arm64.deb; + else + wget https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64.deb; + sudo dpkg -i cloudflared-linux-amd64.deb; + fi + + # Setup tunnel service + sudo cloudflared service install $cftunnel_token; + } + #Install Nginx function prepare_nginx() { echo ""; @@ -918,7 +985,8 @@ function install() { tput setaf 3; echo "Process: prepare nodejs;"; tput setaf 7; #Add nodejs gpg key - curl -sL https://deb.nodesource.com/setup_20.x | sudo -E bash -; + curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | sudo gpg --dearmor -o /usr/share/keyrings/nodesource.gpg; + echo "deb [signed-by=/usr/share/keyrings/nodesource.gpg] https://deb.nodesource.com/node_$NODE_MAJOR.x nodistro main" | sudo tee /etc/apt/sources.list.d/nodesource.list; #Install nodejs apt -qq update -y; @@ -1284,22 +1352,22 @@ function install() { echo ""; #Setup misskey - tput setaf 3; echo "Process: setup misskey;" tput setaf 7; + tput setaf 3; echo "Process: setup misskey"; tput setaf 7; sudo -iu "$misskey_user" <<-EOF; set -eu; - cd ~ + cd ~; cd "$misskey_directory"; - tput setaf 3; echo "Process: install npm packages;" tput setaf 7; + tput setaf 3; echo "Process: install npm packages"; tput setaf 7; NODE_ENV=production pnpm install --frozen-lockfile; - tput setaf 3; echo "Process: build misskey;" tput setaf 7; + tput setaf 3; echo "Process: build misskey"; tput setaf 7; NODE_OPTIONS=--max_old_space_size=3072 NODE_ENV=production pnpm run build; - tput setaf 3; echo "Process: initialize database;" tput setaf 7; + tput setaf 3; echo "Process: initialize database"; tput setaf 7; NODE_OPTIONS=--max_old_space_size=3072 pnpm run init; - tput setaf 3; echo "Check: If Misskey starts correctly;" tput setaf 7; + tput setaf 3; echo "Check: If Misskey starts correctly"; tput setaf 7; if NODE_ENV=production timeout 40 npm start 2> /dev/null | grep -q "Now listening on port"; then echo " OK."; else @@ -1358,7 +1426,7 @@ function install() { echo "Jump to https://$host/ and continue setting up your instance."; tput setaf 7; echo "This script version is v$version."; - echo "Please check https://github.com/srgr0/bash-install to address bugs and updates."; + echo "Please check https://github.com/joinmisskey/bash-install to address bugs and updates."; } #Setup Misskey for docker(docker_hub and docker_build) @@ -1398,20 +1466,16 @@ function install() { tput setaf 2; tput bold; echo "ALL MISSKEY INSTALLATION PROCESSES ARE COMPLETE!"; - echo "Now all we need to do is run docker run." + echo "The setup process is currently running, takes a few minutes (depending on machine specs)."; + echo ""; + echo "You can check the setup progress with the following command:"; + echo "sudo -iu $misskey_user XDG_RUNTIME_DIR=/run/user/$m_uid DOCKER_HOST=unix:///run/user/$m_uid/docker.sock docker logs -f $docker_container"; + echo ""; + echo "After the setup is complete, jump to https://$host/ and continue setting up your instance."; + echo ""; tput setaf 7; - echo "Watch the screen." - echo "When it shows \"Now listening on port $misskey_port on https://$host\"," - echo "press Ctrl+C to exit logs and jump to https://$host/ and continue setting up your instance."; - echo "" echo "This script version is v$version."; - echo "Please check https://github.com/srgr0/bash-install to address bugs and updates."; - echo "" - read -r -p "Press Enter key to execute docker run> "; - echo "" - - #Show docker container logs - sudo -iu "$misskey_user" XDG_RUNTIME_DIR=/run/user/$m_uid DOCKER_HOST=unix:///run/user/$m_uid/docker.sock docker logs -f $docker_container; + echo "Please check https://github.com/joinmisskey/bash-install to address bugs and updates."; } install_packages; From 372900e01468783e735cd6bd0cdc8371021d83c4 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Sun, 24 Dec 2023 10:51:14 +0900 Subject: [PATCH 27/61] Update deploytest.yml --- .github/workflows/deploytest.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/deploytest.yml b/.github/workflows/deploytest.yml index 8d7fcc8..a0f2e31 100644 --- a/.github/workflows/deploytest.yml +++ b/.github/workflows/deploytest.yml @@ -16,4 +16,4 @@ jobs: - name: Run install script run: | sudo chmod 555 ./a.sh - sudo bash -x ./a.sh -c ./testdev.txt + sudo bash -x ./a.sh -c ./testenv_systemd.txt From 211c3b5ee194efc11b2d57e4d56ab413ce27dc14 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Sun, 24 Dec 2023 10:57:29 +0900 Subject: [PATCH 28/61] Update deploytest.yml --- .github/workflows/deploytest.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/deploytest.yml b/.github/workflows/deploytest.yml index a0f2e31..f622770 100644 --- a/.github/workflows/deploytest.yml +++ b/.github/workflows/deploytest.yml @@ -1,7 +1,7 @@ name: deploy test on: - workflow_dispatch: + push: jobs: run-script: From 9d1f0d9090cca77ad0e88a359c9833aa52dbc1a6 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Sun, 24 Dec 2023 11:00:38 +0900 Subject: [PATCH 29/61] Update a.sh --- a.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/a.sh b/a.sh index f683637..3a3e3aa 100755 --- a/a.sh +++ b/a.sh @@ -1423,7 +1423,7 @@ function install() { tput setaf 2; tput bold; echo "ALL MISSKEY INSTALLATION PROCESSES ARE COMPLETE!"; - echo "Jump to https://$host/ and continue setting up your instance."; + echo "Jump to http://$host/ and continue setting up your instance."; tput setaf 7; echo "This script version is v$version."; echo "Please check https://github.com/joinmisskey/bash-install to address bugs and updates."; @@ -1471,7 +1471,7 @@ function install() { echo "You can check the setup progress with the following command:"; echo "sudo -iu $misskey_user XDG_RUNTIME_DIR=/run/user/$m_uid DOCKER_HOST=unix:///run/user/$m_uid/docker.sock docker logs -f $docker_container"; echo ""; - echo "After the setup is complete, jump to https://$host/ and continue setting up your instance."; + echo "After the setup is complete, jump to http://$host/ and continue setting up your instance."; echo ""; tput setaf 7; echo "This script version is v$version."; @@ -1531,4 +1531,4 @@ function main() { install; } -main "$@"; \ No newline at end of file +main "$@"; From 06181045eef4e8f8c5c6a2bd6289fd72cf48cb10 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Sun, 24 Dec 2023 11:16:36 +0900 Subject: [PATCH 30/61] Update deploytest.yml --- .github/workflows/deploytest.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/deploytest.yml b/.github/workflows/deploytest.yml index f622770..62619ff 100644 --- a/.github/workflows/deploytest.yml +++ b/.github/workflows/deploytest.yml @@ -13,6 +13,10 @@ jobs: - name: Set environment variable (for tput command) run: echo "TERM=xterm" >> $GITHUB_ENV + - uses: actions/setup-node@v4 + with: + node-version: 20.10 + - name: Run install script run: | sudo chmod 555 ./a.sh From d8d31a5fb005d5279040c98d480dabd5281fb392 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Sun, 24 Dec 2023 11:20:27 +0900 Subject: [PATCH 31/61] Update deploytest.yml --- .github/workflows/deploytest.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/deploytest.yml b/.github/workflows/deploytest.yml index 62619ff..fe7dd35 100644 --- a/.github/workflows/deploytest.yml +++ b/.github/workflows/deploytest.yml @@ -15,7 +15,7 @@ jobs: - uses: actions/setup-node@v4 with: - node-version: 20.10 + node-version: 20.10.0 - name: Run install script run: | From f099119d093a21881b0576a8db6f45092c8deeaa Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Mon, 8 Jan 2024 02:04:29 +0900 Subject: [PATCH 32/61] update --- .github/workflows/deploytest.yml | 2 +- a.sh | 32 ++++++++++++++++++---- testenv_docker.txt | 3 ++- testenv_githubactions.txt | 46 ++++++++++++++++++++++++++++++++ testenv_systemd.txt | 3 ++- 5 files changed, 78 insertions(+), 8 deletions(-) create mode 100644 testenv_githubactions.txt diff --git a/.github/workflows/deploytest.yml b/.github/workflows/deploytest.yml index fe7dd35..37e6eb4 100644 --- a/.github/workflows/deploytest.yml +++ b/.github/workflows/deploytest.yml @@ -20,4 +20,4 @@ jobs: - name: Run install script run: | sudo chmod 555 ./a.sh - sudo bash -x ./a.sh -c ./testenv_systemd.txt + sudo bash -x ./a.sh -c ./testenv_githubactions.txt diff --git a/a.sh b/a.sh index 3a3e3aa..b1290b5 100755 --- a/a.sh +++ b/a.sh @@ -247,6 +247,16 @@ function load_options() { exit 1; fi fi + + #Install setting + if [ "$skip_confirm" != true ] && [ "$skip_confirm" != false ]; then + tput setaf 1; echo "Error: skip_confirm is invalid."; tput setaf 7; + exit 1; + fi + if [ "$github_actions" != true ] && [ "$github_actions" != false ]; then + tput setaf 1; echo "Error: github_actions is invalid."; tput setaf 7; + exit 1; + fi } #Save options @@ -300,8 +310,9 @@ function save_options() { swap=$swap swap_size=$swap_size - #Skip confirm - #skip_confirm=false + #Install setting + skip_confirm=false + github_actions=false EOF #Disallow undefined variables again set -u; @@ -626,6 +637,11 @@ function options() { swap=false; fi #---end-reg--- + + #---reg: Install setting--- + skip_confirm=false + github_actions=false + #---end-reg--- } #Confirm options @@ -694,10 +710,15 @@ function confirm_options() { fi #---end-reg--- + #---reg: Install setting--- + echo "skip_confirm: $skip_confirm" + echo "github_actions: $github_actions" + #---end-reg--- + echo ""; - #Confirm options if skip_confirm is not true or not set - if [ -z ${skip_confirm+x} ] || [ $skip_confirm != true ]; then + #Confirm options if skip_confirm is not true + if [ $skip_confirm != true ]; then echo "Is this correct? [Y/n]"; read -r -p "> " yn; case "$yn" in @@ -1484,7 +1505,8 @@ function install() { if [ $method != "docker_hub" ]; then git_clone; fi create_config; if $nginx_local; then open_ports; prepare_nginx; fi - if [ $method == "systemd" ]; then prepare_nodejs; else prepare_docker; fi + if [ $method == "systemd" && $github_actions != true ]; then prepare_nodejs; fi + if [ $method != "systemd" ]; then prepare_docker; fi if $redis_local; then prepare_redis; fi if $db_local; then prepare_postgresql; fi create_db; diff --git a/testenv_docker.txt b/testenv_docker.txt index d0aa6e2..2083f99 100644 --- a/testenv_docker.txt +++ b/testenv_docker.txt @@ -41,5 +41,6 @@ redis_pass=misskey swap=true swap_size=2048 -#Skip confirm +#Install setting skip_confirm=true +github_actions=false diff --git a/testenv_githubactions.txt b/testenv_githubactions.txt new file mode 100644 index 0000000..ce3db39 --- /dev/null +++ b/testenv_githubactions.txt @@ -0,0 +1,46 @@ +#Install method +method=systemd + +#Misskey setting +docker_repository=misskey/misskey:latest +docker_host_ip=auto +git_repository=https://github.com/misskey-dev/misskey +git_branch=master +misskey_directory=/home/misskey/misskey +misskey_localhost=localhost +misskey_user=misskey +host=127.0.0.1 +misskey_port=3000 + +#Nginx setting +nginx_local=true +ufw=false +iptables=false +certbot=false +certbot_dns_cloudflare=false +certbot_http=false +certbot_mailaddress=false +certbot_cloudflare_mail=false +certbot_cloudflare_key=false + +#Database (PostgreSQL) setting +db_local=true +db_host=localhost +db_port=5432 +db_user=misskey +db_pass=misskey +db_name=misskey + +#Redis setting +redis_local=true +redis_host=localhost +redis_port=6379 +redis_pass=misskey + +#Swap setting +swap=true +swap_size=2048 + +#Install setting +skip_confirm=true +github_actions=true diff --git a/testenv_systemd.txt b/testenv_systemd.txt index c8f75af..bee6009 100644 --- a/testenv_systemd.txt +++ b/testenv_systemd.txt @@ -41,5 +41,6 @@ redis_pass=misskey swap=true swap_size=2048 -#Skip confirm +#Install setting skip_confirm=true +github_actions=false From 30f81bdd5f434ea25b21332f1e68a542c8cbc155 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Mon, 8 Jan 2024 11:06:35 +0900 Subject: [PATCH 33/61] Update a.sh --- a.sh | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/a.sh b/a.sh index b1290b5..f300fd7 100755 --- a/a.sh +++ b/a.sh @@ -1011,7 +1011,7 @@ function install() { #Install nodejs apt -qq update -y; - apt -qq install -y nodejs libjemalloc-dev; + apt -qq install -y $($github_actions != true && echo "nodejs") libjemalloc-dev; #Check version tput setaf 3; @@ -1026,6 +1026,8 @@ function install() { tput setaf 3; echo "Corepack version:"; corepack -v; + echo "pnpm version:"; + pnpm -v; tput setaf 7; } @@ -1505,7 +1507,7 @@ function install() { if [ $method != "docker_hub" ]; then git_clone; fi create_config; if $nginx_local; then open_ports; prepare_nginx; fi - if [ $method == "systemd" && $github_actions != true ]; then prepare_nodejs; fi + if [ $method == "systemd" ]; then prepare_nodejs; fi if [ $method != "systemd" ]; then prepare_docker; fi if $redis_local; then prepare_redis; fi if $db_local; then prepare_postgresql; fi From 6060e6600c10b91428935036454e304d74792a31 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Mon, 8 Jan 2024 11:24:54 +0900 Subject: [PATCH 34/61] Update a.sh --- a.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/a.sh b/a.sh index f300fd7..7c57b0b 100755 --- a/a.sh +++ b/a.sh @@ -1017,6 +1017,7 @@ function install() { tput setaf 3; echo "Nodejs version:"; node -v; + which node; tput setaf 7; #Enable corepack From e8b1e208e78f5c3c5c0e8b259f9c0f0a89845a64 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Mon, 8 Jan 2024 11:38:38 +0900 Subject: [PATCH 35/61] Update a.sh --- a.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/a.sh b/a.sh index 7c57b0b..08c0525 100755 --- a/a.sh +++ b/a.sh @@ -1011,7 +1011,7 @@ function install() { #Install nodejs apt -qq update -y; - apt -qq install -y $($github_actions != true && echo "nodejs") libjemalloc-dev; + apt -qq install -y $($github_actions || echo "nodejs") libjemalloc-dev; #Check version tput setaf 3; From a473505276b2b2d6f3ab7c891b7755cd065df8c6 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Mon, 8 Jan 2024 11:43:18 +0900 Subject: [PATCH 36/61] Update a.sh --- a.