freedombone/src/freedombone-app-pleroma

#!/bin/bash
#  _____               _           _
# |   __|___ ___ ___ _| |___ _____| |_ ___ ___ ___
# |   __|  _| -_| -_| . | . |     | . | . |   | -_|
# |__|  |_| |___|___|___|___|_|_|_|___|___|_|_|___|
#
#                              Freedom in the Cloud
#
# Pleroma backend application
#
# License
# =======
#
# Copyright (C) 2017-2018 Bob Mottram <bob@freedombone.net>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.

VARIANTS='full full-vim social'

IN_DEFAULT_INSTALL=0
SHOW_ON_ABOUT=1

PLEROMA_DOMAIN_NAME=
PLEROMA_CODE=
PLEROMA_PORT=4000
PLEROMA_ONION_PORT=8011
PLEROMA_REPO="https://git.pleroma.social/pleroma/pleroma.git"
PLEROMA_COMMIT='e153b364a71de431787db236c57114f229162ddf'
PLEROMA_ADMIN_PASSWORD=
PLEROMA_DIR=/etc/pleroma
PLEROMA_SECRET_KEY=""
pleroma_secret=$PLEROMA_DIR/config/dev.secret.exs

PLEROMA_BACKGROUND_IMAGE_URL=

PLEROMA_TITLE='Pleroma Server'

# Number of months after which posts expire
PLEROMA_EXPIRE_MONTHS=3
pleroma_expire_posts_script=/usr/bin/pleroma-expire-posts
blocking_script_file=/usr/bin/pleroma-blocking

pleroma_variables=(ONION_ONLY
                   PLEROMA_DOMAIN_NAME
                   PLEROMA_CODE
                   PLEROMA_WELCOME_MESSAGE
                   PLEROMA_BACKGROUND_IMAGE_URL
                   DDNS_PROVIDER
                   PLEROMA_TITLE
                   PLEROMA_EXPIRE_MONTHS
                   MY_EMAIL_ADDRESS
                   MY_USERNAME)

function pleroma_enable_chat {
    if [[ "$1" == 't'* || "$1" == 'y'* || "$1" == 'T'* || "$1" == 'Y'* ]]; then
        sed -i 's|"chatDisabled":.*|"chatDisabled": false,|g' $PLEROMA_DIR/priv/static/static/config.json
        sed -i 's|:chat, enabled:.*|:chat, enabled: true|g' $PLEROMA_DIR/config/config.exs
    else
        sed -i 's|"chatDisabled":.*|"chatDisabled": true,|g' $PLEROMA_DIR/priv/static/static/config.json
        sed -i 's|:chat, enabled:.*|:chat, enabled: false|g' $PLEROMA_DIR/config/config.exs
    fi
    pleroma_recompile
}

function create_pleroma_blocklist {
    { echo '#!/bin/bash';
      echo "if [ ! -f /root/${PROJECT_NAME}-firewall-domains.cfg ]; then";
      echo '    exit 0';
      echo 'fi';
      echo 'if [ -f /tmp/pleroma-blocking.lock ]; then';
      echo '    cd /tmp';
      echo '    find ./pleroma*.lock -type f -mmin +5 -exec rm {} \;';
      echo '    if [ -f /tmp/pleroma-blocking.lock ]; then';
      echo '        exit 0';
      echo '    fi';
      echo 'fi';
      echo 'touch /tmp/pleroma-blocking.lock';
      echo 'objects_query="DELETE FROM objects WHERE"';
      echo 'objects_updated=';
      echo 'users_query="DELETE FROM users WHERE"';
      echo 'websub_server_subscriptions_query="DELETE FROM websub_server_subscriptions WHERE"';
      echo 'websub_server_subscriptions_updated=';
      echo 'while read blocked; do';
      echo "    if [[ \"\$blocked\" == *\".\"* || \"\$blocked\" == *\"@\"* ]]; then";
      echo "        if [ \${#blocked} -gt 4 ]; then";
      echo "            if [ \$objects_updated ]; then";
      echo "                objects_query=\"\${objects_query} or\"";
      echo "                users_query=\"\${users_query} or\"";
      echo '            fi';
      echo "            objects_query=\"\${objects_query} data->>'content' ilike '%\${blocked}%' or data->>'actor' ilike '%\${blocked}%' or data->>'to' ilike '%\${blocked}%' or data->>'id' ilike '%\${blocked}%' or data->>'external_url' ilike '%\${blocked}%'\"";
      echo "            users_query=\"\${users_query} nickname ilike '%\${blocked}%'\"";
      echo '            objects_updated=1';
      echo "            if [[ \"\$blocked\" != *\"@\"* ]]; then";
      echo "                if ! grep -q \"127.0.0.1  \$blocked\" /etc/hosts; then";
      echo "                    echo \"127.0.0.1  \$blocked\" >> /etc/hosts";
      echo '                fi';
      echo "                if [ \$websub_server_subscriptions_updated ]; then";
      echo "                    websub_server_subscriptions_query=\"\${websub_server_subscriptions_query} or\"";
      echo '                fi';
      echo "                websub_server_subscriptions_query=\"\${websub_server_subscriptions_query} callback like '%\${blocked}%'\"";
      echo '                websub_server_subscriptions_updated=1';
      echo '            fi';
      echo '        fi';
      echo '    fi';
      echo 'done </root/freedombone-firewall-domains.cfg';
      echo '';
      echo 'cd /etc/postgresql';
      echo "if [ \$objects_updated ]; then";
      echo "    sudo -u postgres psql -d pleroma -c \"\$objects_query\"";
      echo "    sudo -u postgres psql -d pleroma -c \"\$users_query\"";
      echo 'fi';
      echo "if [ \$websub_server_subscriptions_updated ]; then";
      echo "    sudo -u postgres psql -d pleroma -c \"\$websub_server_subscriptions_query\"";
      echo 'fi';
      echo 'rm /tmp/pleroma-blocking.lock'; } > $blocking_script_file

    chmod +x $blocking_script_file

    if ! grep -q "$blocking_script_file" /etc/crontab; then
        cron_add_mins 1 "$blocking_script_file 2> /dev/null"
    fi
}

function expire_pleroma_posts {
    domain_name=$1
    expire_months=$3

    if [ ! "$expire_months" ]; then
        expire_months=3
    fi

    #expire_days=$((expire_months * 30))

    # files are what take up most of the backup time, so don't keep them for very long
    expire_days_files=7

    # To prevent the database size from growing endlessly this script expires posts
    # after a number of months
    if [ ! -d /etc/pleroma ]; then
        return
    fi

