212 lines
6.3 KiB
Bash
212 lines
6.3 KiB
Bash
#!/usr/bin/env bash
|
|
|
|
# Copyright (c) 2021-2025 community-scripts ORG
|
|
# Author: MickLesk (CanbiZ)
|
|
# License: MIT | https://github.com/community-scripts/ProxmoxVED/raw/main/LICENSE
|
|
# Source: https://pixelfed.org/
|
|
|
|
source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
|
|
color
|
|
verb_ip6
|
|
catch_errors
|
|
setting_up_container
|
|
network_check
|
|
update_os
|
|
|
|
msg_info "Installing Dependencies"
|
|
$STD apt-get install -y \
|
|
nginx \
|
|
redis-server \
|
|
ffmpeg \
|
|
jpegoptim \
|
|
optipng \
|
|
pngquant \
|
|
gifsicle
|
|
msg_ok "Installed Dependencies"
|
|
|
|
msg_info "Creating Pixelfed User"
|
|
useradd -rU -s /bin/bash pixelfed
|
|
usermod -aG redis pixelfed
|
|
msg_ok "Created Pixelfed User"
|
|
|
|
import_local_ip
|
|
PG_VERSION="17" setup_postgresql
|
|
PG_DB_NAME="pixelfed" PG_DB_USER="pixelfed" setup_postgresql_db
|
|
PHP_VERSION="8.4" PHP_FPM="YES" PHP_MODULE="bcmath,ctype,exif,imagick,pgsql,redis,tokenizer" PHP_UPLOAD_MAX_FILESIZE="500M" PHP_POST_MAX_SIZE="500M" PHP_MAX_EXECUTION_TIME="600" setup_php
|
|
setup_composer
|
|
|
|
msg_info "Configuring Redis"
|
|
REDIS_PASS=$(openssl rand -base64 18 | tr -dc 'a-zA-Z0-9' | head -c13)
|
|
sed -i "s/^# requirepass foobared/requirepass $REDIS_PASS/" /etc/redis/redis.conf
|
|
sed -i "s/^requirepass .*/requirepass $REDIS_PASS/" /etc/redis/redis.conf
|
|
systemctl restart redis-server
|
|
msg_ok "Redis configured"
|
|
|
|
msg_info "Configuring PHP-FPM Pool"
|
|
mkdir -p /run/php-fpm
|
|
cp /etc/php/8.4/fpm/pool.d/www.conf /etc/php/8.4/fpm/pool.d/pixelfed.conf
|
|
sed -i 's/\[www\]/[pixelfed]/' /etc/php/8.4/fpm/pool.d/pixelfed.conf
|
|
sed -i 's/^user = www-data/user = pixelfed/' /etc/php/8.4/fpm/pool.d/pixelfed.conf
|
|
sed -i 's/^group = www-data/group = pixelfed/' /etc/php/8.4/fpm/pool.d/pixelfed.conf
|
|
sed -i 's|^listen = .*|listen = /run/php-fpm/pixelfed.sock|' /etc/php/8.4/fpm/pool.d/pixelfed.conf
|
|
sed -i 's/^listen.owner = .*/listen.owner = pixelfed/' /etc/php/8.4/fpm/pool.d/pixelfed.conf
|
|
sed -i 's/^listen.group = .*/listen.group = www-data/' /etc/php/8.4/fpm/pool.d/pixelfed.conf
|
|
systemctl restart php8.4-fpm
|
|
msg_ok "PHP-FPM Pool configured"
|
|
|
|
fetch_and_deploy_gh_release "pixelfed" "pixelfed/pixelfed" "tarball" "latest" "/opt/pixelfed"
|
|
|
|
msg_info "Installing Pixelfed (Patience)"
|
|
cd /opt/pixelfed
|
|
cp .env.example .env
|
|
sed -i "s|APP_URL=.*|APP_URL=http://${LOCAL_IP}|" .env
|
|
sed -i "s|APP_DOMAIN=.*|APP_DOMAIN=${LOCAL_IP}|" .env
|
|
sed -i "s|ADMIN_DOMAIN=.*|ADMIN_DOMAIN=${LOCAL_IP}|" .env
|
|
sed -i "s|SESSION_DOMAIN=.*|SESSION_DOMAIN=${LOCAL_IP}|" .env
|
|
sed -i "s|DB_CONNECTION=.*|DB_CONNECTION=pgsql|" .env
|
|
sed -i "s|DB_HOST=.*|DB_HOST=127.0.0.1|" .env
|
|
sed -i "s|DB_PORT=.*|DB_PORT=5432|" .env
|
|
sed -i "s|DB_DATABASE=.*|DB_DATABASE=${PG_DB_NAME}|" .env
|
|
sed -i "s|DB_USERNAME=.*|DB_USERNAME=${PG_DB_USER}|" .env
|
|
sed -i "s|DB_PASSWORD=.*|DB_PASSWORD=${PG_DB_PASS}|" .env
|
|
sed -i "s|REDIS_HOST=.*|REDIS_HOST=127.0.0.1|" .env
|
|
sed -i "s|REDIS_PASSWORD=.*|REDIS_PASSWORD=${REDIS_PASS}|" .env
|
|
sed -i "s|REDIS_PORT=.*|REDIS_PORT=6379|" .env
|
|
sed -i "s|ACTIVITY_PUB=.*|ACTIVITY_PUB=true|" .env
|
|
sed -i "s|AP_REMOTE_FOLLOW=.*|AP_REMOTE_FOLLOW=true|" .env
|
|
sed -i "s|OAUTH_ENABLED=.*|OAUTH_ENABLED=true|" .env
|
|
|
|
chown -R pixelfed:pixelfed /opt/pixelfed
|
|
chmod -R 755 /opt/pixelfed
|
|
chmod -R 775 /opt/pixelfed/storage /opt/pixelfed/bootstrap/cache
|
|
|
|
export COMPOSER_ALLOW_SUPERUSER=1
|
|
cd /opt/pixelfed