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/a.sh b/a.sh index 08c0525..7b8cbbf 100755 --- a/a.sh +++ b/a.sh @@ -1011,7 +1011,7 @@ function install() { #Install nodejs apt -qq update -y; - apt -qq install -y $($github_actions || echo "nodejs") libjemalloc-dev; + apt -qq install -y nodejs libjemalloc-dev; #Check version tput setaf 3; From 73069f33d30c938c2d3805830e167bfc4f803313 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Mon, 8 Jan 2024 11:46:49 +0900 Subject: [PATCH 37/61] Update a.sh --- a.sh | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/a.sh b/a.sh index 7b8cbbf..46f6c20 100755 --- a/a.sh +++ b/a.sh @@ -1005,6 +1005,12 @@ function install() { echo ""; tput setaf 3; echo "Process: prepare nodejs;"; tput setaf 7; + #In GitHub Actions, remove nodejs 18 + if $github_actions; then + apt -qq remove -y nodejs; + rm -rf /usr/local/bin/npm /usr/local/bin/node /usr/local/lib/node_modules; + fi + #Add nodejs gpg key curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | sudo gpg --dearmor -o /usr/share/keyrings/nodesource.gpg; echo "deb [signed-by=/usr/share/keyrings/nodesource.gpg] https://deb.nodesource.com/node_$NODE_MAJOR.x nodistro main" | sudo tee /etc/apt/sources.list.d/nodesource.list; From be7a648e69af31d4f81c3f414630ebce1937fa79 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Tue, 9 Jan 2024 16:30:47 +0900 Subject: [PATCH 38/61] Delete ubuntu.sh --- ubuntu.sh | 992 ------------------------------------------------------ 1 file changed, 992 deletions(-) delete mode 100644 ubuntu.sh diff --git a/ubuntu.sh b/ubuntu.sh deleted file mode 100644 index 27e35a8..0000000 --- a/ubuntu.sh +++ /dev/null @@ -1,992 +0,0 @@ -#!/bin/bash -# Copyright 2023 aqz/tamaina, joinmisskey -# -# Permission is hereby granted, free of charge, to any person -# obtaining a copy of this software and associated documentation files (the "Software"), -# to deal in the Software without restriction, including without limitation the rights -# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, -# and to permit persons to whom the Software is furnished to do so, -# subject to the following conditions: -# -# The above copyright notice and this permission notice -# shall be included in all copies or substantial portions of the Software. -# -# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, -# INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. -# IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, -# DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. -# -version="3.2.0"; - -tput setaf 4; -echo ""; -echo "Misskey auto setup for Ubuntu"; -echo " v$version"; -echo ""; - -#region initial check -tput setaf 2; -echo "Check: Linux;" -if [ "$(command -v uname)" ]; then - if [ "$(uname -s)" == "Linux" ]; then - tput setaf 7; - echo " OK."; - if ! [ -f "/etc/lsb-release" ]; then - echo " Warning: This script has been tested on Ubuntu and may not work on other distributions."; - fi - else - tput setaf 1; - echo " NG."; - exit 1; - fi -else - tput setaf 1; - echo " NG."; - exit 1; -fi - -tput setaf 2; -echo "Check: root user;"; -if [ "$(whoami)" != 'root' ]; then - tput setaf 1; - echo " NG. This script must be run as root."; - exit 1; -else - tput setaf 7; - echo " OK. I am root user."; -fi - -tput setaf 2; -echo "Check: arch;"; -case $(uname -m) in - x86_64) - tput setaf 7; - echo " x86_64 (amd64)"; - arch=amd64; - ;; - aarch64) - tput setaf 7; - echo " aarch64 (arm64)"; - arch=arm64; - ;; - *) - tput setaf 1; - echo " NG. $(uname -m) is unsupported architecture."; - exit 1; - ;; -esac -#endregion - -#region user input -#region method -tput setaf 3; -echo ""; -echo "Install Method"; -tput setaf 7; -echo "Do you use systemd to run Misskey?:"; -echo "Y = To use systemd / n = To use docker" -read -r -p "[Y/n] > " yn -case "$yn" in - [Nn]|[Nn][Oo]) - echo "Use Docker."; - method=docker; - - echo "Determine the local IP of this computer as docker host."; - echo "The IPs that are supposed to be available are as follows (the result of hostname -I)"; - echo " $(hostname -I)" - read -r -p "> " -e -i "$(hostname -I | cut -f1 -d' ')" docker_host_ip; - - echo "The host name of docker host to bind with 'docker run --add-host='."; - read -r -p "> " -e -i "docker_host" misskey_localhost; - ;; - *) - echo "Use Systemd."; - method=systemd; - misskey_localhost=localhost - ;; -esac -#endregion - -if [ $method == "docker" ]; then - if [ $arch == "amd64" ]; then - echo "Do you use image from Docker Hub?:"; - echo "Y = To use Docker Hub image / N = To build Docker image in this machine" - read -r -p "[Y/n] > " yn - case "$yn" in - [Nn]|[Nn][Oo]) - echo "Build docker image (local/misskey:latest)."; - method=docker; - docker_repository="local/misskey:latest" - ;; - *) - echo "Use Docker Hub image."; - method=docker_hub; - echo "Enter repository:tag of Docker Hub image:" - read -r -p "> " -e -i "misskey/misskey:latest" docker_repository; - ;; - esac - else - echo "We should build docker manually because this is arm64 machine."; - method=docker; - docker_repository="local/misskey:latest" - fi - -fi - -tput setaf 3; -echo "Misskey setting"; -tput setaf 7; -misskey_directory=misskey - -if [ $method != "docker_hub" ]; then - echo "Repository url where you want to install:" - read -r -p "> " -e -i "https://github.com/misskey-dev/misskey.git" repository; - echo "The name of a new directory to clone:" - read -r -p "> " -e -i "misskey" misskey_directory; - echo "Branch or Tag" - read -r -p "> " -e -i "master" branch; -fi - -tput setaf 3; -echo ""; -echo "Enter the name of user with which you want to execute Misskey:"; -tput setaf 7; -read -r -p "> " -e -i "misskey" misskey_user; - -tput setaf 3; -echo ""; -echo "Enter host where you want to install Misskey:"; -tput setaf 7; -read -r -p "> " -e -i "example.com" host; -tput setaf 7; -hostarr=(${host//./ }); -echo "OK, let's install $host!"; - -#region nginx -tput setaf 3; -echo ""; -echo "Nginx setting"; -tput setaf 7; -echo "Do you want to setup nginx?:"; -read -r -p "[Y/n] > " yn -case "$yn" in - [Nn]|[Nn][Oo]) - echo "Nginx and Let's encrypt certificate will not be installed."; - echo "You should open ports manually."; - nginx_local=false; - cloudflare=false; - certbot=false; - - echo "Misskey port: "; - read -r -p "> " -e -i "3000" misskey_port; - ;; - *) - echo "Nginx will be installed on this computer."; - echo "Port 80 and 443 will be opened by modifying iptables."; - nginx_local=true; - - tput setaf 3; - echo ""; - tput setaf 7; - echo "Do you want it to open ports, to setup ufw or iptables?:"; - echo "u = To setup ufw / i = To setup iptables / N = Not to open ports"; - - read -r -p "[u/i/N] > " yn2 - case "$yn2" in - [Uu]) - echo "OK, it will use ufw."; - ufw=true - iptables=false - echo "SSH port: "; - read -r -p "> " -e -i "22" ssh_port; - ;; - [Ii]) - echo "OK, it will use iptables."; - ufw=false - iptables=true - echo "SSH port: "; - read -r -p "> " -e -i "22" ssh_port; - ;; - *) - echo "OK, you should open ports manually."; - ufw=false - iptables=false - ;; - esac - - #region certbot - tput setaf 3; - echo ""; - echo "Certbot setting"; - tput setaf 7; - echo "Do you want it to setup certbot to connect with https?:"; - - read -r -p "[Y/n] > " yn2 - case "$yn2" in - [Nn]|[Nn][Oo]) - certbot=false - echo "OK, you don't setup certbot."; - ;; - *) - certbot=true - echo "OK, you want to setup certbot."; - #endregion - ;; - esac - - #region cloudflare - tput setaf 3; - echo ""; - echo "Cloudflare setting"; - tput setaf 7; - echo "Do you use Cloudflare?:"; - - read -r -p "[Y/n] > " yn2 - case "$yn2" in - [Nn]|[Nn][Oo]) - echo "OK, you don't use Cloudflare."; - echo "Let's encrypt certificate will be installed using the method without Cloudflare."; - echo ""; - echo "Make sure that your DNS is configured to this machine."; - cloudflare=false - - if $certbot; then - echo ""; - echo "Enter Email address to register Let's Encrypt certificate"; - read -r -p "> " cf_mail; - fi - ;; - *) - cloudflare=true - echo "OK, you want to use Cloudflare. Let's set up Cloudflare."; - echo ""; - echo "Make sure that Cloudflare DNS is configured and is in proxy mode."; - echo ""; - echo "Enter Email address you registered to Cloudflare:"; - read -r -p "> " cf_mail; - echo "Open https://dash.cloudflare.com/profile/api-tokens to get Global API Key and enter here it."; - echo "Cloudflare API Key: "; - read -r -p "> " cf_key; - - mkdir -p /etc/cloudflare; - cat > /etc/cloudflare/cloudflare.ini <<-_EOF - dns_cloudflare_email = $cf_mail - dns_cloudflare_api_key = $cf_key - _EOF - - chmod 600 /etc/cloudflare/cloudflare.ini; - #endregion - ;; - esac - - echo "Tell me which port Misskey will watch: "; - echo "Misskey port: "; - read -r -p "> " -e -i "3000" misskey_port; - ;; -esac -#endregion - -#region postgres -tput setaf 3; -echo ""; -echo "Database (PostgreSQL) setting"; -tput setaf 7; -echo "Do you want to install postgres locally?:"; -echo "(If you have run this script before in this computer, choose n and enter values you have set.)" -read -r -p "[Y/n] > " yn -case "$yn" in - [Nn]|[Nn][Oo]) - echo "You should prepare postgres manually until database is created."; - db_local=false; - - echo "Database host: "; - read -r -p "> " -e -i "$misskey_localhost" db_host; - echo "Database port:"; - read -r -p "> " -e -i "5432" db_port; - ;; - *) - echo "PostgreSQL will be installed on this computer at $misskey_localhost:5432."; - db_local=true; - - db_host=$misskey_localhost; - db_port=5432; - ;; -esac - -echo "Database user name: "; -read -r -p "> " -e -i "misskey" db_user; -echo "Database user password: "; -read -r -p "> " db_pass; -echo "Database name:"; -read -r -p "> " -e -i "mk1" db_name; -#endregion - -#region redis -tput setaf 3; -echo ""; -echo "Redis setting"; -tput setaf 7; -echo "Do you want to install redis locally?:"; -echo "(If you have run this script before in this computer, choose n and enter values you have set.)" -read -r -p "[Y/n] > " yn -case "$yn" in - [Nn]|[Nn][Oo]) - echo "You should prepare Redis manually."; - redis_local=false; - - echo "Redis host:"; - read -r -p "> " -e -i "$misskey_localhost" redis_host; - echo "Redis port:"; - read -r -p "> " -e -i "6379" redis_port; - ;; - *) - echo "Redis will be installed on this computer at $misskey_localhost:6379."; - redis_local=true; - - redis_host=$misskey_localhost; - redis_port=6379; - ;; -esac - -echo "Redis password:"; -read -r -p "> " redis_pass; -#endregion - -tput setaf 7; -echo ""; -echo "OK. It will automatically install what you need. This will take some time."; -echo ""; -#endregion - -set -eu; - -tput setaf 2; -echo "Check: Memory;" -mem_all=$(free -t --si -g | tail -n 1); -mem_allarr=(${mem_all//\\t/ }); -if [ "${mem_allarr[1]}" -ge 3 ]; then - tput setaf 7; - echo " OK. This computer has ${mem_allarr[1]}GB RAM."; -else - tput setaf 1; - echo " NG. This computer doesn't have enough RAM (>= 2GB, Current ${mem_allarr[1]}GB)."; - tput setaf 7; - mem_swap=$(free | tail -n 1); - mem_swaparr=(${mem_swap//\\t/ }); - if [ "${mem_swaparr[1]}" -eq 0 ]; then - if [ "${mem_allarr[1]}" -ge 2 ]; then - echo " Swap will be made (1M x 1024)."; - dd if=/dev/zero of=/swap bs=1M count=1024; - else - echo " Swap will be made (1M x 2048)."; - dd if=/dev/zero of=/swap bs=1M count=2048; - fi - mkswap /swap; - swapon /swap; - echo "/swap none swap sw 0" >> /etc/fstab; - free -t; - else - echo " Add more swaps!"; - exit 1; - fi -fi - -tput setaf 3; -echo "Process: add misskey user ($misskey_user);"; -tput setaf 7; -if cut -d: -f1 /etc/passwd | grep -q -x "$misskey_user"; then - echo "$misskey_user exists already. No user will be created."; -else - useradd -m -U -s /bin/bash "$misskey_user"; -fi -echo "misskey_user=\"$misskey_user\"" > /root/.misskey.env -echo "version=\"$version\"" >> /root/.misskey.env -m_uid=$(id -u "$misskey_user") - -tput setaf 3; -echo "Process: apt install #1;"; -tput setaf 7; -apt -qq update -y; -apt -qq install -y curl nano jq gnupg2 apt-transport-https ca-certificates lsb-release software-properties-common uidmap$($nginx_local && echo " certbot")$($nginx_local && ($ufw && echo " ufw" || $iptables && echo " iptables-persistent"))$($cloudflare && echo " python3-certbot-dns-cloudflare")$([ $method != "docker_hub" ] && echo " git")$([ $method == "systemd" ] && echo " ffmpeg build-essential"); - -if [ $method != "docker_hub" ]; then -#region work with misskey user -su "$misskey_user" << MKEOF -set -eu; -cd ~; -tput setaf 3; -echo "Process: git clone;"; -tput setaf 7; -if [ -e "./$misskey_directory" ]; then - if [ -f "./$misskey_directory" ]; then - rm "./$misskey_directory"; - else - rm -rf "./$misskey_directory"; - fi -fi -git clone -b "$branch" --depth 1 --recursive "$repository" "$misskey_directory"; -MKEOF -#endregion -else -#region work with misskey user -su "$misskey_user" << MKEOF -set -eu; -cd ~; -if [ -e "./$misskey_directory" ]; then - if [ -f "./$misskey_directory" ]; then - rm "./$misskey_directory"; - fi -else - mkdir "./$misskey_directory" -fi -if [ -e "./$misskey_directory/.config" ]; then - if [ -f "./$misskey_directory/.config" ]; then - rm "./$misskey_directory/.config"; - fi -else - mkdir "./$misskey_directory/.config" -fi -MKEOF -#endregion -fi - -tput setaf 3; -echo "Process: write default.yml;"; -tput setaf 7; -#region work with misskey user -su "$misskey_user" << MKEOF -set -eu; -cd ~; - -tput setaf 3; -echo "Process: create default.yml;" -tput setaf 7; - -cat > "$misskey_directory/.config/default.yml" << _EOF -url: https://$host -port: $misskey_port - -# PostgreSQL -db: - host: '$db_host' - port: $db_port - db : '$db_name' - user: '$db_user' - pass: '$db_pass' - -# Redis -redis: - host: '$redis_host' - port: $redis_port - pass: '$redis_pass' - -# ID type -id: 'aid' - -# Proxy remote files (default: true) -# Proxy remote files by this instance or mediaProxy to prevent remote files from running in remote domains. -proxyRemoteFiles: true - -# Sign to ActivityPub GET request (default: true) -signToActivityPubGet: true - -proxyBypassHosts: - - api.deepl.com - - api-free.deepl.com - - www.recaptcha.net - - hcaptcha.com - - challenges.cloudflare.com - - summaly.arkjp.net -_EOF -MKEOF -#endregion - -if $nginx_local; then - if $ufw; then - tput setaf 3; - echo "Process: port open by ufw;" - tput setaf 7; - - ufw limit $ssh_port/tcp; - ufw default deny; - ufw allow 80; - ufw allow 443; - ufw --force enable; - ufw status; - elif $iptables; then - tput setaf 3; - echo "Process: port open by iptables;" - tput setaf 7; - - grep -q -x -e "-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT" /etc/iptables/rules.v4 || iptables -I INPUT -p tcp --dport 80 -j ACCEPT; - grep -q -x -e "-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT" /etc/iptables/rules.v4 || iptables -I INPUT -p tcp --dport 443 -j ACCEPT; - grep -q -x -e "-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT" /etc/iptables/rules.v6 || ip6tables -I INPUT -p tcp --dport 80 -j ACCEPT; - grep -q -x -e "-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT" /etc/iptables/rules.v6 || ip6tables -I INPUT -p tcp --dport 443 -j ACCEPT; - - netfilter-persistent save; - netfilter-persistent reload; - fi - - tput setaf 3; - echo "Process: prepare nginx;" - tput setaf 7; - curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor | sudo tee /usr/share/keyrings/nginx-archive-keyring.gpg > /dev/null; - tput setaf 2; - echo "Check: nginx gpg key;"; - tput setaf 7; - if gpg --dry-run --quiet --no-keyring --import --import-options import-show /usr/share/keyrings/nginx-archive-keyring.gpg | grep -q 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; then - echo " OK."; - else - tput setaf 1; - echo " NG."; - exit 1; - fi - echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] http://nginx.org/packages/ubuntu $(lsb_release -cs) nginx" | sudo tee /etc/apt/sources.list.d/nginx.list; - echo -e "Package: *\nPin: origin nginx.org\nPin: release o=nginx\nPin-Priority: 900\n" | sudo tee /etc/apt/preferences.d/99nginx; -fi - -if [ $method == "systemd" ]; then - tput setaf 3; - echo "Process: prepare node.js;" - tput setaf 7; - curl -sL https://deb.nodesource.com/setup_20.x | sudo -E bash -; -else - tput setaf 3; - echo "Process: prepare docker;" - tput setaf 7; - if ! [ -e /usr/share/keyrings/docker-archive-keyring.gpg ]; then - curl -sL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg - fi - echo "deb [arch=$arch signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null -fi - -if $redis_local; then - tput setaf 3; - echo "Process: prepare redis;" - tput setaf 7; - curl -fsSL https://packages.redis.io/gpg | sudo gpg --dearmor -o /usr/share/keyrings/redis-archive-keyring.gpg; - echo "deb [signed-by=/usr/share/keyrings/redis-archive-keyring.gpg] https://packages.redis.io/deb $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/redis.list; -fi - -tput setaf 3; -echo "Process: apt install #2;" -tput setaf 7; -apt -qq update -y; -apt -qq install -y$([ $method == "systemd" ] && echo " nodejs libjemalloc-dev" || echo " docker-ce docker-ce-cli containerd.io")$($redis_local && echo " redis")$($nginx_local && echo " nginx"); - -if [ $method == "systemd" ]; then - tput setaf 3; - echo "Process: corepack enable;" - tput setaf 7; - corepack enable; -fi - -echo "Display: Versions;" -if [ $method == "systemd" ]; then - echo "node"; - node -v; - echo "corepack"; - corepack -v; -else - echo "docker"; - docker --version; -fi -if $redis_local; then - echo "redis"; - redis-server --version; -fi -if $nginx_local; then - echo "nginx"; - nginx -v; -fi - -if $redis_local; then - tput setaf 3; - echo "Process: daemon activate: redis;" - tput setaf 7; - systemctl start redis-server; - systemctl enable redis-server; -fi -#region nginx_setup -if $nginx_local; then -tput setaf 3; -echo "Process: create nginx config;" -tput setaf 7; - -cat > "/etc/nginx/conf.d/$host.conf" << NGEOF -# nginx configuration for Misskey -# Created by joinmisskey/bash-install v$version - -# For WebSocket -map \$http_upgrade \$connection_upgrade { - default upgrade; - '' close; -} - -proxy_cache_path /tmp/nginx_cache levels=1:2 keys_zone=cache1:16m max_size=1g inactive=720m use_temp_path=off; - -server { - listen 80; - listen [::]:80; - server_name $host; - - # For SSL domain validation - root /var/www/html; - location /.well-known/acme-challenge/ { allow all; } - location /.well-known/pki-validation/ { allow all; } - -NGEOF - -#region certbot_setup -if $certbot; then -tput setaf 3; -echo "Process: add nginx config (certbot-1);" -tput setaf 7; -cat >> "/etc/nginx/conf.d/$host.conf" << NGEOF - # with https - location / { return 301 https://\$server_name\$request_uri; } -} -NGEOF - -tput setaf 3; -echo "Process: prepare certificate;" -tput setaf 7; -nginx -t; -systemctl restart nginx; -if $cloudflare; then - certbot certonly -t -n --agree-tos --dns-cloudflare --dns-cloudflare-credentials /etc/cloudflare/cloudflare.ini --dns-cloudflare-propagation-seconds 60 --server https://acme-v02.api.letsencrypt.org/directory $([ ${#hostarr[*]} -eq 2 ] && echo " -d $host -d *.$host" || echo " -d $host") -m "$cf_mail"; -else - mkdir -p /var/www/html; - certbot certonly -t -n --agree-tos --webroot --webroot-path /var/www/html $([ ${#hostarr[*]} -eq 2 ] && echo " -d $host" || echo " -d $host") -m "$cf_mail"; -fi - -tput setaf 3; -echo "Process: add nginx config (certbot-2);" -tput setaf 7; -cat >> "/etc/nginx/conf.d/$host.conf" << NGEOF -server { - listen 443 ssl http2; - listen [::]:443 ssl http2; - server_name $host; - - ssl_session_timeout 1d; - ssl_session_cache shared:ssl_session_cache:10m; - ssl_session_tickets off; - - # To use Let's Encrypt certificate - ssl_certificate /etc/letsencrypt/live/$host/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/$host/privkey.pem; - - # SSL protocol settings - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; - ssl_prefer_server_ciphers off; - ssl_stapling on; - ssl_stapling_verify on; -NGEOF -fi -#endregion - -tput setaf 3; -echo "Process: add nginx config;" -tput setaf 7; -cat >> "/etc/nginx/conf.d/$host.conf" << NGEOF - # Change to your upload limit - client_max_body_size 80m; - - # Proxy to Node - location / { - proxy_pass http://127.0.0.1:$misskey_port; - proxy_set_header Host \$host; - proxy_http_version 1.1; - proxy_redirect off; - -$($cloudflare || echo " # If it's behind another reverse proxy or CDN, remove the following.") -$($cloudflare || echo " proxy_set_header X-Real-IP \$remote_addr;") -$($cloudflare || echo " proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;") -$($cloudflare || echo " proxy_set_header X-Forwarded-Proto https;") - - # For WebSocket - proxy_set_header Upgrade \$http_upgrade; - proxy_set_header Connection \$connection_upgrade; - - # Cache settings - proxy_cache cache1; - proxy_cache_lock on; - proxy_cache_use_stale updating; - proxy_force_ranges on; - add_header X-Cache \$upstream_cache_status; - } -} -NGEOF - -nginx -t; - -tput setaf 3; -echo "Process: daemon activate: nginx;" -tput setaf 7; - -systemctl restart nginx; -systemctl enable nginx; - -tput setaf 2; -echo "Check: localhost returns nginx;"; -tput setaf 7; -if curl http://localhost | grep -q nginx; then - echo " OK."; -else - tput setaf 1; - echo " NG."; - exit 1; -fi - -fi -#endregion - -if $db_local; then - tput setaf 3; - echo "Process: install postgres;" - tput setaf 7; - apt -qq install -y postgresql-common; - sh /usr/share/postgresql-common/pgdg/apt.postgresql.org.sh -i -v 15; - - tput setaf 3; - echo "Process: create user and database on postgres;" - tput setaf 7; - sudo -iu postgres psql -c "CREATE ROLE $db_user LOGIN PASSWORD '$db_pass';" -c "CREATE DATABASE $db_name OWNER $db_user;" -fi - -#region docker setting -if [ $method != "systemd" ]; then - #region enable rootless docker - tput setaf 3; - echo "Process: use rootless docker;" - tput setaf 7; - - systemctl disable --now docker.service docker.socket - loginctl enable-linger "$misskey_user" - sleep 5 - su "$misskey_user" <<-MKEOF - set -eu; - cd ~; - export XDG_RUNTIME_DIR=/run/user/$m_uid; - export DOCKER_HOST=unix:///run/user/$m_uid/docker.sock; - systemctl --user --no-pager - - dockerd-rootless-setuptool.sh install - - tput setaf 2; - echo "Check: docker setup;"; - tput setaf 7; - docker ps; - MKEOF - #endregion - - #region modify postgres confs - if $db_local; then - tput setaf 3; - echo "Process: modify postgres confs;" - tput setaf 7; - pg_hba=$(sudo -iu postgres psql -t -P format=unaligned -c 'show hba_file') - pg_conf=$(sudo -iu postgres psql -t -P format=unaligned -c 'show config_file') - [[ $(ip addr | grep "$docker_host_ip") =~ /([0-9]+) ]] && subnet=${BASH_REMATCH[1]}; - - hba_text="host $db_name $db_user $docker_host_ip/$subnet md5" - if ! grep "$hba_text" "$pg_hba"; then - echo "$hba_text" >> "$pg_hba"; - fi - - pgconf_search="#listen_addresses = 'localhost'" - pgconf_text="listen_addresses = '$docker_host_ip'" - if grep "$pgconf_search" "$pg_conf"; then - sed -i'.mkmoded' -e "s/$pgconf_search/$pgconf_text/g" "$pg_conf"; - elif grep "$pgconf_text" "$pg_conf"; then - echo " skip" - else - echo "Please edit postgresql.conf to set [listen_addresses = '$docker_host_ip'] by your hand." - read -r -p "Enter the editor command and press Enter key > " -e -i "nano" editorcmd - $editorcmd "$pg_conf"; - fi - - systemctl restart postgresql; - fi - #endregion -fi -#endregion - -#region modify redis conf -if $redis_local; then - tput setaf 3; - echo "Process: modify redis confs;" - tput setaf 7; - if [ -f /etc/redis/redis.conf ]; then - echo "requirepass $redis_pass" > /etc/redis/misskey.conf - [ $method != "systemd" ] && echo "bind $docker_host_ip" >> /etc/redis/misskey.conf - - if ! grep "include /etc/redis/misskey.conf" /etc/redis/redis.conf; then - echo "include /etc/redis/misskey.conf" >> /etc/redis/redis.conf; - else - echo " skip" - fi - else - echo "Couldn't find /etc/redis/redis.conf." - echo "Please modify redis config in another shell like following." - echo "" - echo "requirepass $redis_pass" - [ $method != "systemd" ] && echo "bind $docker_host_ip" - echo "" - read -r -p "Press Enter key to continue> " - fi - systemctl restart redis-server; -fi -#endregion - -if [ $method == "systemd" ]; then -#region systemd -#region work with misskey user -su "$misskey_user" << MKEOF; -set -eu; -cd ~ -cd "$misskey_directory"; - -tput setaf 3; -echo "Process: install npm packages;" -tput setaf 7; -NODE_ENV=production pnpm install --frozen-lockfile; - -tput setaf 3; -echo "Process: build misskey;" -tput setaf 7; -NODE_OPTIONS=--max_old_space_size=3072 NODE_ENV=production pnpm run build; - -tput setaf 3; -echo "Process: initialize database;" -tput setaf 7; -NODE_OPTIONS=--max_old_space_size=3072 pnpm run init; - -tput setaf 3; -echo "Check: If Misskey starts correctly;" -tput setaf 7; -if NODE_ENV=production timeout 40 npm start 2> /dev/null | grep -q "Now listening on port"; then - echo " OK."; -else - tput setaf 1; - echo " NG."; -fi -MKEOF -#endregion - -tput setaf 3; -echo "Process: create misskey daemon;" -tput setaf 7; -cat > "/etc/systemd/system/$host.service" << _EOF -[Unit] -Description=Misskey daemon - -[Service] -Type=simple -User=$misskey_user -ExecStart=$(command -v npm) start -WorkingDirectory=/home/$misskey_user/$misskey_directory -Environment="NODE_ENV=production" -Environment="LD_PRELOAD=/usr/lib/$(uname -m)-linux-gnu/libjemalloc.so.2" -TimeoutSec=60 -StandardOutput=journal -StandardError=journal -SyslogIdentifier="$host" -Restart=always - -[Install] -WantedBy=multi-user.target -_EOF - -systemctl daemon-reload; -systemctl enable "$host"; -systemctl start "$host"; -systemctl status "$host" --no-pager; - -#endregion -elif [ $method == "docker" ]; then -#region docker build -tput setaf 3; -echo "Process: build docker image;" -tput setaf 7; - -sudo -iu "$misskey_user" XDG_RUNTIME_DIR=/run/user/$m_uid DOCKER_HOST=unix:///run/user/$m_uid/docker.sock docker build -t $docker_repository "/home/$misskey_user/$misskey_directory"; -#endregion -fi - -echo ""; - -if [ $method != "systemd" ]; then -tput setaf 2; -tput bold; -echo "ALL MISSKEY INSTALLATION PROCESSES ARE COMPLETE!"; -echo "Now all we need to do is run docker run." -tput setaf 7; -echo "Watch the screen." -echo "When it shows \"Now listening on port $misskey_port on https://$host\"," -echo "press Ctrl+C to exit logs and jump to https://$host/ and continue setting up your instance."; -echo "" -echo "This script version is v$version."; -echo "Please follow @joinmisskey@misskey.io to address bugs and updates."; -echo "" -read -r -p "Press Enter key to execute docker run> "; -echo "" -tput setaf 3; -echo "Process: docker run;" -tput setaf 7; -docker_container=$(sudo -iu "$misskey_user" XDG_RUNTIME_DIR=/run/user/$m_uid DOCKER_HOST=unix:///run/user/$m_uid/docker.sock docker run -d -p $misskey_port:$misskey_port --add-host=$misskey_localhost:$docker_host_ip -v "/home/$misskey_user/$misskey_directory/files":/misskey/files -v "/home/$misskey_user/$misskey_directory/.config/default.yml":/misskey/.config/default.yml:ro --restart unless-stopped -t "$docker_repository"); -echo "$docker_container"; -su "$misskey_user" << MKEOF -set -eu; -cd ~; - -tput setaf 3; -echo "Process: create .misskey-docker.env;" -tput setaf 7; - -cat > ".misskey-docker.env" << _EOF -method="$method" -host="$host" -misskey_port=$misskey_port -misskey_directory="$misskey_directory" -misskey_localhost="$misskey_localhost" -docker_host_ip=$docker_host_ip -docker_repository="$docker_repository" -docker_container="$docker_container" -version="$version" -_EOF -MKEOF - -sudo -iu "$misskey_user" XDG_RUNTIME_DIR=/run/user/$m_uid DOCKER_HOST=unix:///run/user/$m_uid/docker.sock docker logs -f $docker_container; - -else - -su "$misskey_user" << MKEOF -set -eu; -cd ~; - -tput setaf 3; -echo "Process: create .misskey.env;" -tput setaf 7; - -cat > ".misskey.env" << _EOF -host="$host" -misskey_port=$misskey_port -misskey_directory="$misskey_directory" -misskey_localhost="$misskey_localhost" -version="$version" -_EOF -MKEOF - -tput setaf 2; -tput bold; -echo "ALL MISSKEY INSTALLATION PROCESSES ARE COMPLETE!"; -echo "Jump to https://$host/ and continue setting up your instance."; -tput setaf 7; -echo "This script version is v$version."; -echo "Please follow @joinmisskey@misskey.io to address bugs and updates."; -fi From c6c5a8c68869c3f41186ca8db09a4e20d18bb8ae Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Tue, 9 Jan 2024 16:31:53 +0900 Subject: [PATCH 39/61] Update script_structure.md --- script_structure.