    { echo '#!/bin/bash';
      echo "plmonths=\"$PLEROMA_EXPIRE_MONTHS\"";
      echo "if [ \${#plmonths} -eq 0 ]; then";
      echo '    exit 1';
      echo 'fi';
      echo "if [[ \"\$plmonths\" == \"0\" ]]; then";
      echo '    exit 2';
      echo 'fi';
      echo "oldate=\$(date +%Y-%m-%d --date=\"\$plmonths months ago\")";
      echo 'cd /etc/postgresql';
      echo "sudo -u postgres psql -d pleroma -c \"DELETE FROM notifications WHERE inserted_at <= '\$oldate 01:01:01'\"";
      echo "sudo -u postgres psql -d pleroma -c \"DELETE FROM objects WHERE inserted_at <= '\$oldate 01:01:01'\""; } > $pleroma_expire_posts_script
    chmod +x $pleroma_expire_posts_script

    pleroma_expire_script=/etc/cron.daily/pleroma-expire
    expire_days_files_threshold=$((expire_days_files - 1))
    { echo '#!/bin/bash';
      echo 'cd /etc/postgresql';
      echo 'if [ -d /etc/pleroma/tempfiles ]; then';
      echo '    rm -rf /etc/pleroma/tempfiles';
      echo 'fi';
      echo '';
      echo '# make directory to temporarily store local avatars';
      echo 'mkdir /etc/pleroma/tempfiles';
      echo '';
      echo '# get the local avatar files';
      echo "avatars=\$(sudo -u postgres psql -d pleroma -c \"select avatar->>'url' from users where avatar->>'url' like '%${domain_name}%'\")";
      echo '';
      echo '# copy the avatar files to a temporary directory';
      echo "arr=( \$avatars )";
      echo "for i in \${arr[@]}; do";
      echo "    if [[ \"\$i\" == *'/media/'* ]]; then";
      echo "        imagefile=/etc/pleroma/uploads/\$(echo \$i | sed 's|\"||g' | sed 's|,||g' | awk -F '/media/' '{print \$2}');";
      echo "        if [ -f \$imagefile ]; then";
      echo "            imagedir=/etc/pleroma/uploads/\$(echo \$i | sed 's|\"||g' | sed 's|,||g' | awk -F '/media/' '{print \$2}' | awk -F '/' '{print \$1}')";
      echo "            nowdate=\$(date +%s)";
      echo "            sinceepoch=\$(date +%s -r \$imagefile)";
      echo "            daysold=\$(((\$nowdate - \$sinceepoch) / 86400))";
      echo "            if [ \$daysold -ge ${expire_days_files_threshold} ]; then";
      echo "                if [ ! -d \$imagedir ]; then";
      echo "                    mkdir \$imagedir";
      echo '                fi';
      echo "                cp -rp \$imagefile \$imagedir";
      echo '            fi';
      echo '        fi';
      echo '    fi';
      echo 'done';
      echo '';
      echo '# get the local banner files';
      echo "banners=\$(sudo -u postgres psql -d pleroma -c \"select avatar->>'banner' from users where avatar->>'url' like '%${domain_name}%'\")";
      echo '';
      echo '# copy the banner files to a temporary directory';
      echo "arr=( \$banners )";
      echo "for i in \${arr[@]}; do";
      echo "    if [[ \"\$i\" == *'/media/'* ]]; then";
      echo "        imagefile=/etc/pleroma/uploads/\$(echo \$i | sed 's|\"||g' | sed 's|,||g' | awk -F '/media/' '{print \$2}');";
      echo "        if [ -f \$imagefile ]; then";
      echo "            imagedir=/etc/pleroma/uploads/\$(echo \$i | sed 's|\"||g' | sed 's|,||g' | awk -F '/media/' '{print \$2}' | awk -F '/' '{print \$1}')";
      echo "            nowdate=\$(date +%s)";
      echo "            sinceepoch=\$(date +%s -r \$imagefile)";
      echo "            daysold=\$(((\$nowdate - \$sinceepoch) / 86400))";
      echo "            if [ \$daysold -ge ${expire_days_files_threshold} ]; then";
      echo "                if [ ! -d \$imagedir ]; then";
      echo "                    mkdir \$imagedir";
      echo '                fi';
      echo "                cp -rp \$imagefile \$imagedir";
      echo '            fi';
      echo '        fi';
      echo '    fi';
      echo 'done';
      echo '';
      echo '# delete old files';
      echo "find /etc/pleroma/uploads/* -mtime +${expire_days_files} -exec rm -rf {} +";
      echo '';
      echo '# move avatar files back to uploads';
      echo 'chown -R pleroma:pleroma /etc/pleroma/tempfiles';
      echo 'mv /etc/pleroma/tempfiles/* /etc/pleroma/uploads';
      echo 'rm -rf /etc/pleroma/tempfiles';
      echo '';
      echo '/usr/bin/pleroma-expire-posts 2> /dev/null'; } > $pleroma_expire_script
    chmod +x $pleroma_expire_script

    # remove any old cron job
    if grep -q "pleroma-expire" /etc/crontab; then
        sed -i "/pleroma-expire/d" /etc/crontab
        rm /usr/bin/pleroma-expire
    fi

    # remove old expire script
    if [ -f /etc/cron.weekly/clear-pleroma-database ]; then
        rm /etc/cron.weekly/clear-pleroma-database
    fi
}

function pleroma_recompile {
    # necessary after parameter changes
    chown -R pleroma:pleroma $PLEROMA_DIR
    sudo -u pleroma mix clean
    sudo -u pleroma mix deps.compile
    sudo -u pleroma mix compile

    if [ -f /etc/systemd/system/pleroma.service ]; then
        systemctl restart pleroma
    fi
}

function logging_on_pleroma {
    echo -n ''
}

function logging_off_pleroma {
    echo -n ''
}

function remove_user_pleroma {
    remove_username="$1"

    cd $PLEROMA_DIR || exit 252498
    mix rm_user "$remove_username"
    "${PROJECT_NAME}-pass" -u "$remove_username" --rmapp pleroma
}

function add_user_pleroma {
    new_username="$1"
    new_user_password="$2"

    cd $PLEROMA_DIR || exit 348346
    mix register_user "$new_username" "$new_username" "$new_username@$HOSTNAME" $"Your bio goes here" "$new_user_password"
    "${PROJECT_NAME}-pass" -u "$new_username" -a pleroma -p "$new_user_password"

    echo '0'
}

function install_interactive_pleroma {
    if [ ! "$ONION_ONLY" ]; then
        ONION_ONLY='no'
    fi