|
|
$STD composer install --no-dev --no-ansi --no-interaction --optimize-autoloader
|
|
|
|
sudo -u pixelfed php artisan key:generate
|
|
sudo -u pixelfed php artisan storage:link
|
|
$STD sudo -u pixelfed php artisan migrate --force
|
|
$STD sudo -u pixelfed php artisan import:cities
|
|
$STD sudo -u pixelfed php artisan passport:keys
|
|
$STD sudo -u pixelfed php artisan route:cache
|
|
$STD sudo -u pixelfed php artisan view:cache
|
|
$STD sudo -u pixelfed php artisan config:cache
|
|
$STD sudo -u pixelfed php artisan instance:actor
|
|
$STD sudo -u pixelfed php artisan horizon:install
|
|
msg_ok "Pixelfed installed"
|
|
|
|
msg_info "Configuring Nginx"
|
|
cat <<'EOF' >/etc/nginx/sites-available/pixelfed
|
|
server {
|
|
listen 80;
|
|
server_name _;
|
|
root /opt/pixelfed/public;
|
|
index index.php;
|
|
|
|
charset utf-8;
|
|
client_max_body_size 100M;
|
|
|
|
add_header X-Frame-Options "SAMEORIGIN";
|
|
add_header X-XSS-Protection "1; mode=block";
|
|
add_header X-Content-Type-Options "nosniff";
|
|
|
|
location / {
|
|
try_files $uri $uri/ /index.php?$query_string;
|
|
}
|
|
|
|
location = /favicon.ico { access_log off; log_not_found off; }
|
|
location = /robots.txt { access_log off; log_not_found off; }
|
|
|
|
error_page 404 /index.php;
|
|
|
|
location ~ \.php$ {
|
|
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
|
fastcgi_pass unix:/run/php-fpm/pixelfed.sock;
|
|
fastcgi_index index.php;
|
|
include fastcgi_params;
|
|
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
|
}
|
|
|
|
location ~ /\.(?!well-known).* {
|
|
deny all;
|
|
}
|
|
}
|
|
EOF
|
|
ln -sf /etc/nginx/sites-available/pixelfed /etc/nginx/sites-enabled/pixelfed
|
|
rm -f /etc/nginx/sites-enabled/default
|
|
$STD nginx -t
|
|
systemctl enable -q --now nginx
|
|
msg_ok "Nginx configured"
|
|
|
|
msg_info "Creating Services"
|
|
cat <<'EOF' >/etc/systemd/system/pixelfed-horizon.service
|
|
[Unit]
|
|
Description=Pixelfed Horizon Queue Worker
|
|
After=network.target redis-server.service postgresql.service
|
|
Requires=redis-server.service
|
|
|
|
[Service]
|
|
Type=simple
|
|
User=pixelfed
|
|
WorkingDirectory=/opt/pixelfed
|
|
ExecStart=/usr/bin/php /opt/pixelfed/artisan horizon
|
|
Restart=always
|
|
RestartSec=5
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|
|
EOF
|
|
|
|
cat <<'EOF' >/etc/systemd/system/pixelfed-scheduler.service
|
|
[Unit]
|
|
Description=Pixelfed Task Scheduler
|
|
After=network.target
|
|
|
|
[Service]
|
|
Type=oneshot
|
|
User=pixelfed
|
|
WorkingDirectory=/opt/pixelfed
|
|
ExecStart=/usr/bin/php /opt/pixelfed/artisan schedule:run
|
|
EOF
|
|
|
|
cat <<'EOF' >/etc/systemd/system/pixelfed-scheduler.timer
|
|
[Unit]
|
|
Description=Run Pixelfed Scheduler every minute
|
|
|
|
[Timer]
|
|
OnCalendar=*-*-* *:*:00
|
|
Persistent=true
|
|
|
|
[Install]
|
|
WantedBy=timers.target
|
|
EOF
|
|
|
|
systemctl daemon-reload
|
|
systemctl enable -q --now pixelfed-horizon
|
|
systemctl enable -q --now pixelfed-scheduler.timer
|
|
msg_ok "Services created"
|
|
|
|
msg_info "Saving Credentials"
|
|
CREDS_FILE="/root/pixelfed.creds"
|
|
{
|
|
echo "Pixelfed Credentials"
|
|
echo ""
|
|
echo "PostgreSQL"
|
|
echo " Database: ${PG_DB_NAME}"
|
|
echo " User: ${PG_DB_USER}"
|
|
echo " Password: ${PG_DB_PASS}"
|
|
echo ""
|
|
echo "Redis"
|
|
echo " Host: 127.0.0.1:6379"
|
|
echo " Password: ${REDIS_PASS}"
|
|
echo ""
|
|
echo "Web Interface: http://${LOCAL_IP}"
|
|
echo "Config: /opt/pixelfed/.env"
|
|
} >"$CREDS_FILE"
|
|
msg_ok "Credentials saved to ${CREDS_FILE}"
|
|
|
|
motd_ssh
|
|
customize
|
|
cleanup_lxc
|