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/script_structure.md b/script_structure.md index 596b414..846b341 100644 --- a/script_structure.md +++ b/script_structure.md @@ -3,7 +3,7 @@ script structure 1. スクリプト概要の表示 2. env判定(root,linux,arch,ram) 3. オプション選択 - 0. compose.yamlが指定されていればそれを読み込む #値が不正な場合、エラーを出す(値を直すか、compose.yamlを削除するように言う) + 0. compose.yamlが指定されていればそれを読み込む #値が不正な場合、エラーを出す(値を直すか、compose.yamlを削除するように指示) 1. method選択(dockerhub,docker_build,systemd) 2. source入力 - docker_hub @@ -97,4 +97,4 @@ script structure 2. dockerコンテナの立ち上げ 3. .misskey-docker.envの作成 4. dockerのログ表示 -fin \ No newline at end of file +fin From 5d4eb0a7fc3bcbfcc29a5826699240c129851ee8 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Tue, 9 Jan 2024 16:32:20 +0900 Subject: [PATCH 40/61] Delete script_structure.md --- script_structure.md | 100 -------------------------------------------- 1 file changed, 100 deletions(-) delete mode 100644 script_structure.md diff --git a/script_structure.md b/script_structure.md deleted file mode 100644 index 846b341..0000000 --- a/script_structure.md +++ /dev/null @@ -1,100 +0,0 @@ -script structure - -1. スクリプト概要の表示 -2. env判定(root,linux,arch,ram) -3. オプション選択 - 0. compose.yamlが指定されていればそれを読み込む #値が不正な場合、エラーを出す(値を直すか、compose.yamlを削除するように指示) - 1. method選択(dockerhub,docker_build,systemd) - 2. source入力 - - docker_hub - 1. dockerhubリポジトリ入力 - - docker_build - 1. gitリポジトリ入力 - - systemd - 1. gitリポジトリ入力 - 3. 実行ユーザー名入力 - 4. ホスト名入力 - 5. misskeyのポート入力 - 6. nginx入れるか確認 - - 入れない - 0. nginx, cloudflare, certbotをfalseにする - - 入れる - 1. ポート開けるか(ufw/iptables/no)、開ける場合はsshポートも聞く - 2. certbot入れるか - - 入れない - - 入れる - 1. 認証方法の選択(dns-cloudflare,http) - - dns-cloudflare - 1. cloudflareのメールアドレスとapikeyの入力 #ここで入力したメールアドレスが証明書取得にも使用されることに注意 - 2. cloudflare.iniに書き込む - - http - 1. メールアドレス入力 #証明書取得に使用 - 7. postgresql入れるか確認 - - 入れない #すでに構築済みの場合(構築していない場合は予め構築するように言う) - 1. hostとportを入力 - - 入れる - 1. hostはmisskeyと同じ、portは5432 - 8. postgresqlのユーザー名とパスワード、db名を入力 - 9. redis入れるか確認 - i. 入れない #すでに構築済みの場合(構築していない場合は予め構築するように言う) - 1. hostとportを入力 - ii. 入れる - 1. hostはmisskeyと同じ、portは6379 - 10. redisのパスワードを入力 - 11. swap確認 - - 十分なメモリがある場合 - - 十分なメモリがない場合 - 1. swapを作成するか確認 - - 作成する - - 作成しない - 1. メモリ不足でインストールが失敗する可能性がある旨を表示 - 12. 設定内容の確認 #compose.yamlがあるか引数でオプション指定されていた場合、確認を出すかどうか確認する必要がある #installed = trueの場合、失敗する&データが失われる可能性がある旨の警告を出す - 13. 設定内容の保存 #compose.yamlに保存する(上書き) -4. インストール - 1. /root/.misskey_installedを作成 - 2. ユーザー作成 - 3. apt update && apt install(methodによって入れるパッケージが一部異なる) - 4. すでにmisskeyディレクトリがある場合は削除、systemdかdocker_buildの場合はgit clone - 5. misskey用のconfig.yamlを作成 - 6. nginx入れる場合、ポートを開けて、gpgとリポジトリを追加 - 7. apt用のリポジトリ追加 - - systemdの場合 - 1. nodejsのインストール準備のスクリプトを動かす - - docker_hub,docker_buildの場合 - 1. dockerのgpgとリポジトリを追加 - 8. redis入れる場合、gpgとリポジトリを追加 - 9. apt update && apt install(nginx, nodejs, docker, postgresql, いずれもif) - 10. postgresql入れる場合、セットアップスクリプト動かす - 10. systemdの場合、corepackを有効化する - 11. インストール確認(バージョン表示) - - systemdの場合 - 1. node, corepack - 2. redis, nginx, postgresql (if) - - docker_hub,docker_buildの場合 - 1. docker - 2. redis, nginx, postgresql (if) - 11. postgresql入れる場合、DBとユーザーを作成 - 12. redis入れる場合 - 1. redis-serverのservice有効化 - 2. redis.confを設定 - 13. nginx入れる場合 - 1. configファイルを作成 #certbotでcloudflare認証使わない場合に、web認証のために:80でアクセス受け付けないといけないため - 2. certbot入れる場合、証明書取得してnginx.confファイルを設定 - 3. misskeyをnginx.confに設定 - 4. nginx.confの構文チェック - 5. nginxのserviceを有効化 - 14. docker_hub, docker_buildの場合 - 1. misskeyユーザーで実行するように設定 - 2. postgresql使う場合、pg_hba.confとpostgresql.confを設定 - 15. misskeyのセットアップ - - systemdの場合 - 1. セットアップ - 2. service作成 - 3. .misskey.envの作成 - 4. fin - - docker_hub, docker_buildの場合 - 1. docker_buildの場合、ビルド - 2. dockerコンテナの立ち上げ - 3. .misskey-docker.envの作成 - 4. dockerのログ表示 -fin From 6bb0820f68afb568cb0c2aadd29664a32bcd3dad Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Tue, 9 Jan 2024 16:34:26 +0900 Subject: [PATCH 41/61] Update deploytest.yml --- .github/workflows/deploytest.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/deploytest.yml b/.github/workflows/deploytest.yml index 37e6eb4..cff73a5 100644 --- a/.github/workflows/deploytest.yml +++ b/.github/workflows/deploytest.yml @@ -8,7 +8,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Set environment variable (for tput command) run: echo "TERM=xterm" >> $GITHUB_ENV From 789fdc3b141e459529831e679b9ef95053803fdb Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Tue, 9 Jan 2024 16:35:45 +0900 Subject: [PATCH 42/61] Update deploytest.yml --- .github/workflows/deploytest.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.github/workflows/deploytest.yml b/.github/workflows/deploytest.yml index cff73a5..c93628a 100644 --- a/.github/workflows/deploytest.yml +++ b/.github/workflows/deploytest.yml @@ -13,10 +13,6 @@ jobs: - name: Set environment variable (for tput command) run: echo "TERM=xterm" >> $GITHUB_ENV - - uses: actions/setup-node@v4 - with: - node-version: 20.10.0 - - name: Run install script run: | sudo chmod 555 ./a.sh From 0a0fbdd395fe5a0f488c1ad5815f007bed402437 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Tue, 9 Jan 2024 16:53:46 +0900 Subject: [PATCH 43/61] Update a.sh --- a.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/a.sh b/a.sh index 46f6c20..27dd71b 100755 --- a/a.sh +++ b/a.sh @@ -1023,7 +1023,7 @@ function install() { tput setaf 3; echo "Nodejs version:"; node -v; - which node; + which node; tput setaf 7; #Enable corepack @@ -1508,6 +1508,7 @@ function install() { echo "Please check https://github.com/joinmisskey/bash-install to address bugs and updates."; } + #### Please do not change the order of the installation process. #### install_packages; add_user; delete_misskey_directory; From 2a6bee11387ae5d6eecd85e05ada0118333172d2 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Tue, 9 Jan 2024 17:11:10 +0900 Subject: [PATCH 44/61] update --- testenv_docker.txt | 2 +- testenv_githubactions.txt | 2 +- testenv_systemd.txt | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/testenv_docker.txt b/testenv_docker.txt index 2083f99..a9e3a45 100644 --- a/testenv_docker.txt +++ b/testenv_docker.txt @@ -13,7 +13,7 @@ host=127.0.0.1 misskey_port=3000 #Nginx setting -nginx_local=true +nginx_local=false ufw=false iptables=false certbot=false diff --git a/testenv_githubactions.txt b/testenv_githubactions.txt index ce3db39..bc507b9 100644 --- a/testenv_githubactions.txt +++ b/testenv_githubactions.txt @@ -13,7 +13,7 @@ host=127.0.0.1 misskey_port=3000 #Nginx setting -nginx_local=true +nginx_local=false ufw=false iptables=false certbot=false diff --git a/testenv_systemd.txt b/testenv_systemd.txt index bee6009..c84ac01 100644 --- a/testenv_systemd.txt +++ b/testenv_systemd.txt @@ -13,7 +13,7 @@ host=127.0.0.1 misskey_port=3000 #Nginx setting -nginx_local=true +nginx_local=false ufw=false iptables=false certbot=false From 4aad265b15bca7adb52f37044fc425e4b8e33740 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Tue, 9 Jan 2024 18:58:54 +0900 Subject: [PATCH 45/61] update --- a.sh | 461 ++++++++++++++++++++++++-------------- testenv_docker.txt | 6 +- testenv_githubactions.txt | 6 +- testenv_systemd.txt | 6 +- 4 files changed, 313 insertions(+), 166 deletions(-) diff --git a/a.sh b/a.sh index 27dd71b..a7712bf 100755 --- a/a.sh +++ b/a.sh @@ -147,12 +147,30 @@ function load_options() { exit 1; fi - #Nginx setting + #Cloudflare Tunnel/Nginx setting + if [ "$cloudflaretunnel" != true ] && [ "$cloudflaretunnel" != false ]; then + tput setaf 1; echo "Error: cloudflaretunnel is invalid."; tput setaf 7; + exit 1; + fi + if $cloudflaretunnel; then + if [ -z "$cf_apikey" ]; then + tput setaf 1; echo "Error: cf_apikey is not set."; tput setaf 7; + exit 1; + fi + if [ -z "$cfaccount_id" ]; then + tput setaf 1; echo "Error: cfaccount_id is not set."; tput setaf 7; + exit 1; + fi + if [ -z "$cfzone_id" ]; then + tput setaf 1; echo "Error: cfzone_id is not set."; tput setaf 7; + exit 1; + fi + fi if [ "$nginx_local" != true ] && [ "$nginx_local" != false ]; then tput setaf 1; echo "Error: nginx_local is invalid."; tput setaf 7; exit 1; fi - if [ "$nginx_local" = true ]; then + if $nginx_local; then if [ "$ufw" != true ] && [ "$ufw" != false ]; then tput setaf 1; echo "Error: ufw is invalid."; tput setaf 7; exit 1; @@ -165,7 +183,7 @@ function load_options() { tput setaf 1; echo "Error: certbot is invalid."; tput setaf 7; exit 1; fi - if [ "$certbot" = true ]; then + if $certbot; then if [ "$certbot_dns_cloudflare" != true ] && [ "$certbot_dns_cloudflare" != false ]; then tput setaf 1; echo "Error: certbot_dns_cloudflare is invalid."; tput setaf 7; exit 1; @@ -174,7 +192,7 @@ function load_options() { tput setaf 1; echo "Error: certbot_http is invalid."; tput setaf 7; exit 1; fi - if [ "$certbot_dns_cloudflare" = true ]; then + if $certbot_dns_cloudflare; then if [ -z "$certbot_cloudflare_mail" ]; then tput setaf 1; echo "Error: certbot_cloudflare_mail is not set."; tput setaf 7; exit 1; @@ -241,7 +259,7 @@ function load_options() { tput setaf 1; echo "Error: swap is invalid."; tput setaf 7; exit 1; fi - if [ "$swap" = true ]; then + if $swap; then if [ -z "$swap_size" ]; then tput setaf 1; echo "Error: swap_size is not set."; tput setaf 7; exit 1; @@ -281,8 +299,8 @@ function save_options() { host=$host misskey_port=$misskey_port - #Nginx setting - nginx_local=$nginx_local + #Cloudflare Tunnel/Nginx setting + cloudflaretunnel=$cloudflaretunnel ufw=$ufw iptables=$iptables certbot=$certbot @@ -327,29 +345,39 @@ function options() { tput setaf 3; echo "Install Method"; tput setaf 7; #Install method - echo "Which method do you want to use to install Misskey?"; - echo "D = Use Docker Hub / b = Build a Docker image / s = Use Systemd"; - read -r -p "[D/b/s] > " dbs; - case "$dbs" in - [bB]) - #Docker build - echo "Build a Docker image."; - method="docker_build"; - misskey_localhost="docker_host"; - ;; - [sS]) - #Systemd - echo "Use Systemd."; - method="systemd"; - misskey_localhost=localhost; - ;; - *) - #Docker Hub - echo "Use Docker Hub."; - method="docker_hub"; - misskey_localhost="docker_host"; - ;; - esac + while true; do + echo "Which method do you want to use to install Misskey?"; + echo "D = Use Docker Hub / b = Build a Docker image / s = Use Systemd"; + read -r -p "[D/b/s] > " dbs; + + case "$dbs" in + [bB]) + # Docker build + echo "Build a Docker image."; + method="docker_build"; + misskey_localhost="docker_host"; + break + ;; + [sS]) + # Systemd + echo "Use Systemd."; + method="systemd"; + misskey_localhost=localhost; + break + ;; + [dD]) + # Docker Hub + echo "Use Docker Hub."; + method="docker_hub"; + misskey_localhost="docker_host"; + break + ;; + *) + # Invalid input + echo "Invalid input, please choose 'D', 'b', or 's'."; + ;; + esac + done if [ $method = "docker_hub" ] || [ $method = "docker_build" ]; then echo "Determine the local IP of this computer as docker host."; @@ -393,7 +421,7 @@ function options() { #Hostname echo "Enter host where you want to install Misskey:"; - read -r -p "> " -e -i "example.com" host; + read -r -p "> " -e -i "misskey.example.com" host; hostarr=(${host//./ }); echo "OK, let's install $host!"; @@ -406,106 +434,162 @@ function options() { echo ""; - #---reg: Nginx setting--- - tput setaf 3; echo "Nginx setting"; tput setaf 7; - - #Nginx(including certbot) - echo "Do you want to setup nginx?:"; - read -r -p "[Y/n] > " yn; - case "$yn" in - [nN]) - #Not to install nginx - echo "Nginx and Let's encrypt certificate will not be installed."; - echo "You should open ports manually."; - nginx_local=false; - certbot=false; - ;; - *) - #Install nginx - echo "Nginx will be installed on this computer."; - echo "Port 80 and 443 will be opened by modifying iptables."; - nginx_local=true; + #---reg: Cloudflare Tunnel/Nginx setting--- + tput setaf 3; echo "Cloudflare Tunnel/Nginx setting"; tput setaf 7; + + #Cloudflare Tunnel/Nginx + while true; do + echo "Do you want to setup Cloudflare Tunnel or Nginx?:"; + echo "C = Use Cloudflare Tunnel / g = Use Nginx / n = Don't use both"; + read -r -p "[C/g/n] > " cgn; + + case "$cgn" in + [cC]) + # Cloudflare Tunnel + echo "Cloudflare Tunnel will be installed."; + cloudflaretunnel=true; + nginx_local=false; + break + ;; + [gG]) + # Nginx + echo "Nginx will be installed."; + cloudflaretunnel=false; + nginx_local=true; + break + ;; + [nN]) + # Not to use both + echo "Don't use both."; + cloudflaretunnel=false; + nginx_local=false; + break + ;; + *) + # Invalid