Pleroma backend app

src/freedombone-app-gnusocial

@@ -363,7 +363,7 @@ function upgrade_gnusocial {
 
     gnusocial_hourly_script gnusocial $GNUSOCIAL_DOMAIN_NAME
     if [ -d $INSTALL_DIR/pleroma ]; then
-        upgrade_pleroma "$GNUSOCIAL_DOMAIN_NAME" "gnusocial" "$GNUSOCIAL_BACKGROUND_IMAGE_URL" "$GNUSOCIAL_TITLE"
+        upgrade_pleroma_frontend "$GNUSOCIAL_DOMAIN_NAME" "gnusocial" "$GNUSOCIAL_BACKGROUND_IMAGE_URL" "$GNUSOCIAL_TITLE"
     fi
     install_gnusocial_default_background "gnusocial" "$GNUSOCIAL_DOMAIN_NAME"
     chown -R www-data:www-data /var/www/${GNUSOCIAL_DOMAIN_NAME}/htdocs

src/freedombone-app-pleroma

@@ -0,0 +1,678 @@
+#!/bin/bash
+#
+# .---.                  .              .
+# |                      |              |
+# |--- .--. .-.  .-.  .-.|  .-. .--.--. |.-.  .-. .--.  .-.
+# |    |   (.-' (.-' (   | (   )|  |  | |   )(   )|  | (.-'
+# '    '     --'  --'  -' -  -' '  '   -' -'   -' '   -  --'
+#
+#                    Freedom in the Cloud
+#
+# Pleroma backend application
+#
+# License
+# =======
+#
+# Copyright (C) 2017 Bob Mottram <bob@freedombone.net>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+VARIANTS='full full-vim social'
+
+IN_DEFAULT_INSTALL=0
+SHOW_ON_ABOUT=1
+
+PLEROMA_DOMAIN_NAME=
+PLEROMA_CODE=
+PLEROMA_PORT=4000
+PLEROMA_ONION_PORT=8011
+PLEROMA_REPO="https://git.pleroma.social/pleroma/pleroma.git"
+PLEROMA_COMMIT='7252f6b054dfdfac1f9bac77c442c5a1ebd898af'
+PLEROMA_ADMIN_PASSWORD=
+
+PLEROMA_BACKGROUND_IMAGE_URL=
+
+PLEROMA_TITLE='Pleroma Server'
+
+# Number of months after which posts expire
+PLEROMA_EXPIRE_MONTHS=3
+
+pleroma_variables=(ONION_ONLY
+                   PLEROMA_DOMAIN_NAME
+                   PLEROMA_CODE
+                   PLEROMA_WELCOME_MESSAGE
+                   PLEROMA_BACKGROUND_IMAGE_URL
+                   DDNS_PROVIDER
+                   PLEROMA_TITLE
+                   PLEROMA_EXPIRE_MONTHS
+                   MY_EMAIL_ADDRESS
+                   MY_USERNAME)
+
+function logging_on_pleroma {
+    echo -n ''
+}
+
+function logging_off_pleroma {
+    echo -n ''
+}
+
+function remove_user_pleroma {
+    remove_username="$1"
+
+    ${PROJECT_NAME}-pass -u $remove_username --rmapp pleroma
+
+    function_check get_completion_param
+    PLEROMA_DOMAIN_NAME=$(get_completion_param "pleroma domain")
+    if [ -d /var/www/$PLEROMA_DOMAIN_NAME ]; then
+        cd /var/www/$PLEROMA_DOMAIN_NAME/htdocs
+        php scripts/deleteprofile.php -n $remove_username -y
+    fi
+}
+
+function add_user_pleroma {
+    new_username="$1"
+    new_user_password="$2"
+
+    ${PROJECT_NAME}-pass -u $new_username -a pleroma -p "$new_user_password"
+
+    PLEROMA_DOMAIN_NAME=$(get_completion_param "pleroma domain")
+    if [ -d /var/www/${PLEROMA_DOMAIN_NAME}/htdocs ]; then
+        cd /var/www/$PLEROMA_DOMAIN_NAME/htdocs
+        php scripts/registeruser.php -n $new_username -w "$new_user_password" -e "$new_username@$HOSTNAME"
+        ${PROJECT_NAME}-addemail -u $new_username -e "noreply@$PLEROMA_DOMAIN_NAME" -g pleroma --public no
+        echo '0'
+    else
+        echo '1'
+    fi
+}
+
+function install_interactive_pleroma {
+    if [ ! $ONION_ONLY ]; then
+        ONION_ONLY='no'
+    fi
+
+    if [[ $ONION_ONLY != "no" ]]; then
+        PLEROMA_DOMAIN_NAME='pleroma.local'
+    else
+        PLEROMA_DETAILS_COMPLETE=
+        while [ ! $PLEROMA_DETAILS_COMPLETE ]
+        do
+            data=$(tempfile 2>/dev/null)
+            trap "rm -f $data" 0 1 2 5 15
+            if [[ $DDNS_PROVIDER == "default@freedns.afraid.org" ]]; then
+                dialog --backtitle $"Freedombone Configuration" \
+                       --title $"Pleroma Configuration" \
+                       --form $"\nPlease enter your Pleroma details. The background image URL can be left blank.\n\nIMPORTANT: This should be a domain name which is supported by Let's Encrypt:" 16 65 4 \
+                       $"Domain:" 1 1 "$(grep 'PLEROMA_DOMAIN_NAME' temp.cfg | awk -F '=' '{print $2}')" 1 25 33 40 \
+                       $"Title:" 2 1 "$(grep '$PLEROMA_TITLE' temp.cfg | awk -F '=' '{print $2}')" 2 25 255 255 \
