Untitled

apt -y install tmux
apt -y install curl
curl -sL https://deb.nodesource.com/setup_6.x | bash -
curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add -
echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list
apt update
apt -y install imagemagick ffmpeg libpq-dev libxml2-dev libxslt1-dev file git-core g++ libprotobuf-dev protobuf-compiler pkg-config nodejs gcc autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm3 libgdbm-dev nginx redis-server redis-tools postgresql postgresql-contrib letsencrypt yarn libidn11-dev libicu-dev
adduser mastodon
sudo su - mastodon
git clone https://github.com/rbenv/rbenv.git ~/.rbenv
cd ~/.rbenv && src/configure && make -C src
echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> ~/.bashrc
echo 'eval "$(rbenv init -)"' >> ~/.bashrc
exec bash
type rbenv
git clone https://github.com/rbenv/ruby-build.git ~/.rbenv/plugins/ruby-build
rbenv install 2.4.2
rbenv global 2.4.2
cd ~
git clone https://github.com/tootsuite/mastodon.git live
cd ~/live
git checkout $(git tag -l | grep -v 'rc[0-9]*$' | sort -V | tail -n 1)
gem install bundler
bundle install --deployment --without development test
yarn install --pure-lockfile
su
sudo -u postgres psql
CREATE USER mastodon CREATEDB;
\q
cd /etc/nginx/sites-available
vi /etc/nginx/sites-available/kemoshi.co.conf

----

map $http_upgrade $connection_upgrade {
  default upgrade;
  ''      close;
}

server {
  listen 80;
  listen [::]:80;
  server_name kemoshi.co;
  root /home/mastodon/live/public;
  # Useful for Let's Encrypt
  location /.well-known/acme-challenge/ { allow all; }
  location / { return 301 https://$host$request_uri; }
}

server {
  listen 443 ssl http2;
  listen [::]:443 ssl http2;
  server_name kemoshi.co;

  ####################
  # SECURITY WARNING #
  ####################
  #
  # Providing a state of the art TLS configuration
  # is beyond the scope of this documentation.
  #
  # You need to replace this comment with a proper
  # ssl configuration template for nginx.
  #
  # If you don't know were to start, you can get one here :
  # https://mozilla.github.io/server-side-tls/ssl-config-generator/
  #
  # This configuration file won't work without ssl configuration directives.

  keepalive_timeout    70;
  sendfile             on;
  client_max_body_size 0;

  root /home/mastodon/live/public;

  gzip on;
  gzip_disable "msie6";
  gzip_vary on;
  gzip_proxied any;
  gzip_comp_level 6;
  gzip_buffers 16 8k;
  gzip_http_version 1.1;
  gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

  location / {
    try_files $uri @proxy;
  }

  location ~ ^/(emoji|packs|system/accounts/avatars|system/media_attachments/files) {
    add_header Cache-Control "public, max-age=31536000, immutable";
    try_files $uri @proxy;
  }

  location /sw.js {
    add_header Cache-Control "public, max-age=0";
    try_files $uri @proxy;
  }

  location @proxy {
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto https;
    proxy_set_header Proxy "";
    proxy_pass_header Server;

    proxy_pass http://127.0.0.1:3000;
    proxy_buffering off;
    proxy_redirect off;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $connection_upgrade;

    tcp_nodelay on;
  }

  location /api/v1/streaming {
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto https;
    proxy_set_header Proxy "";

    proxy_pass http://127.0.0.1:4000;
    proxy_buffering off;
    proxy_redirect off;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $connection_upgrade;

    tcp_nodelay on;
  }

  error_page 500 501 502 503 504 /500.html;
}

----

cd /etc/nginx/sites-enabled
ln -s ../sites-available/kemoshi.co.conf
systemctl stop nginx
letsencrypt certonly --standalone -d kemoshi.co
systemctl start nginx
letsencrypt certonly --webroot -d kemoshi.co -w /home/mastodon/live/public/
vi /etc/cron.daily/letsencrypt-renew

----

letsencrypt renew
systemctl reload nginx

----

chmod +x /etc/cron.daily/letsencrypt-renew
systemctl restart cron

----

sudo su - mastodon
cd ~/live
cp .env.production.sample .env.production
vi .env.production

----

# Your Redis host
REDIS_HOST=127.0.0.1
# Your Redis port
REDIS_PORT=6379
# Your PostgreSQL host
DB_HOST=/var/run/postgresql
# Your PostgreSQL user
DB_USER=mastodon
# Your PostgreSQL DB name
DB_NAME=mastodon_production
# Leave DB password empty
DB_PASS=Krmt.k2011po
# Your DB_PORT
DB_PORT=5432

# Your instance's domain
LOCAL_DOMAIN=mstdn.kemoshi.co
# We have HTTPS enabled
LOCAL_HTTPS=true

# Application secrets
# Generate each with `RAILS_ENV=production bundle exec rake secret`
PAPERCLIP_SECRET=
SECRET_KEY_BASE=
OTP_SECRET=

# Web Push VAPID keys
# Generate with `RAILS_ENV=production bundle exec rake mastodon:webpush:generate_vapid_key`
VAPID_PRIVATE_KEY=
VAPID_PUBLIC_KEY=

# All SMTP details, Mailgun and Sparkpost have free tiers
SMTP_SERVER=smtp.kemono-friends.xyz
SMTP_PORT=587
SMTP_LOGIN=confirm_kemoshi.co@kemono-friends.xyz
SMTP_PASSWORD=krmt#k2011po
SMTP_FROM_ADDRESS=

----

RAILS_ENV=production bundle exec rails db:setup
RAILS_ENV=production bundle exec rails assets:precompile