input + echo "Invalid input, please choose 'C', 'g', or 'n'."; + ;; + esac + done - echo ""; + echo ""; - #Method to open ports + #---sub-reg: Cloudflare Tunnel setting--- + if $cloudflaretunnel; then + echo "Some information is required to setup Cloudflare Tunnel."; + echo "Please check the details at https://github.com/joinmisskey/bash-install/blob/v4/README.md and prepare the required information."; + + echo "Enter your Cloudflare API key:"; + read -r -p "> " cf_apikey; + echo "Enter your Cloudflare Account ID:"; + read -r -p "> " -e cfaccount_id; + echo "Enter your Cloudflare Zone ID:"; + read -r -p "> " -e cfzone_id; + fi + #---end-sub-reg--- + + #---sub-reg: Nginx setting--- + if $nginx_local; then + #Method to open ports + while true; do echo "Do you want it to open ports, to setup ufw or iptables?:"; echo "u = To setup ufw / i = To setup iptables / N = Not to open ports"; read -r -p "[u/i/N] > " yn2; + case "$yn2" in [uU]) - #ufw + # ufw echo "OK, it will use ufw."; ufw=true; iptables=false; echo "SSH port: "; read -r -p "> " -e -i "22" ssh_port; + break ;; [iI]) - #iptables + # iptables echo "OK, it will use iptables."; ufw=false; iptables=true; echo "SSH port: "; read -r -p "> " -e -i "22" ssh_port; + break ;; - *) - #Not to open ports + [nN]) + # Not to open ports echo "OK, you should open ports manually."; ufw=false; iptables=false; + break + ;; + *) + # 無効な入力 + echo "Invalid input, please choose 'u', 'i', or 'N'."; ;; esac + done - echo ""; + echo ""; - #---sub-reg: Certbot setting--- - tput setaf 3; echo "Certbot setting"; tput setaf 7; + #---sub2-reg: Certbot setting--- + tput setaf 3; echo "Certbot setting"; tput setaf 7; - #Certbot + #Certbot + while true; do echo "Do you want it to setup certbot to connect with https?:"; read -r -p "[Y/n] > " yn2; + case "$yn2" in + [yY]) + # Use certbot + certbot=true; + echo "OK, you want to setup certbot."; + break + ;; [nN]) - #Not to use certbot + # Not to use certbot certbot=false; echo "OK, you don't setup certbot."; + break ;; *) - #Use certbot - certbot=true; - echo "OK, you want to setup certbot."; + # Invalid input + echo "Invalid input, please choose 'Y' or 'n'."; ;; esac + done - echo ""; + echo ""; - #Method to verify domain - if [ $certbot = true ]; then - echo "Do you use Cloudflare DNS?:"; + #Method to verify domain + if $certbot; then + while true; do + echo "Do you use Cloudflare DNS API?:"; read -r -p "[Y/n] > " yn3; + case "$yn3" in [nN]) - #Not to use Cloudflare DNS + # Not to use Cloudflare DNS certbot_dns_cloudflare=false; certbot_http=true; echo "OK, you don't use Cloudflare."; echo ""; - echo "The domain is authenticated by http challenge. "; + echo "The domain is authenticated by http challenge."; echo "Make sure that your DNS is configured to this machine."; echo ""; echo "Enter Email address to register Let's Encrypt certificate"; read -r -p "> " certbot_mailaddress; + break ;; - *) - #Use Cloudflare DNS + [yY]) + # Use Cloudflare DNS certbot_dns_cloudflare=true; certbot_http=false; echo "OK, you want to use Cloudflare DNS. Let's set up Cloudflare DNS."; echo ""; - echo "The domain is authenticated by DNS challenge. "; + echo "The domain is authenticated by DNS challenge."; echo "Make sure that Cloudflare DNS is configured and is in proxy mode."; echo ""; @@ -519,17 +603,24 @@ function options() { mkdir -p /etc/cloudflare; cat > /etc/cloudflare/cloudflare.ini <<-EOF - dns_cloudflare_email = $certbot_cloudflare_mail - dns_cloudflare_api_key = $certbot_cloudflare_key + dns_cloudflare_email = $certbot_cloudflare_mail + dns_cloudflare_api_key = $certbot_cloudflare_key EOF #↑tab indent chmod 600 /etc/cloudflare/cloudflare.ini; + break + ;; + *) + # Invalid input + echo "Invalid input, please choose 'Y' or 'n'."; ;; esac - fi - #---end-sub-reg--- - esac + done + fi + #---end-sub2-reg--- + fi + #---end-sub-reg--- #---end-reg--- echo ""; @@ -538,29 +629,38 @@ function options() { tput setaf 3; echo "Database (PostgreSQL) setting"; tput setaf 7; #PostgreSQL - echo "Do you want to install postgres locally?:"; - echo "(If you have run this script before in this computer, choose n and enter values you have set.)"; - read -r -p "[Y/n] > " yn - case "$yn" in - [nN]) - #Not to install postgres locally - echo "You should prepare postgres manually until database is created."; - db_local=false; - - echo "Database host: "; - read -r -p "> " -e -i "$misskey_localhost" db_host; - echo "Database port:"; - read -r -p "> " -e -i "5432" db_port; - ;; - *) - #Install postgres locally - echo "PostgreSQL will be installed on this computer at $misskey_localhost:5432."; - db_local=true; + while true; do + echo "Do you want to install postgres locally?:"; + echo "(If you have run this script before in this computer, choose n and enter values you have set.)"; + read -r -p "[Y/n] > " yn - db_host=$misskey_localhost; - db_port=5432; - ;; - esac + case "$yn" in + [nN]) + # Not to install postgres locally + echo "You should prepare postgres manually until database is created."; + db_local=false; + + echo "Database host: "; + read -r -p "> " -e -i "$misskey_localhost" db_host; + echo "Database port:"; + read -r -p "> " -e -i "5432" db_port; + break + ;; + [yY]) + # Install postgres locally + echo "PostgreSQL will be installed on this computer at $misskey_localhost:5432."; + db_local=true; + + db_host=$misskey_localhost; + db_port=5432; + break + ;; + *) + # Invalid input + echo "Invalid input, please choose 'Y' or 'n'."; + ;; + esac + done #Database user name and password, database name echo "Database user name: "; @@ -568,7 +668,7 @@ function options() { echo "Database user password: "; read -r -p "> " db_pass; echo "Database name:"; - read -r -p "> " -e -i "mk1" db_name; + read -r -p "> " -e -i "misskey" db_name; #---end-reg--- echo ""; @@ -577,29 +677,38 @@ function options() { tput setaf 3; echo "Redis setting"; tput setaf 7; #Redis - echo "Do you want to install redis locally?:"; - echo "(If you have run this script before in this computer, choose n and enter values you have set.)" - read -r -p "[Y/n] > " yn - case "$yn" in - [nN]) - #Not to install redis locally - echo "You should prepare Redis manually."; - redis_local=false; - - echo "Redis host:"; - read -r -p "> " -e -i "$misskey_localhost" redis_host; - echo "Redis port:"; - read -r -p "> " -e -i "6379" redis_port; - ;; - *) - #Install redis locally - echo "Redis will be installed on this computer at $misskey_localhost:6379."; - redis_local=true; + while true; do + echo "Do you want to install redis locally?:"; + echo "(If you have run this script before in this computer, choose n and enter values you have set.)" + read -r -p "[Y/n] > " yn - redis_host=$misskey_localhost; - redis_port=6379; - ;; - esac + case "$yn" in + [nN]) + # Not to install redis locally + echo "You should prepare Redis manually."; + redis_local=false; + + echo "Redis host:"; + read -r -p "> " -e -i "$misskey_localhost" redis_host; + echo "Redis port:"; + read -r -p "> " -e -i "6379" redis_port; + break + ;; + [yY]) + # Install redis locally + echo "Redis will be installed on this computer at $misskey_localhost:6379."; + redis_local=true; + + redis_host=$misskey_localhost; + redis_port=6379; + break + ;; + *) + # 無効な入力 + echo "Invalid input, please choose 'Y' or 'n'."; + ;; + esac + done #Redis password echo "Redis password:"; @@ -615,23 +724,32 @@ function options() { if [ "${mem_allarr[1]}" -lt 3 ]; then tput setaf 3; echo "Swap setting"; tput setaf 7; - echo "This computer doesn't have enough RAM (>= 3GB, Current ${mem_allarr[1]}GB)."; - echo "Do you want to make swap?:"; - read -r -p "[Y/n] > " yn; - case "$yn" in - [nN]) - #Not to make swap - echo "OK, you don't make swap. But the system may not work properly."; - swap=false; - ;; - *) - #Make swap - echo "OK, you make swap."; - swap=true; - swap_size=(3 - "${mem_allarr[1]}")*1024; - echo "Swap size: ${swap_size}MB"; - ;; - esac + while true; do + echo "This computer doesn't have enough RAM (>= 3GB, Current ${mem_allarr[1]}GB)."; + echo "Do you want to make swap?:"; + read -r -p "[Y/n] > " yn; + + case "$yn" in + [yY]) + # Make swap + echo "OK, you make swap."; + swap=true; + swap_size=$((3 - "${mem_allarr[1]}"))*1024; + echo "Swap size: ${swap_size}MB"; + break + ;; + [nN]) + # Not to make swap + echo "OK, you don't make swap. But the system may not work properly."; + swap=false; + break + ;; + *) + # Invalid input + echo "Invalid input, please choose 'Y' or 'n'."; + ;; + esac + done else #Need not to make swap swap=false; @@ -668,13 +786,20 @@ function confirm_options() { echo "Misskey port: $misskey_port"; #---end-reg--- - #---reg: Nginx setting--- + #---reg: Cloudflare Tunnel/Nginx setting--- + echo "Cloudflare Tunnel: $cloudflaretunnel"; + if $cloudflaretunnel: then + echo "Cloudflare API key: **********"; + echo "Cloudflare Account ID: $cfaccount_id"; + echo "Cloudflare Zone ID: $cfzone_id"; + fi + echo "Nginx: $nginx_local"; - if [ $nginx_local = true ]; then + if $nginx_local; then echo "UFW: $ufw"; echo "iptables: $iptables"; echo "Certbot: $certbot"; - if [ $certbot = true ]; then + if $certbot; then echo "Certbot DNS_Cloudflare: $certbot_dns_cloudflare"; echo "Certbot HTTP: $certbot_http"; if [ $certbot_dns_cloudflare = true ]; then @@ -705,7 +830,7 @@ function confirm_options() { #---reg: Swap setting--- echo "Swap: $swap"; - if [ $swap = true ]; then + if $swap; then echo "Swap size: ${swap_size}MB"; fi #---end-reg--- @@ -719,20 +844,28 @@ function confirm_options() { #Confirm options if skip_confirm is not true if [ $skip_confirm != true ]; then - echo "Is this correct? [Y/n]"; - read -r -p "> " yn; - case "$yn" in - [nN]) - #Not to install - echo "OK, you don't install Misskey."; - echo "if you want to change options and install Misskey, run this script again."; - exit 1; - ;; - *) - #Install - echo "OK, let's install Misskey!"; - ;; - esac + while true; do + echo "Is this correct? [Y/n]"; + read -r -p "> " yn; + + case "$yn" in + [yY]) + # Install + echo "OK, let's install Misskey!"; + break + ;; + [nN]) + # Not to install + echo "OK, you don't install Misskey."; + echo "if you want to change options and install Misskey, run this script again."; + exit 1 + ;; + *) + # 無効な入力 + echo "Invalid input, please choose 'Y' or 'n'."; + ;; + esac + done fi } @@ -904,14 +1037,13 @@ function install() { #Setup Cloudflare Tunnel function setup_cloudflaretunnel() { - read -p "Enter your Cloudflare API key: " cf_apikey; - read -p "Enter your Cloudflare Account ID: " cfaccount_id; - read -p "Enter your Cloudflare Zone ID: " cfzone_id; - read -p "Enter the service: " service; - echo ""; tput setaf 3; echo "Process: setup Cloudflare Tunnel;"; tput setaf 7; + # Set variables + service=http://127.0.0.1:$misskey_port; + + # Verify API key response=$(curl -s -X GET -w "%{http_code}" \ -H "Authorization: Bearer $cf_apikey" \ @@ -958,9 +1090,11 @@ function install() { # Install cloudflared if [ "arch" = "arm64" ]; then + echo "Architecture: arm64"; wget https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-arm64.deb; sudo dpkg -i cloudflared-linux-arm64.deb; else + echo "Architecture: amd64"; wget https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64.deb; sudo dpkg -i cloudflared-linux-amd64.deb; fi @@ -1515,6 +1649,7 @@ function install() { if [ $method != "docker_hub" ]; then git_clone; fi create_config; if $nginx_local; then open_ports; prepare_nginx; fi + if $cloudflaretunnel; then setup_cloudflaretunnel; fi if [ $method == "systemd" ]; then prepare_nodejs; fi if [ $method != "systemd" ]; then prepare_docker; fi if $redis_local; then prepare_redis; fi diff --git a/testenv_docker.txt b/testenv_docker.txt index a9e3a45..2a1c4ac 100644 --- a/testenv_docker.txt +++ b/testenv_docker.txt @@ -12,7 +12,11 @@ misskey_user=misskey host=127.0.0.1 misskey_port=3000 -#Nginx setting +#Cloudflare Tunnel/Nginx setting +cloudflaretunnel=false +cf_apikey=hogehoge +cfaccount_id=hogehoge +cfzone_id=hogehoge nginx_local=false ufw=false iptables=false diff --git a/testenv_githubactions.txt b/testenv_githubactions.txt index bc507b9..39572e8 100644 --- a/testenv_githubactions.txt +++ b/testenv_githubactions.txt @@ -12,7 +12,11 @@ misskey_user=misskey host=127.0.0.1 misskey_port=3000 -#Nginx setting +#Cloudflare Tunnel/Nginx setting +cloudflaretunnel=false +cf_apikey=hogehoge +cfaccount_id=hogehoge +cfzone_id=hogehoge nginx_local=false ufw=false iptables=false diff --git a/testenv_systemd.txt b/testenv_systemd.txt index c84ac01..e245452 100644 --- a/testenv_systemd.txt +++ b/testenv_systemd.txt @@ -12,7 +12,11 @@ misskey_user=misskey host=127.0.0.1 misskey_port=3000 -#Nginx setting +#Cloudflare Tunnel/Nginx setting +cloudflaretunnel=false +cf_apikey=hogehoge +cfaccount_id=hogehoge +cfzone_id=hogehoge nginx_local=false ufw=false iptables=false From e9a86e34098aca421970fd7aef705fe5c0327706 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Tue, 9 Jan 2024 19:00:02 +0900 Subject: [PATCH 46/61] typo --- a.