+                       $"Background image URL:" 3 1 "$(grep '$PLEROMA_BACKGROUND_IMAGE_URL' temp.cfg | awk -F '=' '{print $2}')" 3 25 255 255 \
+                       $"Code:" 4 1 "$(grep 'PLEROMA_CODE' temp.cfg | awk -F '=' '{print $2}')" 4 25 33 255 \
+                       2> $data
+            else
+                dialog --backtitle $"Freedombone Configuration" \
+                       --title $"Pleroma Configuration" \
+                       --form $"\nPlease enter your Pleroma details. The background image URL can be left blank.\n\nIMPORTANT: This should be a domain name which is supported by Let's Encrypt:" 16 65 4 \
+                       $"Domain:" 1 1 "$(grep 'PLEROMA_DOMAIN_NAME' temp.cfg | awk -F '=' '{print $2}')" 1 25 33 40 \
+                       $"Title:" 2 1 "$(grep '$PLEROMA_TITLE' temp.cfg | awk -F '=' '{print $2}')" 2 25 255 255 \
+                       $"Background image URL:" 3 1 "$(grep '$PLEROMA_BACKGROUND_IMAGE_URL' temp.cfg | awk -F '=' '{print $2}')" 3 25 255 255 \
+                       2> $data
+            fi
+            sel=$?
+            case $sel in
+                1) exit 1;;
+                255) exit 1;;
+            esac
+            PLEROMA_DOMAIN_NAME=$(cat $data | sed -n 1p)
+            title=$(cat $data | sed -n 2p)
+            if [ ${#title} -gt 1 ]; then
+                PLEROMA_TITLE=$welcome_msg
+            fi
+            img_url=$(cat $data | sed -n 3p)
+            if [ ${#img_url} -gt 1 ]; then
+                PLEROMA_BACKGROUND_IMAGE_URL=$img_url
+            fi
+            if [ $PLEROMA_DOMAIN_NAME ]; then
+                if [[ $PLEROMA_DOMAIN_NAME == "$HUBZILLA_DOMAIN_NAME" ]]; then
+                    PLEROMA_DOMAIN_NAME=""
+                fi
+                TEST_DOMAIN_NAME=$PLEROMA_DOMAIN_NAME
+                validate_domain_name
+                if [[ $TEST_DOMAIN_NAME != $PLEROMA_DOMAIN_NAME ]]; then
+                    PLEROMA_DOMAIN_NAME=
+                    dialog --title $"Domain name validation" --msgbox "$TEST_DOMAIN_NAME" 15 50
+                else
+                    if [[ $DDNS_PROVIDER == "default@freedns.afraid.org" ]]; then
+                        PLEROMA_CODE=$(cat $data | sed -n 4p)
+                        validate_freedns_code "$PLEROMA_CODE"
+                        if [ ! $VALID_CODE ]; then
+                            PLEROMA_DOMAIN_NAME=
+                        fi
+                    fi
+                fi
+            fi
+            if [ $PLEROMA_DOMAIN_NAME ]; then
+                PLEROMA_DETAILS_COMPLETE="yes"
+            fi
+        done
+
+        # remove any invalid characters
+        if [ ${#PLEROMA_TITLE} -gt 0 ]; then
+            new_title=$(echo "$PLEROMA_TITLE" | sed "s|'||g")
+            PLEROMA_TITLE="$new_title"
+        fi
+
+        # save the results in the config file
+        write_config_param "PLEROMA_CODE" "$PLEROMA_CODE"
+        write_config_param "PLEROMA_TITLE" "$PLEROMA_TITLE"
+        write_config_param "PLEROMA_BACKGROUND_IMAGE_URL" "$PLEROMA_BACKGROUND_IMAGE_URL"
+    fi
+    write_config_param "PLEROMA_DOMAIN_NAME" "$PLEROMA_DOMAIN_NAME"
+    APP_INSTALLED=1
+}
+
+function change_password_pleroma {
+    curr_username="$1"
+    new_user_password="$2"
+
+    #${PROJECT_NAME}-pass -u "$curr_username" -a pleroma -p "$new_user_password"
+}
+
+function pleroma_create_database {
+    if [ -f $IMAGE_PASSWORD_FILE ]; then
+        PLEROMA_ADMIN_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
+    else
+        if [ ! $PLEROMA_ADMIN_PASSWORD ]; then
+            PLEROMA_ADMIN_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
+        fi
+    fi
+    if [ ! $PLEROMA_ADMIN_PASSWORD ]; then
+        return
+    fi
+
+    add_postgresql_user pleroma "$PLEROMA_ADMIN_PASSWORD" encrypted
+    run_system_query_postgresql "GRANT ALL ON ALL tables IN SCHEMA public TO pleroma;"
+    run_system_query_postgresql "GRANT ALL ON ALL sequences IN SCHEMA public TO pleroma;"
+
+    cd /var/www/$PLEROMA_DOMAIN_NAME/htdocs
+    mix ecto.create
+    mix ecto.migrate
+}
+
+function reconfigure_pleroma {
+    echo -n ''
+}
+
+function pleroma_set_background_image {
+    PLEROMA_DOMAIN_NAME=$(get_completion_param "pleroma domain")
+
+    data=$(tempfile 2>/dev/null)