    if [[ $ONION_ONLY != "no" ]]; then
        PLEROMA_DOMAIN_NAME='pleroma.local'
    else
        PLEROMA_DETAILS_COMPLETE=
        while [ ! $PLEROMA_DETAILS_COMPLETE ]
        do
            data=$(mktemp 2>/dev/null)
            if [[ $DDNS_PROVIDER == "default@freedns.afraid.org" ]]; then
                dialog --backtitle $"Freedombone Configuration" \
                       --title $"Pleroma Configuration" \
                       --form $"\\nPlease enter your Pleroma details. The background image URL can be left blank.\\n\\nIMPORTANT: This should be a domain name which is supported by Let's Encrypt:" 16 65 4 \
                       $"Domain:" 1 1 "$(grep 'PLEROMA_DOMAIN_NAME' temp.cfg | awk -F '=' '{print $2}')" 1 25 33 40 \
                       $"Title:" 2 1 "$(grep "$PLEROMA_TITLE" temp.cfg | awk -F '=' '{print $2}')" 2 25 255 255 \
                       $"Background image URL:" 3 1 "$(grep "$PLEROMA_BACKGROUND_IMAGE_URL" temp.cfg | awk -F '=' '{print $2}')" 3 25 255 255 \
                       $"Code:" 4 1 "$(grep 'PLEROMA_CODE' temp.cfg | awk -F '=' '{print $2}')" 4 25 33 255 \
                       2> "$data"
            else
                dialog --backtitle $"Freedombone Configuration" \
                       --title $"Pleroma Configuration" \
                       --form $"\\nPlease enter your Pleroma details. The background image URL can be left blank.\\n\\nIMPORTANT: This should be a domain name which is supported by Let's Encrypt:" 16 65 4 \
                       $"Domain:" 1 1 "$(grep 'PLEROMA_DOMAIN_NAME' temp.cfg | awk -F '=' '{print $2}')" 1 25 33 40 \
                       $"Title:" 2 1 "$(grep "$PLEROMA_TITLE" temp.cfg | awk -F '=' '{print $2}')" 2 25 255 255 \
                       $"Background image URL:" 3 1 "$(grep "$PLEROMA_BACKGROUND_IMAGE_URL" temp.cfg | awk -F '=' '{print $2}')" 3 25 255 255 \
                       2> "$data"
            fi
            sel=$?
            case $sel in
                1) rm -f "$data"
                   exit 1;;
                255) rm -f "$data"
                     exit 1;;
            esac
            PLEROMA_DOMAIN_NAME=$(sed -n 1p < "$data")
            title=$(sed -n 2p < "$data")
            if [ ${#title} -gt 1 ]; then
                PLEROMA_TITLE="$title"
            fi
            img_url=$(sed -n 3p < "$data")
            if [ ${#img_url} -gt 1 ]; then
                PLEROMA_BACKGROUND_IMAGE_URL=$img_url
            fi
            if [ "$PLEROMA_DOMAIN_NAME" ]; then
                if [[ $PLEROMA_DOMAIN_NAME == "$HUBZILLA_DOMAIN_NAME" ]]; then
                    PLEROMA_DOMAIN_NAME=""
                fi
                TEST_DOMAIN_NAME=$PLEROMA_DOMAIN_NAME
                validate_domain_name
                if [[ "$TEST_DOMAIN_NAME" != "$PLEROMA_DOMAIN_NAME" ]]; then
                    PLEROMA_DOMAIN_NAME=
                    dialog --title $"Domain name validation" --msgbox "$TEST_DOMAIN_NAME" 15 50
                else
                    if [[ $DDNS_PROVIDER == "default@freedns.afraid.org" ]]; then
                        PLEROMA_CODE=$(sed -n 4p < "$data")
                        validate_freedns_code "$PLEROMA_CODE"
                        if [ ! "$VALID_CODE" ]; then
                            PLEROMA_DOMAIN_NAME=
                        fi
                    fi
                fi
            fi
            if [ $PLEROMA_DOMAIN_NAME ]; then
                PLEROMA_DETAILS_COMPLETE="yes"
            fi
            rm -f "$data"
        done

        # remove any invalid characters
        if [ ${#PLEROMA_TITLE} -gt 0 ]; then
            new_title=${PLEROMA_TITLE//\'/}
            PLEROMA_TITLE="$new_title"
        fi

        # save the results in the config file
        write_config_param "PLEROMA_CODE" "$PLEROMA_CODE"
        write_config_param "PLEROMA_TITLE" "$PLEROMA_TITLE"
        write_config_param "PLEROMA_BACKGROUND_IMAGE_URL" "$PLEROMA_BACKGROUND_IMAGE_URL"
    fi
    write_config_param "PLEROMA_DOMAIN_NAME" "$PLEROMA_DOMAIN_NAME"
    APP_INSTALLED=1
}

function change_password_pleroma {
#    curr_username="$1"
    new_user_password="$2"

    #${PROJECT_NAME}-pass -u "$curr_username" -a pleroma -p "$new_user_password"
}

function pleroma_create_database_failed {
    run_system_query_postgresql "ALTER USER pleroma NOSUPERUSER;"
    run_system_query_postgresql "ALTER USER pleroma NOCREATEDB;"
}

function pleroma_create_database {
    if [ -f "$IMAGE_PASSWORD_FILE" ]; then
        PLEROMA_ADMIN_PASSWORD="$(printf "%s" "$(cat "$IMAGE_PASSWORD_FILE")")"
    else
        if [ ! "$PLEROMA_ADMIN_PASSWORD" ]; then
            PLEROMA_ADMIN_PASSWORD="$(create_password "${MINIMUM_PASSWORD_LENGTH}")"
        fi
    fi
    if [ ! "$PLEROMA_ADMIN_PASSWORD" ]; then
        return
    fi

    systemctl restart postgresql
    add_postgresql_user pleroma "$PLEROMA_ADMIN_PASSWORD" encrypted
    run_system_query_postgresql "create database pleroma;"
    # temporarily allow the user to create databases
    run_system_query_postgresql "ALTER USER pleroma CREATEDB;"
    run_system_query_postgresql "ALTER USER pleroma SUPERUSER;"
    run_system_query_postgresql "GRANT ALL ON ALL tables IN SCHEMA public TO pleroma;"
    run_system_query_postgresql "GRANT ALL ON ALL sequences IN SCHEMA public TO pleroma;"
    run_system_query_postgresql "CREATE EXTENSION citext;"
    run_system_query_postgresql "set statement_timeout to 40000;"

    read_config_param "PLEROMA_SECRET_KEY"
    if [ ${#PLEROMA_SECRET_KEY} -lt 64 ]; then
        PLEROMA_SECRET_KEY="$(create_password 30)$(create_password 30)$(create_password 30)"
        if [ ${#PLEROMA_SECRET_KEY} -lt 64 ]; then
            pleroma_create_database_failed
            echo $'Pleroma secret key not created'
            exit 6782352
        fi
        write_config_param "PLEROMA_SECRET_KEY" "$PLEROMA_SECRET_KEY"
    fi