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/a.sh b/a.sh index a7712bf..522b326 100755 --- a/a.sh +++ b/a.sh @@ -788,7 +788,7 @@ function confirm_options() { #---reg: Cloudflare Tunnel/Nginx setting--- echo "Cloudflare Tunnel: $cloudflaretunnel"; - if $cloudflaretunnel: then + if $cloudflaretunnel; then echo "Cloudflare API key: **********"; echo "Cloudflare Account ID: $cfaccount_id"; echo "Cloudflare Zone ID: $cfzone_id"; From f7ecb943c44d19527cfbb81ec5d5daf94516912e Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Tue, 9 Jan 2024 19:06:48 +0900 Subject: [PATCH 47/61] rename --- testenv_docker.txt => testenv_dockerhub.txt | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename testenv_docker.txt => testenv_dockerhub.txt (100%) diff --git a/testenv_docker.txt b/testenv_dockerhub.txt similarity index 100% rename from testenv_docker.txt rename to testenv_dockerhub.txt From 158157ceb877dd595e1339b0596ffd688c19167d Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Tue, 9 Jan 2024 19:21:17 +0900 Subject: [PATCH 48/61] update --- a.sh | 2 +- testenv_dockerhub.txt | 4 ++-- testenv_githubactions.txt | 9 +++++---- testenv_systemd.txt | 4 ++-- 4 files changed, 10 insertions(+), 9 deletions(-) diff --git a/a.sh b/a.sh index 522b326..c9984e2 100755 --- a/a.sh +++ b/a.sh @@ -1646,7 +1646,7 @@ function install() { install_packages; add_user; delete_misskey_directory; - if [ $method != "docker_hub" ]; then git_clone; fi + if [ $method != "docker_hub" ] && [ $github_actions != true ]; then git_clone; fi create_config; if $nginx_local; then open_ports; prepare_nginx; fi if $cloudflaretunnel; then setup_cloudflaretunnel; fi diff --git a/testenv_dockerhub.txt b/testenv_dockerhub.txt index 2a1c4ac..2e4b94b 100644 --- a/testenv_dockerhub.txt +++ b/testenv_dockerhub.txt @@ -4,8 +4,8 @@ method=docker_hub #Misskey setting docker_repository=misskey/misskey:latest docker_host_ip=auto -git_repository=https://github.com/misskey-dev/misskey -git_branch=master +git_repository=hogehoge +git_branch=hogehoge misskey_directory=/home/misskey/misskey misskey_localhost=docker_host misskey_user=misskey diff --git a/testenv_githubactions.txt b/testenv_githubactions.txt index 39572e8..ebad56c 100644 --- a/testenv_githubactions.txt +++ b/testenv_githubactions.txt @@ -2,10 +2,11 @@ method=systemd #Misskey setting -docker_repository=misskey/misskey:latest -docker_host_ip=auto -git_repository=https://github.com/misskey-dev/misskey -git_branch=master +docker_repository=hogehoge +docker_host_ip=hogehoge +#### In GitHub Actions, use the repository and branch where the workflow was executed. +git_repository=hogehoge +git_branch=hogehoge misskey_directory=/home/misskey/misskey misskey_localhost=localhost misskey_user=misskey diff --git a/testenv_systemd.txt b/testenv_systemd.txt index e245452..5e6da4d 100644 --- a/testenv_systemd.txt +++ b/testenv_systemd.txt @@ -2,8 +2,8 @@ method=systemd #Misskey setting -docker_repository=misskey/misskey:latest -docker_host_ip=auto +docker_repository=hogehoge +docker_host_ip=hogehoge git_repository=https://github.com/misskey-dev/misskey git_branch=master misskey_directory=/home/misskey/misskey From 2e59f12dd2cd3cecf189ed5449ddb8dc21cc64cc Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Tue, 9 Jan 2024 19:31:12 +0900 Subject: [PATCH 49/61] fix --- a.sh | 9 +++++++-- testenv_githubactions.txt | 5 ++--- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/a.sh b/a.sh index c9984e2..dd128a3 100755 --- a/a.sh +++ b/a.sh @@ -921,7 +921,12 @@ function install() { echo ""; tput setaf 3; echo "Process: clone git repository;"; tput setaf 7; - sudo -iu "$misskey_user" git clone -b "$git_branch" --depth 1 --recursive "$git_repository" "$misskey_directory"; + #git_repositoryがlocalならgit cloneしない + if [ $git_repository = "local" ]; then + echo "git_repository is local, skip git clone."; + else + sudo -iu "$misskey_user" git clone -b "$git_branch" --depth 1 --recursive "$git_repository" "$misskey_directory"; + fi } #Create misskey config file @@ -1646,7 +1651,7 @@ function install() { install_packages; add_user; delete_misskey_directory; - if [ $method != "docker_hub" ] && [ $github_actions != true ]; then git_clone; fi + if [ $method != "docker_hub" ]; then git_clone; fi create_config; if $nginx_local; then open_ports; prepare_nginx; fi if $cloudflaretunnel; then setup_cloudflaretunnel; fi diff --git a/testenv_githubactions.txt b/testenv_githubactions.txt index ebad56c..477c20a 100644 --- a/testenv_githubactions.txt +++ b/testenv_githubactions.txt @@ -4,9 +4,8 @@ method=systemd #Misskey setting docker_repository=hogehoge docker_host_ip=hogehoge -#### In GitHub Actions, use the repository and branch where the workflow was executed. -git_repository=hogehoge -git_branch=hogehoge +git_repository=local +git_branch=local misskey_directory=/home/misskey/misskey misskey_localhost=localhost misskey_user=misskey From b02cb51ffd9a1bdb3fdee288de198d14db3c85b7 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Tue, 9 Jan 2024 19:48:04 +0900 Subject: [PATCH 50/61] Update deploytest.yml --- .github/workflows/deploytest.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/deploytest.yml b/.github/workflows/deploytest.yml index c93628a..f07a971 100644 --- a/.github/workflows/deploytest.yml +++ b/.github/workflows/deploytest.yml @@ -16,4 +16,6 @@ jobs: - name: Run install script run: | sudo chmod 555 ./a.sh + sed -i 's/git_repository=local/git_repository=https:\/\/github.com\/misskey-dev\/misskey/' ./testenv_githubactions.txt + sed -i 's/git_branch=local/git_branch=master/' ./testenv_githubactions.txt sudo bash -x ./a.sh -c ./testenv_githubactions.txt From f852d1641aeab6ad89eff108f9494fbc64145c77 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Tue, 9 Jan 2024 20:15:21 +0900 Subject: [PATCH 51/61] fix --- a.sh | 4 ++-- testenv_githubactions.txt | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/a.sh b/a.sh index dd128a3..3388e1e 100755 --- a/a.sh +++ b/a.sh @@ -922,8 +922,8 @@ function install() { tput setaf 3; echo "Process: clone git repository;"; tput setaf 7; #git_repositoryがlocalならgit cloneしない - if [ $git_repository = "local" ]; then - echo "git_repository is local, skip git clone."; + if [ $git_repository = "githubactions" ]; then + cp -r $GITHUB_WORKSPACE "$misskey_directory"; else sudo -iu "$misskey_user" git clone -b "$git_branch" --depth 1 --recursive "$git_repository" "$misskey_directory"; fi diff --git a/testenv_githubactions.txt b/testenv_githubactions.txt index 477c20a..bf5b773 100644 --- a/testenv_githubactions.txt +++ b/testenv_githubactions.txt @@ -4,8 +4,8 @@ method=systemd #Misskey setting docker_repository=hogehoge docker_host_ip=hogehoge -git_repository=local -git_branch=local +git_repository=githubactions +git_branch=githubactions misskey_directory=/home/misskey/misskey misskey_localhost=localhost misskey_user=misskey From c136875398da8dff9899e8e778ccc30578e8e901 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Tue, 9 Jan 2024 20:17:14 +0900 Subject: [PATCH 52/61] Update deploytest.yml --- .github/workflows/deploytest.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/deploytest.yml b/.github/workflows/deploytest.yml index f07a971..484689a 100644 --- a/.github/workflows/deploytest.yml +++ b/.github/workflows/deploytest.yml @@ -16,6 +16,6 @@ jobs: - name: Run install script run: | sudo chmod 555 ./a.sh - sed -i 's/git_repository=local/git_repository=https:\/\/github.com\/misskey-dev\/misskey/' ./testenv_githubactions.txt - sed -i 's/git_branch=local/git_branch=master/' ./testenv_githubactions.txt + sed -i 's/git_repository=github_actions/git_repository=https:\/\/github.com\/misskey-dev\/misskey/' ./testenv_githubactions.txt + sed -i 's/git_branch=github_actions/git_branch=master/' ./testenv_githubactions.txt sudo bash -x ./a.sh -c ./testenv_githubactions.txt From e675a8c883bbb1d26e9ae02c7af1f3ef0b708364 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Tue, 9 Jan 2024 20:24:09 +0900 Subject: [PATCH 53/61] Update deploytest.yml --- .github/workflows/deploytest.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/deploytest.yml b/.github/workflows/deploytest.yml index 484689a..03928dc 100644 --- a/.github/workflows/deploytest.yml +++ b/.github/workflows/deploytest.yml @@ -19,3 +19,5 @@ jobs: sed -i 's/git_repository=github_actions/git_repository=https:\/\/github.com\/misskey-dev\/misskey/' ./testenv_githubactions.txt sed -i 's/git_branch=github_actions/git_branch=master/' ./testenv_githubactions.txt sudo bash -x ./a.sh -c ./testenv_githubactions.txt + env: + GITHUB_WORKSPACE: $GITHUB_WORKSPACE From a825464eaeeded4d195587a88db6fb36abcbe58c Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Tue, 9 Jan 2024 21:46:12 +0900 Subject: [PATCH 54/61] update --- .github/workflows/deploytest.yml | 5 +---- a.sh | 5 ++--- testenv_githubactions.txt | 4 ++-- 3 files changed, 5 insertions(+), 9 deletions(-) diff --git a/.github/workflows/deploytest.yml b/.github/workflows/deploytest.yml index 03928dc..3f039e3 100644 --- a/.github/workflows/deploytest.yml +++ b/.github/workflows/deploytest.yml @@ -16,8 +16,5 @@ jobs: - name: Run install script run: | sudo chmod 555 ./a.sh - sed -i 's/git_repository=github_actions/git_repository=https:\/\/github.com\/misskey-dev\/misskey/' ./testenv_githubactions.txt - sed -i 's/git_branch=github_actions/git_branch=master/' ./testenv_githubactions.txt sudo bash -x ./a.sh -c ./testenv_githubactions.txt - env: - GITHUB_WORKSPACE: $GITHUB_WORKSPACE + diff --git a/a.sh b/a.sh index 3388e1e..33238a2 100755 --- a/a.sh +++ b/a.sh @@ -921,9 +921,8 @@ function install() { echo ""; tput setaf 3; echo "Process: clone git repository;"; tput setaf 7; - #git_repositoryがlocalならgit cloneしない - if [ $git_repository = "githubactions" ]; then - cp -r $GITHUB_WORKSPACE "$misskey_directory"; + if [[ $git_repository == local_* ]]; then + cp -r ${git_repository#local_} "$misskey_directory"; else sudo -iu "$misskey_user" git clone -b "$git_branch" --depth 1 --recursive "$git_repository" "$misskey_directory"; fi diff --git a/testenv_githubactions.txt b/testenv_githubactions.txt index bf5b773..3ee5897 100644 --- a/testenv_githubactions.txt +++ b/testenv_githubactions.txt @@ -4,8 +4,8 @@ method=systemd #Misskey setting docker_repository=hogehoge docker_host_ip=hogehoge -git_repository=githubactions -git_branch=githubactions +git_repository=https://github.com/misskey-dev/misskey +git_branch=master misskey_directory=/home/misskey/misskey misskey_localhost=localhost misskey_user=misskey From b95617d69780e73e314b9abf25732dc8ed714953 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Tue, 9 Jan 2024 22:06:02 +0900 Subject: [PATCH 55/61] Update a.sh --- a.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/a.sh b/a.sh index 33238a2..2823e4f 100755 --- a/a.sh +++ b/a.sh @@ -923,6 +923,8 @@ function install() { if [[ $git_repository == local_* ]]; then cp -r ${git_repository#local_} "$misskey_directory"; + chown -R "$misskey_user":"$misskey_user" "$misskey_directory"; + chmod -R 755 "$misskey_directory"; else sudo -iu "$misskey_user" git clone -b "$git_branch" --depth 1 --recursive "$git_repository" "$misskey_directory"; fi From 72eb7c1651c755d1677a03f6eeff63baf1dca147 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Tue, 9 Jan 2024 23:42:53 +0900 Subject: [PATCH 56/61] Update a.sh --- a.sh | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/a.sh b/a.sh index 2823e4f..7119a84 100755 --- a/a.sh +++ b/a.sh @@ -920,14 +920,7 @@ function install() { function git_clone() { echo ""; tput setaf 3; echo "Process: clone git repository;"; tput setaf 7; - - if [[ $git_repository == local_* ]]; then - cp -r ${git_repository#local_} "$misskey_directory"; - chown -R "$misskey_user":"$misskey_user" "$misskey_directory"; - chmod -R 755 "$misskey_directory"; - else - sudo -iu "$misskey_user" git clone -b "$git_branch" --depth 1 --recursive "$git_repository" "$misskey_directory"; - fi + sudo -iu "$misskey_user" git clone -b "$git_branch" --depth 1 --recursive "$git_repository" "$misskey_directory"; } #Create misskey config file From fe67467c31c11c18fb52cc3cfe26268fb7e0bb5c Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Wed, 10 Jan 2024 00:52:58 +0900 Subject: [PATCH 57/61] Update a.sh --- a.sh | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/a.sh b/a.sh index 7119a84..fd6ee5c 100755 --- a/a.sh +++ b/a.sh @@ -921,6 +921,13 @@ function install() { echo ""; tput setaf 3; echo "Process: clone git repository;"; tput setaf 7; sudo -iu "$misskey_user" git clone -b "$git_branch" --depth 1 --recursive "$git_repository" "$misskey_directory"; + if $github_actions; then + sudo -iu "$misskey_user" <<-EOF; + cd "$misskey_directory"; + SHA=$(git log -1 --format="%H") + echo "SHA=$SHA" >> $GITHUB_ENV + EOF + fi } #Create misskey config file From f8bf507c333e2b36f725d26d3f55ac26b901d579 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Wed, 10 Jan 2024 01:04:47 +0900 Subject: [PATCH 58/61] Update a.sh --- a.sh | 7 ------- 1 file changed, 7 deletions(-) diff --git a/a.sh b/a.sh index fd6ee5c..7119a84 100755 --- a/a.sh +++ b/a.sh @@ -921,13 +921,6 @@ function install() { echo ""; tput setaf 3; echo "Process: clone git repository;"; tput setaf 7; sudo -iu "$misskey_user" git clone -b "$git_branch" --depth 1 --recursive "$git_repository" "$misskey_directory"; - if $github_actions; then - sudo -iu "$misskey_user" <<-EOF; - cd "$misskey_directory"; - SHA=$(git log -1 --format="%H") - echo "SHA=$SHA" >> $GITHUB_ENV - EOF - fi } #Create misskey config file From f79f2631648dbcd05142b50964c9e37f04ed6572 Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Wed, 10 Jan 2024 01:32:01 +0900 Subject: [PATCH 59/61] Rename a.sh to misskey-install.sh --- a.sh => misskey-install.sh | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename a.sh => misskey-install.sh (100%) diff --git a/a.sh b/misskey-install.sh similarity index 100% rename from a.sh rename to misskey-install.sh From ba172b2ab753b98c8abed3202d7cd93164aed55b Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Wed, 10 Jan 2024 01:32:29 +0900 Subject: [PATCH 60/61] Update deploytest.yml --- .github/workflows/deploytest.