+    trap "rm -f $data" 0 1 2 5 15
+    dialog --title $"Pleroma" \
+           --backtitle $"Freedombone Control Panel" \
+           --inputbox $'Set a background image URL' 10 60 2>$data
+    sel=$?
+    case $sel in
+        0)
+            temp_background=$(<$data)
+            if [ ${#temp_background} -gt 0 ]; then
+                PLEROMA_BACKGROUND_IMAGE_URL="$temp_background"
+                write_config_param "PLEROMA_BACKGROUND_IMAGE_URL" "$PLEROMA_BACKGROUND_IMAGE_URL"
+                if [[ $(pleroma_set_background_image_from_url "$PLEROMA_DOMAIN_NAME" "$PLEROMA_BACKGROUND_IMAGE_URL" "$PLEROMA_TITLE" | tail -n 1) == "0" ]]; then
+                    dialog --title $"Set Pleroma login background" \
+                           --msgbox $"The background image has been set" 6 60
+                fi
+            fi
+           ;;
+    esac
+    rm $data
+}
+
+function pleroma_set_title {
+    data=$(tempfile 2>/dev/null)
+    trap "rm -f $data" 0 1 2 5 15
+    dialog --title $"Pleroma" \
+           --backtitle $"Freedombone Control Panel" \
+           --inputbox $'Set a title' 10 60 2>$data
+    sel=$?
+    case $sel in
+        0)
+            new_title=$(<$data)
+            if [ ${#new_title} -gt 0 ]; then
+                PLEROMA_TITLE="$new_title"
+                PLEROMA_DOMAIN_NAME=$(get_completion_param "pleroma domain")
+                write_config_param "PLEROMA_TITLE" "$PLEROMA_TITLE"
+                cd /var/www/$PLEROMA_DOMAIN_NAME/htdocs/static
+                sed -i "s|\"name\":.*|\"name\": \"${PLEROMA_TITLE}\",|g" config.json
+                dialog --title $"Set Pleroma title" \
+                       --msgbox $"The title has been set" 6 60
+            fi
+           ;;
+    esac
+    rm $data
+}
+
+function pleroma_set_expire_months {
+    PLEROMA_DOMAIN_NAME=$(get_completion_param "pleroma domain")
+    read_config_param "PLEROMA_EXPIRE_MONTHS"
+
+    data=$(tempfile 2>/dev/null)
+    trap "rm -f $data" 0 1 2 5 15
+    dialog --title $"Pleroma" \
+           --backtitle $"Freedombone Control Panel" \
+           --inputbox $'Set an expiry period for posts in months. Anything older will be deleted. Lower values help to keep the database size small and as fast as possible.' 12 60 "$PLEROMA_EXPIRE_MONTHS" 2>$data
+    sel=$?
+    case $sel in
+        0)
+            new_expiry_months=$(<$data)
+            if [ ${#new_expiry_months} -gt 0 ]; then
+                # should contain no spaces
+                if [[ "$new_expiry_months" == *" "* ]]; then
+                    return
+                fi
+                # should be a number
+                re='^[0-9]+$'
+                if ! [[ $new_expiry_months =~ $re ]] ; then
+                    return
+                fi
+                # set the new value
+                PLEROMA_EXPIRE_MONTHS=$new_expiry_months
+                write_config_param "PLEROMA_EXPIRE_MONTHS" "$PLEROMA_EXPIRE_MONTHS"
+
+                # TODO
+
+                dialog --title $"Set Pleroma post expiry period" \
+                       --msgbox $"Expiry period set to $PLEROMA_EXPIRE_MONTHS months" 6 60
+            fi
+           ;;
+    esac
+    rm $data
+}
+
+function configure_interactive_pleroma {
+    read_config_param PLEROMA_EXPIRE_MONTHS
+    while true
+    do
+        data=$(tempfile 2>/dev/null)
+        trap "rm -f $data" 0 1 2 5 15
+        dialog --backtitle $"Freedombone Control Panel" \
+               --title $"Pleroma" \
+               --radiolist $"Choose an operation:" 13 70 4 \
+               1 $"Set a background image" off \
+               2 $"Set the title" off \
+               3 $"Set post expiry period (currently $PLEROMA_EXPIRE_MONTHS months)" off \
+               4 $"Exit" on 2> $data
+        sel=$?
+        case $sel in
+            1) return;;
+            255) return;;
+        esac
+        case $(cat $data) in
+            1) pleroma_set_background_image;;
+            2) pleroma_set_title;;
+            3) pleroma_set_expire_months;;
+            4) break;;
+        esac
+        rm $data
+    done
+}
+
+function upgrade_pleroma {
+    echo -n ''
+}
+
+
+function backup_local_pleroma {