    if [ ! -d $PLEROMA_DIR/config ]; then
        echo $"Missing directory $PLEROMA_DIR/config"
        exit 7835393
    fi
    if [ ! -f $PLEROMA_DIR/config/dev.exs ]; then
        echo $"Did not find $PLEROMA_DIR/config/dev.exs"
        exit 78923528
    fi
    cp $PLEROMA_DIR/config/dev.exs $pleroma_secret
    sed -i "s|username:.*|username: \"pleroma\",|g" $pleroma_secret
    sed -i "s|password:.*|password: \"$PLEROMA_ADMIN_PASSWORD\",|g" $pleroma_secret
    sed -i "s|database:.*|database: \"pleroma\",|g" $pleroma_secret
    sed -i "/Pleroma.Web.Endpoint/a secret_key_base: \"$PLEROMA_SECRET_KEY\"," $pleroma_secret
    sed -i 's|secret_key_base: |  secret_key_base: |g' $pleroma_secret
    sed -i "/Pleroma.Web.Endpoint/a pubsub: [name: Pleroma.Web.PubSub, adapter: Phoenix.PubSub.PG2]," $pleroma_secret
    sed -i 's|pubsub: |  pubsub: |g' $pleroma_secret
    sed -i 's|watchers: []|watchers: [],|g' $pleroma_secret
    if [[ $ONION_ONLY == 'no' ]]; then
        sed -i "/watchers: []/a url: [host: \"$PLEROMA_DOMAIN_NAME\", scheme: \"https\", port: 443]" $pleroma_secret
    else
        sed -i "/watchers: []/a url: [host: \"$PLEROMA_ONION_HOSTNAME\", scheme: \"http\", port: 80]" $pleroma_secret
    fi
    sed -i 's|url: |  url: |g' $pleroma_secret
    if ! grep -q "pbkdf2_rounds" $pleroma_secret; then
        sed -i '/config :logger/a config :comeonin, :pbkdf2_rounds, 1' $pleroma_secret
    else
        sed -i 's|pbkdf2_rounds.*|pbkdf2_rounds, 1|g' $pleroma_secret
    fi
    sed -i 's|import_config|# import_config|g' $pleroma_secret

    cd "$PLEROMA_DIR" || exit 678245245724
    chown -R pleroma:pleroma $PLEROMA_DIR/*
    if ! sudo -u pleroma mix local.rebar --force; then
        pleroma_create_database_failed
        echo $'mix local.rebar failed'
        exit 73528562
    fi
    sudo -u pleroma mix local.hex --force
    sudo -u pleroma mix deps.compile mimerl
    systemctl restart postgresql
    if ! sudo -u pleroma mix ecto.create --force; then
        pleroma_create_database_failed
        echo $'mix ecto.create failed'
        exit 83653582
    fi
    if ! sudo -u pleroma mix ecto.migrate --force; then
        pleroma_create_database_failed
        echo $'mix ecto.migrate failed'
        exit 73752573
    fi

    # revoke the ability to create databases for this user
    run_system_query_postgresql "ALTER USER pleroma NOSUPERUSER;"
    run_system_query_postgresql "ALTER USER pleroma NOCREATEDB;"
}

function reconfigure_pleroma {
    echo -n ''
}

function pleroma_set_background_image {
    PLEROMA_DOMAIN_NAME=$(get_completion_param "pleroma domain")

    data=$(mktemp 2>/dev/null)
    dialog --title $"Pleroma" \
           --backtitle $"Freedombone Control Panel" \
           --inputbox $'Set a background image URL' 10 60 2>"$data"
    sel=$?
    case $sel in
        0)
            temp_background=$(<"$data")
            if [ ${#temp_background} -gt 0 ]; then
                PLEROMA_BACKGROUND_IMAGE_URL="$temp_background"
                write_config_param "PLEROMA_BACKGROUND_IMAGE_URL" "$PLEROMA_BACKGROUND_IMAGE_URL"
                if [[ $(pleroma_set_background_image_from_url $PLEROMA_DIR "$PLEROMA_DOMAIN_NAME" "$PLEROMA_BACKGROUND_IMAGE_URL" "$PLEROMA_TITLE" | tail -n 1) == "0" ]]; then
                    pleroma_recompile

                    dialog --title $"Set Pleroma login background" \
                           --msgbox $"The background image has been set" 6 60
                fi
            fi
           ;;
    esac
    rm -f "$data"
}

function pleroma_set_title {
    data=$(mktemp 2>/dev/null)
    dialog --title $"Pleroma" \
           --backtitle $"Freedombone Control Panel" \
           --inputbox $'Set a title' 10 60 2>"$data"
    sel=$?
    case $sel in
        0)
            new_title=$(<"$data")
            if [ ${#new_title} -gt 0 ]; then
                PLEROMA_TITLE="$new_title"
                PLEROMA_DOMAIN_NAME=$(get_completion_param "pleroma domain")
                write_config_param "PLEROMA_TITLE" "$PLEROMA_TITLE"
                sed -i "s|\"name\":.*|\"name\": \"${PLEROMA_TITLE}\",|g" $PLEROMA_DIR/static/config.json
                sed -i "s|\"name\":.*|\"name\": \"${PLEROMA_TITLE}\",|g" $PLEROMA_DIR/priv/static/static/config.json
                sed -i "s|name: .*|name: \"${PLEROMA_TITLE}\",|g" $PLEROMA_DIR/config/config.exs
                systemctl restart pleroma
                dialog --title $"Set Pleroma title" \
                       --msgbox $"The title has been set" 6 60
            fi
           ;;
    esac
    rm -f "$data"
}

function pleroma_set_expire_months {
    PLEROMA_DOMAIN_NAME=$(get_completion_param "pleroma domain")
    read_config_param "PLEROMA_DOMAIN_NAME"
    read_config_param "PLEROMA_EXPIRE_MONTHS"

    data=$(mktemp 2>/dev/null)
    dialog --title $"Pleroma" \
           --backtitle $"Freedombone Control Panel" \
           --inputbox $'Set an expiry period for posts in months. Anything older will be deleted. Lower values help to keep the database size small and as fast as possible.' 12 60 "$PLEROMA_EXPIRE_MONTHS" 2>"$data"
    sel=$?
    case $sel in
        0)
            new_expiry_months=$(<"$data")
            if [ ${#new_expiry_months} -gt 0 ]; then
                # should contain no spaces
                if [[ "$new_expiry_months" == *" "* ]]; then
                    rm -f "$data"
                    return
                fi
                # should be a number
                re='^[0-9]+$'
                if ! [[ $new_expiry_months =~ $re ]] ; then
                    rm -f "$data"
                    return
                fi
                # set the new value
                PLEROMA_EXPIRE_MONTHS=$new_expiry_months
                write_config_param "PLEROMA_EXPIRE_MONTHS" "$PLEROMA_EXPIRE_MONTHS"

                expire_pleroma_posts "$PLEROMA_DOMAIN_NAME" "$PLEROMA_EXPIRE_MONTHS"
                create_pleroma_blocklist

                dialog --title $"Set Pleroma post expiry period" \
                       --msgbox $"Expiry period set to $PLEROMA_EXPIRE_MONTHS months" 6 60
            fi
           ;;
    esac
    rm -f "$data"
}

function pleroma_disable_registrations {
    dialog --title $"Disable new Pleroma user registrations" \
           --backtitle $"Freedombone Control Panel" \
           --yesno $"\\nDo you wish to disable new registrations?" 10 60
    sel=$?
    case $sel in
        0) sed -i 's|registrations_open: true|registrations_open: false|g' $PLEROMA_DIR/config/config.exs
           sed -i 's|registrations_open: True|registrations_open: false|g' $PLEROMA_DIR/config/config.exs
           sed -i 's|"registrationOpen": true|"registrationOpen": false|g' $PLEROMA_DIR/priv/static/static/config.json
           sed -i 's|"registrationOpen": True|"registrationOpen": false|g' $PLEROMA_DIR/priv/static/static/config.json
           ;;
        1) sed -i 's|registrations_open: false|registrations_open: true|g' $PLEROMA_DIR/config/config.exs
           sed -i 's|registrations_open: False|registrations_open: true|g' $PLEROMA_DIR/config/config.exs
           sed -i 's|"registrationOpen": false|"registrationOpen": true|g' $PLEROMA_DIR/priv/static/static/config.json
           sed -i 's|"registrationOpen": False|"registrationOpen": true|g' $PLEROMA_DIR/priv/static/static/config.json
           ;;
        255) return;;
    esac
    pleroma_recompile
}

