diff --git a/README.md b/README.md index 096a41d..7738a2b 100644 --- a/README.md +++ b/README.md @@ -3,26 +3,64 @@ Your self-hosted, globally interconnected microblogging community -* **Category**: -* **Status**: -* **Image**: [`tootsuite/mastodon`](https://hub.docker.com/r/tootsuite/mastodon) -* **Healthcheck**: -* **Backups**: -* **Email**: -* **Tests**: -* **SSO**: + +- **Category**: +- **Status**: +- **Image**: [`tootsuite/mastodon`](https://hub.docker.com/r/tootsuite/mastodon) +- **Healthcheck**: +- **Backups**: +- **Email**: +- **Tests**: +- **SSO**: ## Basic usage 1. Set up Docker Swarm and [`abra`] -2. Deploy [`coop-cloud/traefik`] -3. `abra app new mastodon` -4. `abra app YOURAPPDOMAIN config` - be sure to change `DOMAIN` to something that resolves to - your Docker swarm box. Install the npm package webpush to create VAPID keys `npm install web-push -g && web-push generate-vapid-keys`. -5. `abra app YOURAPPDOMAIN deploy --no-domain-poll`. App will fail for now. -6. `abra app mastodon run streaming rake db:setup` -7. Open the configured domain in your browser to finish set-up. To make an admin account `abra app mastodon run web "bin/tootctl accounts create coolusername --email helo@autonomic.zone --confirmed --role admin"` +1. Deploy [`coop-cloud/traefik`] +1. `abra app new mastodon` +1. `abra app YOURAPPDOMAIN config` - be sure to change `DOMAIN` to something that resolves to + your Docker swarm box. +1. Follow the secrets setup documentation below. +1. `abra app YOURAPPDOMAIN deploy --no-domain-poll`. App will fail for now. +1. `abra app mastodon run streaming rake db:setup` +1. Open the configured domain in your browser to finish set-up. To make an admin account `abra app mastodon run web "bin/tootctl accounts create coolusername --email helo@autonomic.zone --confirmed --role admin"` [`abra`]: https://git.autonomic.zone/autonomic-cooperative/abra [`coop-cloud/traefik`]: https://git.autonomic.zone/coop-cloud/traefik + +## Secrets setup + +Because Mastodon expects secrets generated by specific tools, we don't support that in `abra` yet. However, you can run these commands yourself using the underlying Docker CLI. You can then load them in as secrets to the swarm using `abra` though and then they will be picked up on the deployment. + +First, generate the `SECRET_KEY_BASE` and `OTP_SECRET` and store them in your local shell environment, you'll need them for subsequent commands. + +``` +$ SECRET_KEY_BASE=$(docker run --rm tootsuite/mastodon:v3.4.0 bundle exec rake secret) +$ OTP_SECRET=$(docker run --rm tootsuite/mastodon:v3.4.0 bundle exec rake secret) +$ printf $SECRET_KEY_BASE | abra app YOURAPPDOMAIN secret insert secret_key_base v1 - +$ printf $OTP_SECRET | abra app YOURAPPDOMAIN secret insert otp_secret v1 - +``` + +Then you need to generate the `VAPID_{PUBLIC/PRIVATE}_KEY` values using the `SECRET_KEY_BASE`/`OTP_SECRET`: + +``` +$ docker run \ + -e SECRET_KEY_BASE=$SECRET_KEY_BASE \ + -e OTP_SECRET=$OTP_SECRET \ + --rm tootsuite/mastodon:v3.4.0 \ + bundle exec rake mastodon:webpush:generate_vapid_key +``` + +Once you see the values generated, you can load the `VAPID_PUBLIC_KEY` into your `.env` file and `VAPID_PRIVATE_KEY` into a secret. + +``` +$ printf YOURVAPIDPRIVATEKEY | abra app YOURDOMAIN secret insert vapid_private_key v1 - +``` + +And finally, to end your whirlwind secrets loading adventure, get the `DB_PASS` and `SMTP_PASSWORD` loaded. + +``` +$ abra app YOURAPPDOMAIN secret generate db_password v1 +$ printf YOURSMTPPASSWORD | abra app YOURDOMAIN secret insert smtp_password v1 - +```