+    PLEROMA_DOMAIN_NAME='pleroma'
+    if grep -q "pleroma domain" $COMPLETION_FILE; then
+        PLEROMA_DOMAIN_NAME=$(get_completion_param "pleroma domain")
+    fi
+
+    function_check suspend_site
+    suspend_site ${PLEROMA_DOMAIN_NAME}
+
+    source_directory=/var/www/${PLEROMA_DOMAIN_NAME}/htdocs
+    dest_directory=pleroma
+    backup_directory_to_usb $source_directory $dest_directory
+
+    USE_POSTGRESQL=1
+    function_check backup_database_to_usb
+    backup_database_to_usb pleroma
+
+    function_check restart_site
+    restart_site
+}
+
+function restore_local_pleroma {
+    if ! grep -q "pleroma domain" $COMPLETION_FILE; then
+        return
+    fi
+    PLEROMA_DOMAIN_NAME=$(get_completion_param "pleroma domain")
+    if [ $PLEROMA_DOMAIN_NAME ]; then
+        echo $"Restoring pleroma"
+        temp_restore_dir=/root/temppleroma
+        pleroma_dir=/var/www/${PLEROMA_DOMAIN_NAME}/htdocs
+
+        function_check pleroma_create_database
+        pleroma_create_database
+
+        USE_POSTGRESQL=1
+        restore_database pleroma
+        if [ -d $temp_restore_dir ]; then
+            rm -rf $temp_restore_dir
+        fi
+
+        function_check restore_directory_from_usb
+        restore_directory_from_usb $temp_restore_dir pleroma
+        if [ -d $temp_restore_dir ]; then
+            chown -R www-data:www-data $pleroma_dir/static
+            rm -rf $temp_restore_dir
+        fi
+
+        echo $"Restore of pleroma complete"
+    fi
+}
+
+function backup_remote_pleroma {
+    PLEROMA_DOMAIN_NAME='pleroma'
+    if grep -q "pleroma domain" $COMPLETION_FILE; then
+        PLEROMA_DOMAIN_NAME=$(get_completion_param "pleroma domain")
+    fi
+
+    function_check suspend_site
+    suspend_site ${PLEROMA_DOMAIN_NAME}
+
+    source_directory=/var/www/${PLEROMA_DOMAIN_NAME}/htdocs
+    dest_directory=pleroma
+    backup_directory_to_friend $source_directory $dest_directory
+
+    USE_POSTGRESQL=1
+    function_check backup_database_to_friend
+    backup_database_to_friend pleroma
+
+    function_check restart_site
+    restart_site
+}
+
+function restore_remote_pleroma {
+    if ! grep -q "pleroma domain" $COMPLETION_FILE; then
+        return
+    fi
+    PLEROMA_DOMAIN_NAME=$(get_completion_param "pleroma domain")
+    if [ $PLEROMA_DOMAIN_NAME ]; then
+        echo $"Restoring pleroma"
+        temp_restore_dir=/root/temppleroma
+        pleroma_dir=/var/www/${PLEROMA_DOMAIN_NAME}/htdocs
+
+        function_check pleroma_create_database
+        pleroma_create_database
+
+        USE_POSTGRESQL=1
+        function_check restore_database_from_friend
+        restore_database_from_friend pleroma
+        if [ -d $temp_restore_dir ]; then
+            rm -rf $temp_restore_dir
+        fi
+
+        function_check restore_directory_from_friend
+        restore_directory_from_friend $temp_restore_dir pleroma
+        if [ -d $temp_restore_dir ]; then
+            chown -R www-data:www-data $pleroma_dir/static
+            rm -rf $temp_restore_dir
+        fi
+
+        pleroma_update_after_restore pleroma ${PLEROMA_DOMAIN_NAME}
+
+        echo $"Restore of pleroma complete"
+    fi
+}
+
+function remove_pleroma {
+    if [ ${#PLEROMA_DOMAIN_NAME} -eq 0 ]; then
+        return
+    fi
+    systemctl stop pleroma
+    systemctl disable pleroma
+    rm /etc/systemd/system/pleroma.service
+
+    function_check remove_nodejs
+    remove_nodejs pleroma-backend
+
+    read_config_param "PLEROMA_DOMAIN_NAME"
+    read_config_param "MY_USERNAME"
+    echo "Removing $PLEROMA_DOMAIN_NAME"
+    nginx_dissite $PLEROMA_DOMAIN_NAME
+    remove_certs $PLEROMA_DOMAIN_NAME
+
+    if [ -d /var/www/$PLEROMA_DOMAIN_NAME ]; then
+        rm -rf /var/www/$PLEROMA_DOMAIN_NAME
+    fi
+    if [ -f /etc/nginx/sites-available/$PLEROMA_DOMAIN_NAME ]; then
+        rm /etc/nginx/sites-available/$PLEROMA_DOMAIN_NAME
+    fi
+    function_check drop_database_postgresql
+    drop_database_postgresql
+    function_check remove_onion_service
+    remove_onion_service pleroma ${PLEROMA_ONION_PORT}
+    remove_app pleroma
+    remove_completion_param install_pleroma
+    sed -i '/pleroma/d' $COMPLETION_FILE
+
+    function_check remove_ddns_domain