function pleroma_add_emoji {
    emoji_resolution='128x128'

    data=$(mktemp 2>/dev/null)
    dialog --backtitle $"Freedombone Control Panel" \
           --title $"Add Custom Emoji" \
           --form "\\n" 8 75 2 \
           $"Shortcode:" 1 1 "" 1 18 16 15 \
           $"ImageURL:" 2 1 "" 2 18 512 10000 \
           2> "$data"
    sel=$?
    case $sel in
        1) rm -f "$data"
           return;;
        255) rm -f "$data"
             return;;
    esac
    shortcode=$(sed -n 1p < "$data")
    image_url=$(sed -n 2p < "$data")
    rm -f "$data"
    if [ ${#shortcode} -lt 2 ]; then
        return
    fi
    if [ ${#image_url} -lt 2 ]; then
        return
    fi
    if [[ "$image_url" != *'.'* ]]; then
        return
    fi
    if [[ "$image_url" != *'.png' && "$image_url" != *'.jpg' && "$image_url" != *'.jpeg' && "$image_url" != *'.gif' ]]; then
        dialog --title $"Add Custom Emoji" \
               --msgbox $"The image must be png/jpg/gif format" 6 60
        return
    fi
    if [[ "$shortcode" == *':'* || "$shortcode" == *' '* || "$shortcode" == *'.'* || "$shortcode" == *'!'* ]]; then
        dialog --title $"Add Custom Emoji" \
               --msgbox $"The shortcode contains invalid characters" 6 60
        return
    fi

    image_extension='png'
    if [[ "$image_url" == *'.jpg' || "$image_url" == *'.jpeg' ]]; then
        image_extension='jpg'
    fi
    if [[ "$image_url" == *'.gif' ]]; then
        image_extension='gif'
    fi

    if [ ! -d $PLEROMA_DIR/priv/static/emoji ]; then
        mkdir -p $PLEROMA_DIR/priv/static/emoji
    fi

    image_filename=$PLEROMA_DIR/priv/static/emoji/${shortcode}.${image_extension}
    wget "$image_url" -O "$image_filename"
    if [ ! -f "$image_filename" ]; then
        dialog --title $"Add Custom Emoji" \
               --msgbox $"Unable to download the image" 6 60
        return
    fi

    if [[ "$image_url" == *'.jpg' || "$image_url" == *'.jpeg' || "$image_url" == *'.gif' ]]; then
        convert "$image_filename" -resize "$emoji_resolution" "$PLEROMA_DIR/priv/static/emoji/${shortcode}.png"
        if [ ! -f "$PLEROMA_DIR/priv/static/emoji/${shortcode}.png" ]; then
            dialog --title $"Add Custom Emoji" \
                   --msgbox $"Unable to convert empji image to png format" 6 60
            return
        fi

        # remove the original
        rm "$image_filename"

        image_extension='png'
        image_filename=$PLEROMA_DIR/priv/static/emoji/${shortcode}.${image_extension}
    else
        convert "$image_filename" -resize "$emoji_resolution" "$image_filename"
    fi

    if ! grep -q "${shortcode}," $PLEROMA_DIR/config/emoji.txt; then
        echo "${shortcode}, /emoji/${shortcode}.${image_extension}" >> $PLEROMA_DIR/config/emoji.txt
    else
        sed -i "s|${shortcode},.*|${shortcode}, /emoji/${shortcode}.${image_extension}|g" $PLEROMA_DIR/config/emoji.txt
    fi

    chown -R pleroma:pleroma $PLEROMA_DIR
    clear
    echo ''
    echo $'Recompiling Pleroma with the new emoji'
    systemctl stop pleroma
    pleroma_recompile

    dialog --title $"Add Custom Emoji" \
           --msgbox $"Custom emoji :${shortcode}: has been added" 6 70
}

function configure_interactive_pleroma {
    read_config_param PLEROMA_DOMAIN_NAME
    read_config_param PLEROMA_EXPIRE_MONTHS
    while true
    do
        chatenabled=
        enablechatstr=$'Enable chat system'
        if grep -q ':chat, enabled: true' $PLEROMA_DIR/config/config.exs; then
            chatenabled=1
            enablechatstr=$'Disable chat system'
        fi

        W=(1 $"Set a background image"
           2 $"Set the title"
           3 $"Disable new account registrations"
           4 $"Add a custom emoji"
           5 $"Set post expiry period (currently $PLEROMA_EXPIRE_MONTHS months)"
           6 "$enablechatstr")

        # shellcheck disable=SC2068
        selection=$(dialog --backtitle $"Freedombone Administrator Control Panel" --title $"Pleroma" --menu $"Choose an operation, or ESC to exit:" 13 60 6 "${W[@]}" 3>&2 2>&1 1>&3)

        if [ ! "$selection" ]; then
            break
        fi

        case $selection in
            1) pleroma_set_background_image;;
            2) pleroma_set_title;;
            3) pleroma_disable_registrations;;
            4) pleroma_add_emoji;;
            5) pleroma_set_expire_months;;
            6) if [ $chatenabled ]; then
                   pleroma_enable_chat false
               else
                   pleroma_enable_chat true
               fi
               ;;
        esac
    done
}

function upgrade_pleroma {
    read_config_param PLEROMA_DOMAIN_NAME
    read_config_param PLEROMA_EXPIRE_MONTHS

    if ! grep -q "/media/" /etc/cron.daily/pleroma-expire; then
        rm $pleroma_expire_posts_script
    fi
    if [ ! -f $pleroma_expire_posts_script ]; then
        expire_pleroma_posts "$PLEROMA_DOMAIN_NAME" "$PLEROMA_EXPIRE_MONTHS"
    fi
    if [ ! -f $blocking_script_file ]; then
        create_pleroma_blocklist
    fi

    CURR_PLEROMA_COMMIT=$(get_completion_param "pleroma commit")
    if [[ "$CURR_PLEROMA_COMMIT" == "$PLEROMA_COMMIT" ]]; then
        return
    fi

    pleroma_registrations=open
    if grep -q 'registrations_open: false' $PLEROMA_DIR/config/config.exs; then
        pleroma_registrations=
    fi