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/deploytest.yml b/.github/workflows/deploytest.yml index 3f039e3..10e87a8 100644 --- a/.github/workflows/deploytest.yml +++ b/.github/workflows/deploytest.yml @@ -15,6 +15,6 @@ jobs: - name: Run install script run: | - sudo chmod 555 ./a.sh - sudo bash -x ./a.sh -c ./testenv_githubactions.txt + sudo chmod 555 ./misskey-install.sh + sudo bash -x ./misskey-install.sh -c ./testenv_githubactions.txt From 0eceeecb68bf4fddde366466fb160b8647c288fc Mon Sep 17 00:00:00 2001 From: Srgr0 <66754887+Srgr0@users.noreply.github.com> Date: Wed, 10 Jan 2024 01:42:06 +0900 Subject: [PATCH 61/61] Create ubuntu.sh --- ubuntu.sh | 993 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 993 insertions(+) create mode 100644 ubuntu.sh diff --git a/ubuntu.sh b/ubuntu.sh new file mode 100644 index 0000000..82e992b --- /dev/null +++ b/ubuntu.sh @@ -0,0 +1,993 @@ +#!/bin/bash +# Copyright 2023 aqz/tamaina, joinmisskey +# +# Permission is hereby granted, free of charge, to any person +# obtaining a copy of this software and associated documentation files (the "Software"), +# to deal in the Software without restriction, including without limitation the rights +# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, +# and to permit persons to whom the Software is furnished to do so, +# subject to the following conditions: +# +# The above copyright notice and this permission notice +# shall be included in all copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, +# INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +# IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, +# DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +# +version="3.2.1"; +NODE_MAJOR="20"; + +tput setaf 4; +echo ""; +echo "Misskey auto setup for Ubuntu"; +echo " v$version"; +echo ""; + +#region initial check +tput setaf 2; +echo "Check: Linux;" +if [ "$(command -v uname)" ]; then + if [ "$(uname -s)" == "Linux" ]; then + tput setaf 7; + echo " OK."; + if ! [ -f "/etc/lsb-release" ]; then + echo " Warning: This script has been tested on Ubuntu and may not work on other distributions."; + fi + else + tput setaf 1; + echo " NG."; + exit 1; + fi +else + tput setaf 1; + echo " NG."; + exit 1; +fi + +tput setaf 2; +echo "Check: root user;"; +if [ "$(whoami)" != 'root' ]; then + tput setaf 1; + echo " NG. This script must be run as root."; + exit 1; +else + tput setaf 7; + echo " OK. I am root user."; +fi + +tput setaf 2; +echo "Check: arch;"; +case $(uname -m) in + x86_64) + tput setaf 7; + echo " x86_64 (amd64)"; + arch=amd64; + ;; + aarch64) + tput setaf 7; + echo " aarch64 (arm64)"; + arch=arm64; + ;; + *) + tput setaf 1; + echo " NG. $(uname -m) is unsupported architecture."; + exit 1; + ;; +esac +#endregion + +#region user input +#region method +tput setaf 3; +echo ""; +echo "Install Method"; +tput setaf 7; +echo "Do you use systemd to run Misskey?:"; +echo "Y = To use systemd / n = To use docker" +read -r -p "[Y/n] > " yn +case "$yn" in + [Nn]|[Nn][Oo]) + echo "Use Docker."; + method=docker; + + echo "Determine the local IP of this computer as docker host."; + echo "The IPs that are supposed to be available are as follows (the result of hostname -I)"; + echo " $(hostname -I)" + read -r -p "> " -e -i "$(hostname -I | cut -f1 -d' ')" docker_host_ip; + + echo "The host name of docker host to bind with 'docker run --add-host='."; + read -r -p "> " -e -i "docker_host" misskey_localhost; + ;; + *) + echo "Use Systemd."; + method=systemd; + misskey_localhost=localhost + ;; +esac +#endregion + +if [ $method == "docker" ]; then + echo "Do you use image from Docker Hub?:"; + echo "Y = To use Docker Hub image / N = To build Docker image in this machine" + read -r -p "[Y/n] > " yn + case "$yn" in + [Nn]|[Nn][Oo]) + echo "Build docker image (local/misskey:latest)."; + method=docker; + docker_repository="local/misskey:latest" + ;; + *) + echo "Use Docker Hub image."; + method=docker_hub; + echo "Enter repository:tag of Docker Hub image:" + read -r -p "> " -e -i "misskey/misskey:latest" docker_repository; + ;; + esac +fi + +tput setaf 3; +echo "Misskey setting"; +tput setaf 7; +misskey_directory=misskey + +if [ $method != "docker_hub" ]; then + echo "Repository url where you want to install:" + read -r -p "> " -e -i "https://github.com/misskey-dev/misskey.git" repository; + echo "The name of a new directory to clone:" + read -r -p "> " -e -i "misskey" misskey_directory; + echo "Branch or Tag" + read -r -p "> " -e -i "master" branch; +fi + +tput setaf 3; +echo ""; +echo "Enter the name of user with which you want to execute Misskey:"; +tput setaf 7; +read -r -p "> " -e -i "misskey" misskey_user; + +tput setaf 3; +echo ""; +echo "Enter host where you want to install Misskey:"; +tput setaf 7; +read -r -p "> " -e -i "example.com" host; +tput setaf 7; +hostarr=(${host//./ }); +echo "OK, let's install $host!"; + +#region nginx +tput setaf 3; +echo ""; +echo "Nginx setting"; +tput setaf 7; +echo "Do you want to setup nginx?:"; +read -r -p "[Y/n] > " yn +case "$yn" in + [Nn]|[Nn][Oo]) + echo "Nginx and Let's encrypt certificate will not be installed."; + echo "You should open ports manually."; + nginx_local=false; + cloudflare=false; + certbot=false; + + echo "Misskey port: "; + read -r -p "> " -e -i "3000" misskey_port; + ;; + *) + echo "Nginx will be installed on this computer."; + echo "Port 80 and 443 will be opened by modifying iptables."; + nginx_local=true; + + tput setaf 3; + echo ""; + tput setaf 7; + echo "Do you want it to open ports, to setup ufw or iptables?:"; + echo "u = To setup ufw / i = To setup iptables / N = Not to open ports"; + + read -r -p "[u/i/N] > " yn2 + case "$yn2" in + [Uu]) + echo "OK, it will use ufw."; + ufw=true + iptables=false + echo "SSH port: "; + read -r -p "> " -e -i "22" ssh_port; + ;; + [Ii]) + echo "OK, it will use iptables."; + ufw=false + iptables=true + echo "SSH port: "; + read -r -p "> " -e -i "22" ssh_port; + ;; + *) + echo "OK, you should open ports manually."; + ufw=false + iptables=false + ;; + esac + + #region certbot + tput setaf 3; + echo ""; + echo "Certbot setting"; + tput setaf 7; + echo "Do you want it to setup certbot to connect with https?:"; + + read -r -p "[Y/n] > " yn2 + case "$yn2" in + [Nn]|[Nn][Oo]) + certbot=false + echo "OK, you don't setup certbot."; + ;; + *) + certbot=true + echo "OK, you want to setup certbot."; + #endregion + ;; + esac + + #region cloudflare + tput setaf 3; + echo ""; + echo "Cloudflare setting"; + tput setaf 7; + echo "Do you use Cloudflare?:"; + + read -r -p "[Y/n] > " yn2 + case "$yn2" in + [Nn]|[Nn][Oo]) + echo "OK, you don't use Cloudflare."; + echo "Let's encrypt certificate will be installed using the method without Cloudflare."; + echo ""; + echo "Make sure that your DNS is configured to this machine."; + cloudflare=false + + if $certbot; then + echo ""; + echo "Enter Email address to register Let's Encrypt certificate"; + read -r -p "> " cf_mail; + fi + ;; + *) + cloudflare=true + echo "OK, you want to use Cloudflare. Let's set up Cloudflare."; + echo ""; + echo "Make sure that Cloudflare DNS is configured and is in proxy mode."; + echo ""; + echo "Enter Email address you registered to Cloudflare:"; + read -r -p "> " cf_mail; + echo "Open https://dash.cloudflare.com/profile/api-tokens to get Global API Key and enter here it."; + echo "Cloudflare API Key: "; + read -r -p "> " cf_key; + + mkdir -p /etc/cloudflare; + cat > /etc/cloudflare/cloudflare.ini <<-_EOF + dns_cloudflare_email = $cf_mail + dns_cloudflare_api_key = $cf_key + _EOF + + chmod 600 /etc/cloudflare/cloudflare.ini; + #endregion + ;; + esac + + echo "Tell me which port Misskey will watch: "; + echo "Misskey port: "; + read -r -p "> " -e -i "3000" misskey_port; + ;; +esac +#endregion + +#region postgres +tput setaf 3; +echo ""; +echo "Database (PostgreSQL) setting"; +tput setaf 7; +echo "Do you want to install postgres locally?:"; +echo "(If you have run this script before in this computer, choose n and enter values you have set.)" +read -r -p "[Y/n] > " yn +case "$yn" in + [Nn]|[Nn][Oo]) + echo "You should prepare postgres manually until database is created."; + db_local=false; + + echo "Database host: "; + read -r -p "> " -e -i "$misskey_localhost" db_host; + echo "Database port:"; + read -r -p "> " -e -i "5432" db_port; + ;; + *) + echo "PostgreSQL will be installed on this computer at $misskey_localhost:5432."; + db_local=true; + + db_host=$misskey_localhost; + db_port=5432; + ;; +esac + +echo "Database user name: "; +read -r -p "> " -e -i "misskey" db_user; +echo "Database user password: "; +read -r -p "> " db_pass; +echo "Database name:"; +read -r -p "> " -e -i "mk1" db_name; +#endregion + +#region redis +tput setaf 3; +echo ""; +echo "Redis setting"; +tput setaf 7; +echo "Do you want to install redis locally?:"; +echo "(If you have run this script before in this computer, choose n and enter values you have set.)" +read -r -p "[Y/n] > " yn +case "$yn" in + [Nn]|[Nn][Oo]) + echo "You should prepare Redis manually."; + redis_local=false; + + echo "Redis host:"; + read -r -p "> " -e -i "$misskey_localhost" redis_host; + echo "Redis port:"; + read -r -p "> " -e -i "6379" redis_port; + ;; + *) + echo "Redis will be installed on this computer at $misskey_localhost:6379."; + redis_local=true; + + redis_host=$misskey_localhost; + redis_port=6379; + ;; +esac + +echo "Redis password:"; +read -r -p "> " redis_pass; +#endregion + +tput setaf 7; +echo ""; +echo "OK. It will automatically install what you need. This will take some time."; +echo ""; +#endregion + +set -eu; + +tput setaf 2; +echo "Check: Memory;" +mem_all=$(free -t --si -g | tail -n 1); +mem_allarr=(${mem_all//\\t/ }); +if [ "${mem_allarr[1]}" -ge 3 ]; then + tput setaf 7; + echo " OK. This computer has ${mem_allarr[1]}GB RAM."; +else + tput setaf 1; + echo " NG. This computer doesn't have enough RAM (>= 2GB, Current ${mem_allarr[1]}GB)."; + tput setaf 7; + mem_swap=$(free | tail -n 1); + mem_swaparr=(${mem_swap//\\t/ }); + if [ "${mem_swaparr[1]}" -eq 0 ]; then + if [ "${mem_allarr[1]}" -ge 2 ]; then + echo " Swap will be made (1M x 1024)."; + dd if=/dev/zero of=/swap bs=1M count=1024; + else + echo " Swap will be made (1M x 2048)."; + dd if=/dev/zero of=/swap bs=1M count=2048; + fi + mkswap /swap; + swapon /swap; + echo "/swap none swap sw 0" >> /etc/fstab; + free -t; + else + echo " Add more swaps!"; + exit 1; + fi +fi + +tput setaf 3; +echo "Process: mkdir -p /usr/share/keyrings;"; +tput setaf 7; +sudo mkdir -p /usr/share/keyrings; + +tput setaf 3; +echo "Process: add misskey user ($misskey_user);"; +tput setaf 7; +if cut -d: -f1 /etc/passwd | grep -q -x "$misskey_user"; then + echo "$misskey_user exists already. No user will be created."; +else + useradd -m -U -s /bin/bash "$misskey_user"; +fi +echo "misskey_user=\"$misskey_user\"" > /root/.misskey.env +echo "version=\"$version\"" >> /root/.misskey.env +m_uid=$(id -u "$misskey_user") + +tput setaf 3; +echo "Process: apt install #1;"; +tput setaf 7; +apt -qq update -y; +apt -qq install -y curl nano jq gnupg2 apt-transport-https ca-certificates lsb-release software-properties-common uidmap$($nginx_local && echo " certbot")$($nginx_local && ($ufw && echo " ufw" || $iptables && echo " iptables-persistent"))$($cloudflare && echo " python3-certbot-dns-cloudflare")$([ $method != "docker_hub" ] && echo " git")$([ $method == "systemd" ] && echo " ffmpeg build-essential"); + +if [ $method != "docker_hub" ]; then +#region work with misskey user +su "$misskey_user" << MKEOF +set -eu; +cd ~; +tput setaf 3; +echo "Process: git clone;"; +tput setaf 7; +if [ -e "./$misskey_directory" ]; then + if [ -f "./$misskey_directory" ]; then + rm "./$misskey_directory"; + else + rm -rf "./$misskey_directory"; + fi +fi +git clone -b "$branch" --depth 1 --recursive "$repository" "$misskey_directory"; +MKEOF +#endregion +else +#region work with misskey user +su "$misskey_user" << MKEOF +set -eu; +cd ~; +if [ -e "./$misskey_directory" ]; then + if [ -f "./$misskey_directory" ]; then + rm "./$misskey_directory"; + fi +else + mkdir "./$misskey_directory" +fi +if [ -e "./$misskey_directory/.config" ]; then + if [ -f "./$misskey_directory/.config" ]; then + rm "./$misskey_directory/.config"; + fi +else + mkdir "./$misskey_directory/.config" +fi +MKEOF +#endregion +fi + +tput setaf 3; +echo "Process: write default.yml;"; +tput setaf 7; +#region work with misskey user +su "$misskey_user" << MKEOF +set -eu; +cd ~; + +tput setaf 3; +echo "Process: create default.yml;" +tput setaf 7; + +cat > "$misskey_directory/.config/default.yml" << _EOF +url: https://$host +port: $misskey_port + +# PostgreSQL +db: + host: '$db_host' + port: $db_port + db : '$db_name' + user: '$db_user' + pass: '$db_pass' + +# Redis +redis: + host: '$redis_host' + port: $redis_port + pass: '$redis_pass' + +# ID type +id: 'aid' + +# Proxy remote files (default: true) +# Proxy remote files by this instance or mediaProxy to prevent remote files from running in remote domains. +proxyRemoteFiles: true + +# Sign to ActivityPub GET request (default: true) +signToActivityPubGet: true + +proxyBypassHosts: + - api.deepl.com + - api-free.deepl.com + - www.recaptcha.net + - hcaptcha.com + - challenges.cloudflare.com + - summaly.arkjp.net +_EOF +MKEOF +#endregion + +if $nginx_local; then + if $ufw; then + tput setaf 3; + echo "Process: port open by ufw;" + tput setaf 7; + + ufw limit $ssh_port/tcp; + ufw default deny; + ufw allow 80; + ufw allow 443; + ufw --force enable; + ufw status; + elif $iptables; then + tput setaf 3; + echo "Process: port open by iptables;" + tput setaf 7; + + grep -q -x -e "-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT" /etc/iptables/rules.v4 || iptables -I INPUT -p tcp --dport 80 -j ACCEPT; + grep -q -x -e "-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT" /etc/iptables/rules.v4 || iptables -I INPUT -p tcp --dport 443 -j ACCEPT; + grep -q -x -e "-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT" /etc/iptables/rules.v6 || ip6tables -I INPUT -p tcp --dport 80 -j ACCEPT; + grep -q -x -e "-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT" /etc/iptables/rules.v6 || ip6tables -I INPUT -p tcp --dport 443 -j ACCEPT; + + netfilter-persistent save; + netfilter-persistent reload; + fi + + tput setaf 3; + echo "Process: prepare nginx;" + tput setaf 7; + curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor | sudo tee /usr/share/keyrings/nginx-archive-keyring.gpg > /dev/null; + tput setaf 2; + echo "Check: nginx gpg key;"; + tput setaf 7; + if gpg --dry-run --quiet --no-keyring --import --import-options import-show /usr/share/keyrings/nginx-archive-keyring.gpg | grep -q 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; then + echo " OK."; + else + tput setaf 1; + echo " NG."; + exit 1; + fi + echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] http://nginx.org/packages/ubuntu $(lsb_release -cs) nginx" | sudo tee /etc/apt/sources.list.d/nginx.list; + echo -e "Package: *\nPin: origin nginx.org\nPin: release o=nginx\nPin-Priority: 900\n" | sudo tee /etc/apt/preferences.d/99nginx; +fi + +if [ $method == "systemd" ]; then + tput setaf 3; + echo "Process: prepare node.js;" + tput setaf 7; + curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | sudo gpg --dearmor -o /usr/share/keyrings/nodesource.gpg; + echo "deb [signed-by=/usr/share/keyrings/nodesource.gpg] https://deb.nodesource.com/node_$NODE_MAJOR.x nodistro main" | sudo tee /etc/apt/sources.list.d/nodesource.list; + +else + tput setaf 3; + echo "Process: prepare docker;" + tput setaf 7; + if ! [ -e /usr/share/keyrings/docker-archive-keyring.gpg ]; then + curl -sL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg + fi + echo "deb [arch=$arch signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null +fi + +if $redis_local; then + tput setaf 3; + echo "Process: prepare redis;" + tput setaf 7; + curl -fsSL https://packages.redis.io/gpg | sudo gpg --dearmor -o /usr/share/keyrings/redis-archive-keyring.gpg; + echo "deb [signed-by=/usr/share/keyrings/redis-archive-keyring.gpg] https://packages.redis.io/deb $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/redis.list; +fi + +tput setaf 3; +echo "Process: apt install #2;" +tput setaf 7; +apt -qq update -y; +apt -qq install -y$([ $method == "systemd" ] && echo " nodejs libjemalloc-dev" || echo " docker-ce docker-ce-cli containerd.io")$($redis_local && echo " redis")$($nginx_local && echo " nginx"); + +if [ $method == "systemd" ]; then + tput setaf 3; + echo "Process: corepack enable;" + tput setaf 7; + corepack enable; +fi + +echo "Display: Versions;" +if [ $method == "systemd" ]; then + echo "node"; + node -v; + echo "corepack"; + corepack -v; +else + echo "docker"; + docker --version; +fi +if $redis_local; then + echo "redis"; + redis-server --version; +fi +if $nginx_local; then + echo "nginx"; + nginx -v; +fi + +if $redis_local; then + tput setaf 3; + echo "Process: daemon activate: redis;" + tput setaf 7; + systemctl start redis-server; + systemctl enable redis-server; +fi +#region nginx_setup +if $nginx_local; then +tput setaf 3; +echo "Process: create nginx config;" +tput setaf 7; + +cat > "/etc/nginx/conf.d/$host.conf" << NGEOF +# nginx configuration for Misskey +# Created by joinmisskey/bash-install v$version + +# For WebSocket +map \$http_upgrade \$connection_upgrade { + default upgrade; + '' close; +} + +proxy_cache_path /tmp/nginx_cache levels=1:2 keys_zone=cache1:16m max_size=1g inactive=720m use_temp_path=off; + +server { + listen 80; + listen [::]:80; + server_name $host; + + # For SSL domain validation + root /var/www/html; + location /.well-known/acme-challenge/ { allow all; } + location /.well-known/pki-validation/ { allow all; } + +NGEOF + +#region certbot_setup +if $certbot; then +tput setaf 3; +echo "Process: add nginx config (certbot-1);" +tput setaf 7; +cat >> "/etc/nginx/conf.d/$host.conf" << NGEOF + # with https + location / { return 301 https://\$server_name\$request_uri; } +} +NGEOF + +tput setaf 3; +echo "Process: prepare certificate;" +tput setaf 7; +nginx -t; +systemctl restart nginx; +if $cloudflare; then + certbot certonly -t -n --agree-tos --dns-cloudflare --dns-cloudflare-credentials /etc/cloudflare/cloudflare.ini --dns-cloudflare-propagation-seconds 60 --server https://acme-v02.api.letsencrypt.org/directory $([ ${#hostarr[*]} -eq 2 ] && echo " -d $host -d *.$host" || echo " -d $host") -m "$cf_mail"; +else + mkdir -p /var/www/html; + certbot certonly -t -n --agree-tos --webroot --webroot-path /var/www/html $([ ${#hostarr[*]} -eq 2 ] && echo " -d $host" || echo " -d $host") -m "$cf_mail"; +fi + +tput setaf 3; +echo "Process: add nginx config (certbot-2);" +tput setaf 7; +cat >> "/etc/nginx/conf.d/$host.conf" << NGEOF +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name $host; + + ssl_session_timeout 1d; + ssl_session_cache shared:ssl_session_cache:10m; + ssl_session_tickets off; + + # To use Let's Encrypt certificate + ssl_certificate /etc/letsencrypt/live/$host/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/$host/privkey.pem; + + # SSL protocol settings + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; + ssl_prefer_server_ciphers off; + ssl_stapling on; + ssl_stapling_verify on; +NGEOF +fi +#endregion + +tput setaf 3; +echo "Process: add nginx config;" +tput setaf 7; +cat >> "/etc/nginx/conf.d/$host.conf" << NGEOF + # Change to your upload limit + client_max_body_size 80m; + + # Proxy to Node + location / { + proxy_pass http://127.0.0.1:$misskey_port; + proxy_set_header Host \$host; + proxy_http_version 1.1; + proxy_redirect off; + +$($cloudflare || echo " # If it's behind another reverse proxy or CDN, remove the following.") +$($cloudflare || echo " proxy_set_header X-Real-IP \$remote_addr;") +$($cloudflare || echo " proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;") +$($cloudflare || echo " proxy_set_header X-Forwarded-Proto https;") + + # For WebSocket + proxy_set_header Upgrade \$http_upgrade; + proxy_set_header Connection \$connection_upgrade; + + # Cache settings + proxy_cache cache1; + proxy_cache_lock on; + proxy_cache_use_stale updating; + proxy_force_ranges on; + add_header X-Cache \$upstream_cache_status; + } +} +NGEOF + +nginx -t; + +tput setaf 3; +echo "Process: daemon activate: nginx;" +tput setaf 7; + +systemctl restart nginx; +systemctl enable nginx; + +tput setaf 2; +echo "Check: localhost returns nginx;"; +tput setaf 7; +if curl http://localhost | grep -q nginx; then + echo " OK."; +else + tput setaf 1; + echo " NG."; + exit 1; +fi + +fi +#endregion + +if $db_local; then + tput setaf 3; + echo "Process: install postgres;" + tput setaf 7; + apt -qq install -y postgresql-common; + sh /usr/share/postgresql-common/pgdg/apt.postgresql.org.sh -i -v 15; + + tput setaf 3; + echo "Process: create user and database on postgres;" + tput setaf 7; + sudo -iu postgres psql -c "CREATE ROLE $db_user LOGIN PASSWORD '$db_pass';" -c "CREATE DATABASE $db_name OWNER $db_user;" +fi + +#region docker setting +if [ $method != "systemd" ]; then + #region enable rootless docker + tput setaf 3; + echo "Process: use rootless docker;" + tput setaf 7; + + systemctl disable --now docker.service docker.socket + loginctl enable-linger "$misskey_user" + sleep 5 + su "$misskey_user" <<-MKEOF + set -eu; + cd ~; + export XDG_RUNTIME_DIR=/run/user/$m_uid; + export DOCKER_HOST=unix:///run/user/$m_uid/docker.sock; + systemctl --user --no-pager + + dockerd-rootless-setuptool.sh install + + tput setaf 2; + echo "Check: docker setup;"; + tput setaf 7; + docker ps; + MKEOF + #endregion + + #region modify postgres confs + if $db_local; then + tput setaf 3; + echo "Process: modify postgres confs;" + tput setaf 7; + pg_hba=$(sudo -iu postgres psql -t -P format=unaligned -c 'show hba_file') + pg_conf=$(sudo -iu postgres psql -t -P format=unaligned -c 'show config_file') + [[ $(ip addr | grep "$docker_host_ip") =~ /([0-9]+) ]] && subnet=${BASH_REMATCH[1]}; + + hba_text="host $db_name $db_user $docker_host_ip/$subnet md5" + if ! grep "$hba_text" "$pg_hba"; then + echo "$hba_text" >> "$pg_hba"; + fi + + pgconf_search="#listen_addresses = 'localhost'" + pgconf_text="listen_addresses = '$docker_host_ip'" + if grep "$pgconf_search" "$pg_conf"; then + sed -i'.mkmoded' -e "s/$pgconf_search/$pgconf_text/g" "$pg_conf"; + elif grep "$pgconf_text" "$pg_conf"; then + echo " skip" + else + echo "Please edit postgresql.conf to set [listen_addresses = '$docker_host_ip'] by your hand." + read -r -p "Enter the editor command and press Enter key > " -e -i "nano" editorcmd + $editorcmd "$pg_conf"; + fi + + systemctl restart postgresql; + fi + #endregion +fi +#endregion + +#region modify redis conf +if $redis_local; then + tput setaf 3; + echo "Process: modify redis confs;" + tput setaf 7; + if [ -f /etc/redis/redis.conf ]; then + echo "requirepass $redis_pass" > /etc/redis/misskey.conf + [ $method != "systemd" ] && echo "bind $docker_host_ip" >> /etc/redis/misskey.conf + + if ! grep "include /etc/redis/misskey.conf" /etc/redis/redis.conf; then + echo "include /etc/redis/misskey.conf" >> /etc/redis/redis.conf; + else + echo " skip" + fi + else + echo "Couldn't find /etc/redis/redis.conf." + echo "Please modify redis config in another shell like following." + echo "" + echo "requirepass $redis_pass" + [ $method != "systemd" ] && echo "bind $docker_host_ip" + echo "" + read -r -p "Press Enter key to continue> " + fi + systemctl restart redis-server; +fi +#endregion + +if [ $method == "systemd" ]; then +#region systemd +#region work with misskey user +su "$misskey_user" << MKEOF; +set -eu; +cd ~ +cd "$misskey_directory"; + +tput setaf 3; +echo "Process: install npm packages;" +tput setaf 7; +NODE_ENV=production pnpm install --frozen-lockfile; + +tput setaf 3; +echo "Process: build misskey;" +tput setaf 7; +NODE_OPTIONS=--max_old_space_size=3072 NODE_ENV=production pnpm run build; + +tput setaf 3; +echo "Process: initialize database;" +tput setaf 7; +NODE_OPTIONS=--max_old_space_size=3072 pnpm run init; + +tput setaf 3; +echo "Check: If Misskey starts correctly;" +tput setaf 7; +if NODE_ENV=production timeout 40 npm start 2> /dev/null | grep -q "Now listening on port"; then + echo " OK."; +else + tput setaf 1; + echo " NG."; +fi +MKEOF +#endregion + +tput setaf 3; +echo "Process: create misskey daemon;" +tput setaf 7; +cat > "/etc/systemd/system/$host.service" << _EOF +[Unit] +Description=Misskey daemon + +[Service] +Type=simple +User=$misskey_user +ExecStart=$(command -v npm) start +WorkingDirectory=/home/$misskey_user/$misskey_directory +Environment="NODE_ENV=production" +Environment="LD_PRELOAD=/usr/lib/$(uname -m)-linux-gnu/libjemalloc.so.2" +TimeoutSec=60 +StandardOutput=journal +StandardError=journal +SyslogIdentifier="$host" +Restart=always + +[Install] +WantedBy=multi-user.target +_EOF + +systemctl daemon-reload; +systemctl enable "$host"; +systemctl start "$host"; +systemctl status "$host" --no-pager; + +#endregion +elif [ $method == "docker" ]; then +#region docker build +tput setaf 3; +echo "Process: build docker image;" +tput setaf 7; + +sudo -iu "$misskey_user" XDG_RUNTIME_DIR=/run/user/$m_uid DOCKER_HOST=unix:///run/user/$m_uid/docker.sock docker build -t $docker_repository "/home/$misskey_user/$misskey_directory"; +#endregion +fi + +echo ""; + +if [ $method != "systemd" ]; then +tput setaf 2; +tput bold; +echo "ALL MISSKEY INSTALLATION PROCESSES ARE COMPLETE!"; +echo "Now all we need to do is run docker run." +tput setaf 7; +echo "Watch the screen." +echo "When it shows \"Now listening on port $misskey_port on https://$host\"," +echo "press Ctrl+C to exit logs and jump to https://$host/ and continue setting up your instance."; +echo "" +echo "This script version is v$version."; +echo "Please follow @joinmisskey@misskey.io to address bugs and updates."; +echo "" +read -r -p "Press Enter key to execute docker run> "; +echo "" +tput setaf 3; +echo "Process: docker run;" +tput setaf 7; +docker_container=$(sudo -iu "$misskey_user" XDG_RUNTIME_DIR=/run/user/$m_uid DOCKER_HOST=unix:///run/user/$m_uid/docker.sock docker run -d -p $misskey_port:$misskey_port --add-host=$misskey_localhost:$docker_host_ip -v "/home/$misskey_user/$misskey_directory/files":/misskey/files -v "/home/$misskey_user/$misskey_directory/.config/default.yml":/misskey/.config/default.yml:ro --restart unless-stopped -t "$docker_repository"); +echo "$docker_container"; +su "$misskey_user" << MKEOF +set -eu; +cd ~; + +tput setaf 3; +echo "Process: create .misskey-docker.env;" +tput setaf 7; + +cat > ".misskey-docker.env" << _EOF +method="$method" +host="$host" +misskey_port=$misskey_port +misskey_directory="$misskey_directory" +misskey_localhost="$misskey_localhost" +docker_host_ip=$docker_host_ip +docker_repository="$docker_repository" +docker_container="$docker_container" +version="$version" +_EOF +MKEOF + +sudo -iu "$misskey_user" XDG_RUNTIME_DIR=/run/user/$m_uid DOCKER_HOST=unix:///run/user/$m_uid/docker.sock docker logs -f $docker_container; + +else + +su "$misskey_user" << MKEOF +set -eu; +cd ~; + +tput setaf 3; +echo "Process: create .misskey.env;" +tput setaf 7; + +cat > ".misskey.env" << _EOF +host="$host" +misskey_port=$misskey_port +misskey_directory="$misskey_directory" +misskey_localhost="$misskey_localhost" +version="$version" +_EOF +MKEOF + +tput setaf 2; +tput bold; +echo "ALL MISSKEY INSTALLATION PROCESSES ARE COMPLETE!"; +echo "Jump to https://$host/ and continue setting up your instance."; +tput setaf 7; +echo "This script version is v$version."; +echo "Please follow @joinmisskey@misskey.io to address bugs and updates."; +fi