+    remove_ddns_domain $PLEROMA_DOMAIN_NAME
+}
+
+function install_elixir {
+    apt-get -yq install wget build-essential
+
+    if [ ! -d $INSTALL_DIR ]; then
+        mkdir -p $INSTALL_DIR
+    fi
+
+    cd $INSTALL_DIR
+    erlang_package=erlang-solutions_1.0_all.deb
+    wget https://packages.erlang-solutions.com/$erlang_package
+    if [ ! -f $INSTALL_DIR/$erlang_package ]; then
+        exit 72853
+    fi
+    dpkg -i $erlang_package
+    apt-get -yq update
+    apt-get -yq install esl-erlang
+    apt-get -yq install elixir
+
+    if [ ! -f /usr/bin/mix ]; then
+        echo $'/usr/bin/mix not found after elixir installation'
+        exit 629352
+    fi
+}
+
+function install_pleroma {
+    if [ ! $ONION_ONLY ]; then
+        ONION_ONLY='no'
+    fi
+
+    # We need elixir 1.4+ here, so the debian repo package won't do
+    install_elixir
+
+    function_check install_nodejs
+    install_nodejs pleroma-backend
+    install_postgresql
+
+    # get the repo
+    if [ ! -d /var/www/$PLEROMA_DOMAIN_NAME ]; then
+        mkdir /var/www/$PLEROMA_DOMAIN_NAME
+    fi
+    if [ ! -d /var/www/$PLEROMA_DOMAIN_NAME/htdocs ]; then
+
+        if [ -d /repos/pleroma ]; then
+            mkdir /var/www/$PLEROMA_DOMAIN_NAME/htdocs
+            cp -r -p /repos/pleroma/. /var/www/$PLEROMA_DOMAIN_NAME/htdocs
+            cd /var/www/$PLEROMA_DOMAIN_NAME/htdocs
+            git pull
+        else
+            function_check git_clone
+            git_clone $PLEROMA_REPO /var/www/$PLEROMA_DOMAIN_NAME/htdocs
+        fi
+
+        if [ ! -d /var/www/$PLEROMA_DOMAIN_NAME/htdocs ]; then
+            echo $'Unable to clone pleroma repo'
+            exit 783523
+        fi
+    fi
+
+    cd /var/www/$PLEROMA_DOMAIN_NAME/htdocs
+    git checkout $PLEROMA_COMMIT -b $PLEROMA_COMMIT
+    set_completion_param "pleroma commit" "$PLEROMA_COMMIT"
+    chown -R www-data:www-data /var/www/$PLEROMA_DOMAIN_NAME/htdocs
+
+
+    # web config
+    function_check add_ddns_domain
+    add_ddns_domain $PLEROMA_DOMAIN_NAME
+
+    PLEROMA_ONION_HOSTNAME=$(add_onion_service pleroma 80 ${PLEROMA_ONION_PORT})
+
+    pleroma_nginx_site=/etc/nginx/sites-available/$PLEROMA_DOMAIN_NAME
+    if [[ $ONION_ONLY == "no" ]]; then
+        function_check nginx_http_redirect
+        nginx_http_redirect $PLEROMA_DOMAIN_NAME "index index.html"
+        echo 'server {' >> $pleroma_nginx_site
+        echo '  listen 443 ssl;' >> $pleroma_nginx_site
+        echo '  listen [::]:443 ssl;' >> $pleroma_nginx_site
+        echo "  server_name $PLEROMA_DOMAIN_NAME;" >> $pleroma_nginx_site
+        echo '' >> $pleroma_nginx_site
+        function_check nginx_compress
+        nginx_compress $PLEROMA_DOMAIN_NAME
+        echo '' >> $pleroma_nginx_site
+        echo '  # Security' >> $pleroma_nginx_site
+        function_check nginx_ssl
+        nginx_ssl $PLEROMA_DOMAIN_NAME
+
+        function_check nginx_disable_sniffing
+        nginx_disable_sniffing $PLEROMA_DOMAIN_NAME
+
+        echo '  add_header Strict-Transport-Security max-age=15768000;' >> $pleroma_nginx_site
+        echo '' >> $pleroma_nginx_site
+        echo '  # Logs' >> $pleroma_nginx_site
+        echo '  access_log /dev/null;' >> $pleroma_nginx_site
+        echo '  error_log /dev/null;' >> $pleroma_nginx_site
+        echo '' >> $pleroma_nginx_site
+        echo "  root /var/www/$PLEROMA_DOMAIN_NAME/htdocs;" >> $pleroma_nginx_site
+        echo '' >> $pleroma_nginx_site
+        echo '  index index.html;' >> $pleroma_nginx_site
+        echo '  location / {' >> $pleroma_nginx_site
+        function_check nginx_limits
+        nginx_limits $PLEROMA_DOMAIN_NAME '15m'
+        echo "    proxy_pass http://localhost:$PLEROMA_PORT;" >> $pleroma_nginx_site
+        echo '  }' >> $pleroma_nginx_site
+        echo '  include snippets/well-known.conf;' >> $pleroma_nginx_site
+        echo '}' >> $pleroma_nginx_site
+    else
+        echo -n '' > $pleroma_nginx_site
+    fi
+    echo 'server {' >> $pleroma_nginx_site
+    echo "    listen 127.0.0.1:$PLEROMA_ONION_PORT default_server;" >> $pleroma_nginx_site
+    echo "    server_name $PLEROMA_ONION_HOSTNAME;" >> $pleroma_nginx_site
+    echo '' >> $pleroma_nginx_site