    # make a copy of the configuration
    cp $PLEROMA_DIR/priv/static/static/config.json $PLEROMA_DIR/priv/static/static/config_prev.json

    if [ -f $PLEROMA_DIR/config/emoji.txt ]; then
        cp $PLEROMA_DIR/config/emoji.txt $PLEROMA_DIR/config/emoji_prev.txt
    fi

    apt-get -yq update
    apt-get -yq install --only-upgrade esl-erlang
    apt-get -yq install --only-upgrade elixir erlang-xmerl erlang-dev erlang-parsetools

    function_check set_repo_commit
    set_repo_commit $PLEROMA_DIR "pleroma commit" "$PLEROMA_COMMIT" $PLEROMA_REPO
    chown -R pleroma:pleroma $PLEROMA_DIR

    # restore the configuration
    cp $PLEROMA_DIR/priv/static/static/config_prev.json $PLEROMA_DIR/priv/static/static/config.json
    chown pleroma:pleroma $PLEROMA_DIR/priv/static/static/config.json

    if [ -f $PLEROMA_DIR/config/emoji_prev.txt ]; then
        cp $PLEROMA_DIR/config/emoji_prev.txt $PLEROMA_DIR/config/emoji.txt
        chown pleroma:pleroma $PLEROMA_DIR/config/emoji.txt
        rm cp $PLEROMA_DIR/config/emoji_prev.txt
    fi

    sudo -u pleroma mix deps.get

    if [ ! $pleroma_registrations ]; then
        sed -i 's|registrations_open: true|registrations_open: false|g' $PLEROMA_DIR/config/config.exs
        sed -i 's|registrations_open: True|registrations_open: false|g' $PLEROMA_DIR/config/config.exs
    fi

    pleroma_recompile

    # migrate database
    sudo -u pleroma mix deps.clean --build mime
    sudo -u pleroma mix ecto.migrate

    pleroma_custom_logo "$PLEROMA_DIR"

    expire_pleroma_posts "$PLEROMA_DOMAIN_NAME" "$PLEROMA_EXPIRE_MONTHS"
    create_pleroma_blocklist

    chown -R pleroma:pleroma $PLEROMA_DIR

    systemctl restart pleroma
}

function backup_local_pleroma {
    PLEROMA_DOMAIN_NAME='pleroma'
    if grep -q "pleroma domain" "$COMPLETION_FILE"; then
        PLEROMA_DOMAIN_NAME=$(get_completion_param "pleroma domain")
    fi

    systemctl stop pleroma

    function_check suspend_site
    suspend_site "${PLEROMA_DOMAIN_NAME}"

    source_directory=$PLEROMA_DIR
    dest_directory=pleroma
    backup_directory_to_usb $source_directory $dest_directory

    USE_POSTGRESQL=1
    function_check backup_database_to_usb
    backup_database_to_usb pleroma

    function_check restart_site
    restart_site

    systemctl restart pleroma
}

function restore_local_pleroma {
    if ! grep -q "pleroma domain" "$COMPLETION_FILE"; then
        return
    fi
    PLEROMA_DOMAIN_NAME=$(get_completion_param "pleroma domain")
    if [ "$PLEROMA_DOMAIN_NAME" ]; then
        echo $"Restoring pleroma"
        temp_restore_dir=/root/temppleroma
        pleroma_dir=$PLEROMA_DIR

        systemctl stop pleroma

        PLEROMA_ONION_HOSTNAME=$(cat /var/lib/tor/hidden_service_pleroma/hostname)
        function_check pleroma_create_database
        pleroma_create_database

        USE_POSTGRESQL=1
        restore_database pleroma
        if [ -d $temp_restore_dir ]; then
            rm -rf $temp_restore_dir
        fi

        function_check restore_directory_from_usb
        restore_directory_from_usb $temp_restore_dir pleroma
        if [ -d $temp_restore_dir ]; then
            chown -R pleroma:pleroma $pleroma_dir
            rm -rf $temp_restore_dir
        fi
        systemctl restart pleroma

        echo $"Restore of pleroma complete"
    fi
}

function backup_remote_pleroma {
    PLEROMA_DOMAIN_NAME='pleroma'
    if grep -q "pleroma domain" "$COMPLETION_FILE"; then
        PLEROMA_DOMAIN_NAME=$(get_completion_param "pleroma domain")
    fi

    systemctl stop pleroma

    function_check suspend_site
    suspend_site "${PLEROMA_DOMAIN_NAME}"

    source_directory=$PLEROMA_DIR
    dest_directory=pleroma
    backup_directory_to_friend $source_directory $dest_directory

    USE_POSTGRESQL=1
    function_check backup_database_to_friend
    backup_database_to_friend pleroma

    function_check restart_site
    restart_site

    systemctl restart pleroma
}

function restore_remote_pleroma {
    if ! grep -q "pleroma domain" "$COMPLETION_FILE"; then
        return
    fi
    PLEROMA_DOMAIN_NAME=$(get_completion_param "pleroma domain")
    if [ "$PLEROMA_DOMAIN_NAME" ]; then
        echo $"Restoring pleroma"
        temp_restore_dir=/root/temppleroma
        pleroma_dir=$PLEROMA_DIR

        systemctl stop pleroma

        PLEROMA_ONION_HOSTNAME=$(cat /var/lib/tor/hidden_service_pleroma/hostname)
        function_check pleroma_create_database
        pleroma_create_database

        # shellcheck disable=SC2034
        USE_POSTGRESQL=1
        function_check restore_database_from_friend
        restore_database_from_friend pleroma
        if [ -d $temp_restore_dir ]; then
            rm -rf $temp_restore_dir
        fi

        function_check restore_directory_from_friend
        restore_directory_from_friend $temp_restore_dir pleroma
        if [ -d $temp_restore_dir ]; then
            chown -R pleroma:pleroma $pleroma_dir
            rm -rf $temp_restore_dir
        fi

        systemctl restart pleroma

        echo $"Restore of pleroma complete"
    fi
}

function remove_pleroma {
    if [ ${#PLEROMA_DOMAIN_NAME} -eq 0 ]; then
        return
    fi
    systemctl stop pleroma
    systemctl disable pleroma
    rm /etc/systemd/system/pleroma.service

    userdel pleroma
    #remove_elixir

    function_check remove_nodejs
    remove_nodejs pleroma-backend

    read_config_param "PLEROMA_DOMAIN_NAME"
    read_config_param "MY_USERNAME"
    echo "Removing $PLEROMA_DOMAIN_NAME"
    nginx_dissite "$PLEROMA_DOMAIN_NAME"
    remove_certs "$PLEROMA_DOMAIN_NAME"

    if [ -d "/var/www/$PLEROMA_DOMAIN_NAME" ]; then
        rm -rf "/var/www/$PLEROMA_DOMAIN_NAME"
    fi
    if [ -f "/etc/nginx/sites-available/$PLEROMA_DOMAIN_NAME" ]; then
        rm "/etc/nginx/sites-available/$PLEROMA_DOMAIN_NAME"
    fi
    if [ -d $PLEROMA_DIR ]; then
        rm -rf $PLEROMA_DIR
    fi
    function_check drop_database_postgresql
    drop_database_postgresql pleroma
    function_check remove_onion_service
    remove_onion_service pleroma ${PLEROMA_ONION_PORT}
    remove_app pleroma
    remove_completion_param install_pleroma
    sed -i '/pleroma domain/d' "$COMPLETION_FILE"
    sed -i '/pleroma commit/d' "$COMPLETION_FILE"
    sed -i "/$blocking_script_file/d" /etc/crontab

    if [ -f /usr/bin/pleroma-blocking ]; then
        rm /usr/bin/pleroma-blocking
    fi

    function_check remove_ddns_domain
    remove_ddns_domain "$PLEROMA_DOMAIN_NAME"
}

function image_install_pleroma {
    if [[ "$SOCIALINSTANCE" != 'pleroma' ]]; then
        return
    fi