+    function_check nginx_compress
+    nginx_compress $PLEROMA_DOMAIN_NAME
+    echo '' >> $pleroma_nginx_site
+    function_check nginx_disable_sniffing
+    nginx_disable_sniffing $PLEROMA_DOMAIN_NAME
+    echo '' >> $pleroma_nginx_site
+    echo '  # Logs' >> $pleroma_nginx_site
+    echo '  access_log /dev/null;' >> $pleroma_nginx_site
+    echo '  error_log /dev/null;' >> $pleroma_nginx_site
+    echo '' >> $pleroma_nginx_site
+    echo '  # Root' >> $pleroma_nginx_site
+    echo "  root /var/www/$PLEROMA_DOMAIN_NAME/htdocs;" >> $pleroma_nginx_site
+    echo '' >> $pleroma_nginx_site
+    echo '  index index.html;' >> $pleroma_nginx_site
+    echo '  location / {' >> $pleroma_nginx_site
+    function_check nginx_limits
+    nginx_limits $PLEROMA_DOMAIN_NAME '15m'
+    echo "    proxy_pass http://localhost:$PLEROMA_PORT;" >> $pleroma_nginx_site
+    echo '  }' >> $pleroma_nginx_site
+    echo '  include snippets/well-known.conf;' >> $pleroma_nginx_site
+    echo '}' >> $pleroma_nginx_site
+
+    function_check create_site_certificate
+    create_site_certificate $PLEROMA_DOMAIN_NAME 'yes'
+
+    function_check nginx_ensite
+    nginx_ensite $PLEROMA_DOMAIN_NAME
+
+    systemctl restart postgresql
+    systemctl restart nginx
+
+    ${PROJECT_NAME}-pass -u $MY_USERNAME -a pleroma -p "$PLEROMA_ADMIN_PASSWORD"
+
+    set_completion_param "pleroma domain" "$PLEROMA_DOMAIN_NAME"
+
+
+    # back end
+    useradd -d /var/www/$PLEROMA_DOMAIN_NAME/htdocs/ -s /bin/false pleroma
+    adduser pleroma www-data
+
+    cd /var/www/$PLEROMA_DOMAIN_NAME/htdocs
+    mix deps.get
+
+    function_check pleroma_create_database
+    pleroma_create_database
+
+    pleroma_secret=config/dev.secret.exs
+    cp config/dev.exs $pleroma_secret
+    sed -i "s|username:.*|username: \"pleroma\",|g" $pleroma_secret
+    sed -i "s|password:.*|password: \"$PLEROMA_ADMIN_PASSWORD\",|g" $pleroma_secret
+    sed -i "s|database:.*|database: \"pleroma\",|g" $pleroma_secret
+    sed -i "/config :pleroma, Pleroma.Web.Endpoint/a url: [host: \"$PLEROMA_DOMAIN_NAME\", scheme: \"https\", port: 443]," $pleroma_secret
+
+    pleroma_config=/var/www/$PLEROMA_DOMAIN_NAME/htdocs/config/config.exs
+    sed -i "s|name: .*|name: \"$PLEROMA_TITLE\",|g" $pleroma_config
+    sed -i "s|email: .*|email: \"$MY_EMAIL_ADDRESS\",|g" $pleroma_config
+
+    # front end
+    install_pleroma_front_end "pleroma" "$PLEROMA_DOMAIN_NAME" "$PLEROMA_BACKGROUND_IMAGE_URL" "$PLEROMA_TITLE"
+    install_gnusocial_default_background "gnusocial" "$PLEROMA_DOMAIN_NAME"
+    sed -i 's|"theme":.*|"theme": "base16-apathy.css",|g' /var/www/${PLEROMA_DOMAIN_NAME}/htdocs/static/config.json
+
+    if [ $PLEROMA_BACKGROUND_IMAGE_URL ]; then
+        pleroma_set_background_image_from_url "$PLEROMA_DOMAIN_NAME" "$PLEROMA_BACKGROUND_IMAGE_URL" "$PLEROMA_TITLE"
+    fi
+
+
+    # daemon
+    echo '[Unit]' > /etc/systemd/system/pleroma.service
+    echo 'Description=Pleroma social network' >> /etc/systemd/system/pleroma.service
+    echo 'After=network.target postgresql.service' >> /etc/systemd/system/pleroma.service
+    echo '' >> /etc/systemd/system/pleroma.service
+    echo '[Service]' >> /etc/systemd/system/pleroma.service
+    echo 'User=pleroma' >> /etc/systemd/system/pleroma.service
+    echo "WorkingDirectory=/var/www/$PLEROMA_DOMAIN_NAME/htdocs/pleroma"
+    echo "Environment=\"HOME=/var/www/$PLEROMA_DOMAIN_NAME/htdocs\"" >> /etc/systemd/system/pleroma.service
+    echo 'ExecStart=/usr/bin/mix phx.server' >> /etc/systemd/system/pleroma.service
+    echo 'ExecReload=/bin/kill $MAINPID' >> /etc/systemd/system/pleroma.service
+    echo 'KillMode=process' >> /etc/systemd/system/pleroma.service
+    echo 'Restart=on-failure' >> /etc/systemd/system/pleroma.service
+    echo '' >> /etc/systemd/system/pleroma.service
+    echo '[Install]' >> /etc/systemd/system/pleroma.service
+    echo 'WantedBy=multi-user.target' >> /etc/systemd/system/pleroma.service
+    echo 'Alias=pleroma.service' >> /etc/systemd/system/pleroma.service
+    systemctl daemon-reload
+    systemctl enable pleroma
+    systemctl start pleroma
+
+    APP_INSTALLED=1
+}
+
+# NOTE: deliberately there is no "exit 0"