    # shellcheck disable=SC2154
    chroot "$rootdir" apt-get -yq install wget imagemagick

    image_install_elixir
    image_install_postgresql
}

function install_pleroma {
    if [ ! $ONION_ONLY ]; then
        ONION_ONLY='no'
    fi

    apt-get -yq install wget imagemagick

    # We need elixir 1.4+ here, so the debian repo package won't do
    install_elixir

    function_check install_nodejs
    install_nodejs pleroma-backend
    install_postgresql

    if [ ! -d "/var/www/${PLEROMA_DOMAIN_NAME}/htdocs" ]; then
        mkdir -p "/var/www/${PLEROMA_DOMAIN_NAME}/htdocs"
    fi
    if [ -d $PLEROMA_DIR ]; then
        rm -rf $PLEROMA_DIR
    fi


    # get the repo
    if [ -f /repos/pleroma/index.html ]; then
        mv /repos/pleroma /repos/pleroma-fe
    fi
    if [ -d /repos/pleroma ]; then
        mkdir -p $PLEROMA_DIR
        cp -r -p /repos/pleroma/. $PLEROMA_DIR
        cd "$PLEROMA_DIR" || exit 834537453
        git pull
    else
        function_check git_clone
        git_clone $PLEROMA_REPO $PLEROMA_DIR
    fi

    if [ ! -d $PLEROMA_DIR ]; then
        echo $'Unable to clone pleroma backend repo'
        exit 783523
    fi


    # create user
    useradd -d $PLEROMA_DIR -s /bin/false pleroma


    # checkout the commit
    cd "$PLEROMA_DIR" || exit 62452428
    git checkout $PLEROMA_COMMIT -b $PLEROMA_COMMIT
    set_completion_param "pleroma commit" "$PLEROMA_COMMIT"
    chown -R pleroma:pleroma $PLEROMA_DIR


    # web config
    function_check add_ddns_domain
    add_ddns_domain "$PLEROMA_DOMAIN_NAME"

    PLEROMA_ONION_HOSTNAME=$(add_onion_service pleroma 80 ${PLEROMA_ONION_PORT})

    pleroma_nginx_site=/etc/nginx/sites-available/$PLEROMA_DOMAIN_NAME
    if [[ $ONION_ONLY == "no" ]]; then
        function_check nginx_http_redirect
        nginx_http_redirect "$PLEROMA_DOMAIN_NAME" "index index.html"
        { echo '';
          echo 'proxy_cache_path /tmp/pleroma-media-cache levels=1:2 keys_zone=pleroma_media_cache:10m max_size=100m inactive=80m use_temp_path=off;';
          echo '';
          echo 'server {';
          echo '  listen 443 ssl http2;';
          echo '  #listen [::]:443 ssl http2;';
          echo "  server_name $PLEROMA_DOMAIN_NAME;";
          echo '';
          echo '  # Security'; } >> "$pleroma_nginx_site"
        function_check nginx_ssl
        nginx_ssl "$PLEROMA_DOMAIN_NAME"

        function_check nginx_security_options
        nginx_security_options "$PLEROMA_DOMAIN_NAME"

        { echo '  add_header Strict-Transport-Security max-age=0;';
          echo '';
          echo '  # Logs';
          echo '  access_log /dev/null;';
          echo '  error_log /dev/null;';
          echo '';
          echo "  root $PLEROMA_DIR;";
          echo '';
          echo '  index index.html;';
          echo '';
          echo '  gzip_vary on;';
          echo '  gzip_proxied any;';
          echo '  gzip_comp_level 6;';
          echo '  gzip_buffers 16 8k;';
          echo '  gzip_http_version 1.1;';
          echo '  gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript application/activity+json application/atom+xml;';
          echo '';
          echo '  location / {';
          echo '    client_max_body_size 15m;';
          echo '    client_body_buffer_size 15m;';
          echo '';
          echo '    limit_conn conn_limit_per_ip 50;';
          echo '    limit_req zone=req_limit_per_ip burst=50 nodelay;';
          echo '';
          echo "    add_header 'Access-Control-Allow-Origin' '*' always;";
          echo "    add_header 'Access-Control-Allow-Methods' 'POST, GET, OPTIONS' always;";
          echo "    add_header 'Access-Control-Allow-Headers' 'Authorization, Content-Type' always;";
          echo "    if (\$request_method = OPTIONS) {";
          echo '        return 204;';
          echo '    }';
          echo '';
          echo '    proxy_http_version 1.1;';
          echo "    proxy_set_header Upgrade \$http_upgrade;";
          echo '    proxy_set_header Connection "upgrade";';
          echo "    proxy_set_header Host \$http_host;";
          echo '';
          echo "    proxy_pass http://localhost:$PLEROMA_PORT;";
          echo '  }';
          echo '';
          echo '  location /proxy {';
          echo '    client_max_body_size 15m;';
          echo '    client_body_buffer_size 15m;';
          echo '';
          echo '    limit_conn conn_limit_per_ip 50;';
          echo '    limit_req zone=req_limit_per_ip burst=50 nodelay;';
          echo '';
          echo '    proxy_cache pleroma_media_cache;';
          echo '    proxy_cache_lock on;';
          echo "    proxy_pass http://localhost:$PLEROMA_PORT;";
          echo '  }';
          echo '  # include snippets/well-known.conf;';
          echo '}'; } >> "$pleroma_nginx_site"
    else
        echo 'proxy_cache_path /tmp/pleroma-media-cache levels=1:2 keys_zone=pleroma_media_cache:10m max_size=100m inactive=80m use_temp_path=off;' > "$pleroma_nginx_site"
        echo '' >> "$pleroma_nginx_site"
    fi
    { echo 'server {';
      echo "    listen 127.0.0.1:$PLEROMA_ONION_PORT default_server http2;";
      echo "    server_name $PLEROMA_ONION_HOSTNAME;";
      echo ''; } >> "$pleroma_nginx_site"
    function_check nginx_security_options
    nginx_security_options "$PLEROMA_DOMAIN_NAME"
    { echo '';
      echo '  # Logs';
      echo '  access_log /dev/null;';
      echo '  error_log /dev/null;';
      echo '';
      echo "  root $PLEROMA_DIR;";
      echo '';
      echo '  index index.html;';
      echo '';
      echo '  gzip_vary on;';
      echo '  gzip_proxied any;';
      echo '  gzip_comp_level 6;';
      echo '  gzip_buffers 16 8k;';
      echo '  gzip_http_version 1.1;';
      echo '  gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript application/activity+json application/atom+xml;';
      echo '';
      echo '  location / {';
      echo '    client_max_body_size 15m;';
      echo '    client_body_buffer_size 15m;';
      echo '';
      echo '    limit_conn conn_limit_per_ip 50;';
      echo '    limit_req zone=req_limit_per_ip burst=50 nodelay;';
      echo '';
      echo "    add_header 'Access-Control-Allow-Origin' '*' always;";
      echo "    add_header 'Access-Control-Allow-Methods' 'POST, GET, OPTIONS' always;";
      echo "    add_header 'Access-Control-Allow-Headers' 'Authorization, Content-Type' always;";
      echo "    if (\$request_method = OPTIONS) {";
      echo '        return 204;';
      echo '    }';
      echo '';
      echo '    proxy_http_version 1.1;';
      echo "    proxy_set_header Upgrade \$http_upgrade;";
      echo '    proxy_set_header Connection "upgrade";';
      echo "    proxy_set_header Host \$http_host;";
      echo '';
      echo "    proxy_pass http://localhost:$PLEROMA_PORT;";
      echo '  }';
      echo '';
      echo '  location /proxy {';
      echo '    client_max_body_size 15m;';
      echo '    client_body_buffer_size 15m;';
      echo '';
      echo '    limit_conn conn_limit_per_ip 50;';
      echo '    limit_req zone=req_limit_per_ip burst=50 nodelay;';
      echo '';
      echo '    proxy_cache pleroma_media_cache;';
      echo '    proxy_cache_lock on;';
      echo "    proxy_pass http://localhost:$PLEROMA_PORT;";
      echo '  }';
      echo '  # include snippets/well-known.conf;';
      echo '}'; } >> "$pleroma_nginx_site"