src/freedombone-app-postactiv

@@ -378,7 +378,7 @@ function upgrade_postactiv {
     gnusocial_block_user_script
     gnusocial_block_domain_script postactiv "$POSTACTIV_DOMAIN_NAME"
 
-    upgrade_pleroma "$POSTACTIV_DOMAIN_NAME" "postactiv" "$POSTACTIV_BACKGROUND_IMAGE_URL" "$POSTACTIV_TITLE"
+    upgrade_pleroma_frontend "$POSTACTIV_DOMAIN_NAME" "postactiv" "$POSTACTIV_BACKGROUND_IMAGE_URL" "$POSTACTIV_TITLE"
     postactiv_customise_logo
     install_gnusocial_default_background "postactiv" "$POSTACTIV_DOMAIN_NAME"
     chown -R www-data:www-data /var/www/${POSTACTIV_DOMAIN_NAME}/htdocs

src/freedombone-image-customise

@@ -1574,9 +1574,10 @@ function image_preinstall_repos {
     git clone $ETHERPAD_REPO $rootdir/repos/etherpad
     git clone $FRIENDICA_REPO $rootdir/repos/friendica
     git clone $GNUSOCIAL_REPO $rootdir/repos/gnusocial
+    git clone $PLEROMA_REPO $rootdir/repos/pleroma
     git clone $GNUSOCIAL_MARKDOWN_REPO $rootdir/repos/gnusocial-markdown
     #git clone $QVITTER_THEME_REPO $rootdir/repos/qvitter
-    git clone $PLEROMA_REPO $rootdir/repos/pleroma
+    git clone $PLEROMA_FRONTEND_REPO $rootdir/repos/pleroma-fe
     #git clone $POSTACTIV_REPO $rootdir/repos/postactiv
     git clone $SHARINGS_REPO $rootdir/repos/sharings
     git clone $HTMLY_REPO $rootdir/repos/htmly

src/freedombone-utils-gnusocialtools

@@ -32,8 +32,8 @@
 QVITTER_THEME_REPO="https://github.com/bashrc/Qvitter"
 QVITTER_THEME_COMMIT='c6f09bda4e45be4290cf7409fa5efb4420538032'
 
-PLEROMA_REPO="https://gitgud.io/lambadalambda/pleroma-fe"
-PLEROMA_COMMIT='cbe652f2d94d81fa54a37378b7ff014c4391ca5e'
+PLEROMA_FRONTEND_REPO="https://gitgud.io/lambadalambda/pleroma-fe"
+PLEROMA_FRONTEND_COMMIT='cbe652f2d94d81fa54a37378b7ff014c4391ca5e'
 
 SHARINGS_REPO="http://github.com/bashrc/Sharings"
 SHARINGS_COMMIT='0d30fe7d153c7ab44e8459970b8f2b5dec06e43c'
@@ -284,14 +284,14 @@ function install_pleroma_front_end {
 
     if [ ! -d $INSTALL_DIR/pleroma ]; then
 
-        if [ -d /repos/pleroma ]; then
+        if [ -d /repos/pleroma-fe ]; then
             mkdir -p $INSTALL_DIR/pleroma
-            cp -r -p /repos/pleroma/. $INSTALL_DIR/pleroma
+            cp -r -p /repos/pleroma-fe/. $INSTALL_DIR/pleroma
             cd $INSTALL_DIR/pleroma
             git pull
         else
             function_check git_clone
-            git_clone $PLEROMA_REPO $INSTALL_DIR/pleroma
+            git_clone $PLEROMA_FRONTEND_REPO $INSTALL_DIR/pleroma
         fi
 
         if [ ! -d $INSTALL_DIR/pleroma ]; then
@@ -301,8 +301,8 @@ function install_pleroma_front_end {
     fi
 
     cd $INSTALL_DIR/pleroma
-    git checkout $PLEROMA_COMMIT -b $PLEROMA_COMMIT
-    set_completion_param "${app_name} pleroma commit" "$PLEROMA_COMMIT"
+    git checkout $PLEROMA_FRONTEND_COMMIT -b $PLEROMA_FRONTEND_COMMIT
+    set_completion_param "${app_name} pleroma commit" "$PLEROMA_FRONTEND_COMMIT"
 
     if [ -d $INSTALL_DIR/pleroma/node_modules ]; then
         rm -rf $INSTALL_DIR/pleroma/node_modules
@@ -348,14 +348,14 @@ function install_pleroma_front_end {
     chown -R www-data:www-data /var/www/${pleroma_domain}/htdocs
 }
 
-function upgrade_pleroma {
+function upgrade_pleroma_frontend {
     domain_name="$1"
     app_name="$2"
     background_url="$3"
     title="$4"
 
     if [ -d $INSTALL_DIR/pleroma ]; then
-        set_repo_commit $INSTALL_DIR/pleroma "${app_name} pleroma commit" "$PLEROMA_COMMIT" $PLEROMA_REPO
+        set_repo_commit $INSTALL_DIR/pleroma "${app_name} pleroma commit" "$PLEROMA_FRONTEND_COMMIT" $PLEROMA_FRONTEND_REPO
         cd $INSTALL_DIR/pleroma
         yarn
         npm run build

src/freedombone-utils-postgresql

@@ -87,7 +87,12 @@ function install_postgresql {
 function add_postgresql_user {
     postgresql_username=$1
     postgresql_password=$2
-    sudo -u postgres psql -c "create user $postgresql_username password 'postgresql_password'"
+    if [[ "$3" != 'encrypt'* ]]; then
+        sudo -u postgres psql -c "create user $postgresql_username password '$postgresql_password';"
+    else
+        sudo -u postgres psql -c "create user $postgresql_username;"
+        sudo -u postgres psql -c "ALTER user $postgresql_username with encrypted password '$postgresql_password';"
+    fi
 }
 
 function remove_postgresql_user {
@@ -95,11 +100,16 @@ function remove_postgresql_user {
     sudo -u postgres psql -c "drop user $postgresql_username"
 }
 
-function remove_database_postgresql {
+function drop_database_postgresql {
     database_name="$1"
     sudo -u postgres psql -c "drop database $database_name"
 }
 
+function run_system_query_postgresql {
+    query=$1
+    sudo -u postgres psql -c "$query"
+}
+
 function run_query_postgresql {
     database_name=$1
     database_query=$2