    # back end
    cd "$PLEROMA_DIR" || exit 246824684
    chown -R pleroma:pleroma "$PLEROMA_DIR/"*
    if ! sudo -u pleroma mix local.hex --force; then
        echo $'mix local.hex failed'
        exit 1745673
    fi
    if ! sudo -u pleroma mix deps.get --force; then
        echo $'mix deps.get failed'
        exit 7325733
    fi

    function_check pleroma_create_database
    pleroma_create_database

    "${PROJECT_NAME}-pass" -u "$MY_USERNAME" -a pleroma -p "$PLEROMA_ADMIN_PASSWORD"

    # NOTE: we don't need to install the frontend separately,
    # since the backend contains a precompiled version of it

    install_gnusocial_default_background "pleroma" "$PLEROMA_DOMAIN_NAME"
    if [ ! -f "$PLEROMA_DIR/priv/static/static/config.json" ]; then
        echo $"$PLEROMA_DIR/priv/static/static/config.json file missing"
        exit 323689
    fi
    sed -i 's|"theme":.*|"theme": "base16-summerfruit-dark.css",|g' "$PLEROMA_DIR/priv/static/static/config.json"

    if [ "$PLEROMA_BACKGROUND_IMAGE_URL" ]; then
        pleroma_set_background_image_from_url $PLEROMA_DIR/priv/static "$PLEROMA_DOMAIN_NAME" "$PLEROMA_BACKGROUND_IMAGE_URL" "$PLEROMA_TITLE"
    fi

    # Get certificate
    function_check create_site_certificate
    create_site_certificate "$PLEROMA_DOMAIN_NAME" 'yes'

    function_check nginx_ensite
    nginx_ensite "$PLEROMA_DOMAIN_NAME"

    systemctl restart postgresql
    systemctl restart nginx

    set_completion_param "pleroma domain" "$PLEROMA_DOMAIN_NAME"

    # We need to set up the url option again because it somehow gets
    # lost during mix compile
    if ! grep -q 'watchers: [],' $pleroma_secret; then
        sed -i 's|watchers: \[\]|watchers: \[\],|g' $pleroma_secret
    fi
    if ! grep -q 'url:' $pleroma_secret; then
        if [[ $ONION_ONLY == 'no' ]]; then
            sed -i "/watchers: /a url: [host: \"$PLEROMA_DOMAIN_NAME\", scheme: \"https\", port: 443]" $pleroma_secret
        else
            sed -i "/watchers: /a url: [host: \"$PLEROMA_ONION_HOSTNAME\", scheme: \"http\", port: 80]" $pleroma_secret
        fi
    fi

    create_pleroma_blocklist

    # daemon
    { echo '[Unit]';
      echo 'Description=Pleroma social network';
      echo 'After=network.target postgresql.service';
      echo '';
      echo '[Service]';
      echo 'User=pleroma';
      echo "WorkingDirectory=$PLEROMA_DIR";
      echo "Environment=\"HOME=$PLEROMA_DIR\"";
      echo 'ExecStart=/usr/local/bin/mix phx.server';
      echo "ExecReload=/bin/kill \$MAINPID";
      echo 'KillMode=process';
      echo 'Restart=on-failure';
      echo '';
      echo '[Install]';
      echo 'WantedBy=multi-user.target';
      echo 'Alias=pleroma.service'; } > /etc/systemd/system/pleroma.service


    # avoid mixed content warnings
    sed -i '/config :pleroma, :media_proxy/!b;n;c####enabled: true,' $PLEROMA_DIR/config/config.exs
    sed -i 's|####enabled|  enabled|g' $PLEROMA_DIR/config/config.exs
    sed -i 's|redirect_on_failure:.*|redirect_on_failure: false|g' $PLEROMA_DIR/config/config.exs
    sed -i 's|:chat, enabled:.*|:chat, enabled: false|g' $PLEROMA_DIR/config/config.exs

    # set registrations open initially
    sed -i 's|registrations_open:.*|registrations_open: true,|g' $PLEROMA_DIR/config/config.exs
    sed -i 's|"registrationOpen":.*|"registrationOpen": true,|g' $PLEROMA_DIR/priv/static/static/config.json

    if ! grep -q "media_proxy" $PLEROMA_DIR/priv/static/static/config.json; then
        sed -i '/"name":/a "media_proxy": true,' $PLEROMA_DIR/priv/static/static/config.json
        sed -i 's|"media_proxy"|  "media_proxy"|g' $PLEROMA_DIR/priv/static/static/config.json
    else
        sed -i 's|"media_proxy".*|"media_proxy": false,|g' $PLEROMA_DIR/priv/static/static/config.json
    fi
    sed -i 's|"chatDisabled":.*|"chatDisabled": true,|g' $PLEROMA_DIR/priv/static/static/config.json

    systemctl daemon-reload
    systemctl enable pleroma
    systemctl start pleroma

    cd $PLEROMA_DIR || exit 1935638
    mix register_user "$MY_USERNAME" "$MY_USERNAME" "$MY_EMAIL_ADDRESS" $"Your bio goes here" "$PLEROMA_ADMIN_PASSWORD"

    APP_INSTALLED=1
}

# NOTE: deliberately there is no "exit 0"