From a9c3de14ff13b2b090608e879d6a59d4417db846 Mon Sep 17 00:00:00 2001 From: Jake Jarvis Date: Tue, 3 Jan 2023 12:29:21 -0500 Subject: [PATCH] fix super-linter complaints --- .github/workflows/super-linter.yml | 14 +++++++++----- .gitignore | 2 ++ init.sh | 16 ++++++++-------- scripts/backup.sh | 1 + scripts/customize.sh | 3 ++- scripts/install.sh | 13 ++++++++++--- scripts/upgrade.sh | 1 + scripts/version.sh | 1 + scripts/weekly_cleanup.sh | 1 + 9 files changed, 35 insertions(+), 17 deletions(-) diff --git a/.github/workflows/super-linter.yml b/.github/workflows/super-linter.yml index 0389e36..2fed67d 100644 --- a/.github/workflows/super-linter.yml +++ b/.github/workflows/super-linter.yml @@ -1,5 +1,5 @@ -# This workflow executes several linters on changed files based on languages used in your code base whenever -# you push a code or open a pull request. +# This workflow executes several linters on changed files based on languages +# used in your code base whenever you push a code or open a pull request. # # You can adjust the behavior by modifying this file. # For more information, see: @@ -8,9 +8,10 @@ name: Lint Code Base on: push: - branches: [ "main" ] + branches: ["main"] pull_request: - branches: [ "main" ] + branches: ["main"] + jobs: run-lint: runs-on: ubuntu-latest @@ -18,10 +19,13 @@ jobs: - name: Checkout code uses: actions/checkout@v3 with: - # Full git history is needed to get a proper list of changed files within `super-linter` + # Full git history is needed to get a proper + # list of changed files within `super-linter` fetch-depth: 0 - name: Lint Code Base + # Using the slim image drastically reduces build and runtime, see: + # https://github.com/github/super-linter#slim-image uses: github/super-linter/slim@v4 env: DEFAULT_BRANCH: "main" diff --git a/.gitignore b/.gitignore index 3a745f6..e396e28 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,5 @@ +*.log + # here be secrets *.env* !.env.example diff --git a/init.sh b/init.sh index 64f634b..07e7e18 100755 --- a/init.sh +++ b/init.sh @@ -4,13 +4,13 @@ export MASTODON_USER=mastodon # default paths -export MASTODON_ROOT="/home/$MASTODON_USER" # home dir of the user above -export UTILS_ROOT="$MASTODON_ROOT/utils" # this repository -export APP_ROOT="$MASTODON_ROOT/live" # actual Mastodon files -export BACKUPS_ROOT="$MASTODON_ROOT/backups" # backups destination -export LOGS_ROOT="$MASTODON_ROOT/logs" # logs destintation -export RBENV_ROOT="$MASTODON_ROOT/.rbenv" # rbenv (w/ ruby-build plugin) directory -export NVM_DIR="$MASTODON_ROOT/.nvm" # nvm directory +export MASTODON_ROOT="/home/$MASTODON_USER" # home dir of the user above +export UTILS_ROOT="$MASTODON_ROOT/utils" # this repository +export APP_ROOT="$MASTODON_ROOT/live" # actual Mastodon files +export BACKUPS_ROOT="$MASTODON_ROOT/backups" # backups destination +export LOGS_ROOT="$MASTODON_ROOT/logs" # logs destintation +export RBENV_ROOT="$MASTODON_ROOT/.rbenv" # rbenv (w/ ruby-build plugin) directory +export NVM_DIR="$MASTODON_ROOT/.nvm" # nvm directory # automatically detect glitch-soc # shellcheck disable=SC2155 @@ -75,7 +75,7 @@ as_mastodon() { # run 'bin/tootctl' as MASTODON_USER in APP_ROOT from anywhere (`tootctl version`) tootctl() { - ( cd "$APP_ROOT" && as_mastodon RAILS_ENV=production ruby ./bin/tootctl "$@" ) + (cd "$APP_ROOT" && as_mastodon RAILS_ENV=production ruby ./bin/tootctl "$@") } # --- diff --git a/scripts/backup.sh b/scripts/backup.sh index 5edd6dd..5432d5d 100755 --- a/scripts/backup.sh +++ b/scripts/backup.sh @@ -10,6 +10,7 @@ set -euo pipefail echo -e "\n===== backup.sh: started at $(date '+%Y-%m-%d %H:%M:%S') =====\n" # initialize paths +# shellcheck disable=SC1091 . "$(dirname "${BASH_SOURCE[0]}")"/../init.sh if [ "$(systemctl is-active mastodon-web.service)" = "active" ]; then diff --git a/scripts/customize.sh b/scripts/customize.sh index cd397ff..6fed08b 100755 --- a/scripts/customize.sh +++ b/scripts/customize.sh @@ -4,6 +4,7 @@ set -euo pipefail # initialize paths +# shellcheck disable=SC1091 . "$(dirname "${BASH_SOURCE[0]}")"/../init.sh # re-detect glitch-soc @@ -48,7 +49,7 @@ fi # --- # apply a more restrictive robots.txt -as_mastodon tee "$APP_ROOT/public/robots.txt" > /dev/null </dev/null </dev/null # check for existing installation @@ -146,7 +147,10 @@ as_mastodon bundle install --jobs "$(getconf _NPROCESSORS_ONLN)" as_mastodon yarn install --pure-lockfile # set up database w/ random alphanumeric password -DB_PASSWORD=$(< /dev/urandom tr -dc A-Za-z0-9 | head -c32; echo) +DB_PASSWORD=$( + tr > $LOGS_ROOT/cron.log 2>&1\" @weekly bash -c \"$UTILS_ROOT/scripts/backup.sh >> $LOGS_ROOT/cron.log 2>&1\" # automatically renew Let's Encrypt certificates # https://certbot.eff.org/instructions?ws=nginx&os=pip 0 0,12 * * * root /opt/certbot/bin/python -c \"import random; import time; time.sleep(random.random() * 3600)\" && certbot renew -q -") | sudo crontab - +" +) | sudo crontab - echo "🎉 done! don't forget to fill in .env.production with optional credentials" echo "https://$MASTODON_DOMAIN/auth/sign_in" diff --git a/scripts/upgrade.sh b/scripts/upgrade.sh index e514880..9eb0885 100755 --- a/scripts/upgrade.sh +++ b/scripts/upgrade.sh @@ -14,6 +14,7 @@ if [ "$MY_NAME_IS_JAKE_JARVIS" != "pinky promise" ]; then fi # initialize paths +# shellcheck disable=SC1091 . "$(dirname "${BASH_SOURCE[0]}")"/../init.sh # pull latest mastodon source diff --git a/scripts/version.sh b/scripts/version.sh index 30879d9..2a14919 100755 --- a/scripts/version.sh +++ b/scripts/version.sh @@ -4,6 +4,7 @@ set -euo pipefail # initialize paths +# shellcheck disable=SC1091 . "$(dirname "${BASH_SOURCE[0]}")"/../init.sh echo "* rbenv: $(rbenv --version)" diff --git a/scripts/weekly_cleanup.sh b/scripts/weekly_cleanup.sh index 6f8af6c..93d41db 100755 --- a/scripts/weekly_cleanup.sh +++ b/scripts/weekly_cleanup.sh @@ -10,6 +10,7 @@ set -o pipefail echo -e "\n===== weekly_cleanup.sh: started at $(date '+%Y-%m-%d %H:%M:%S') =====\n" # initialize paths +# shellcheck disable=SC1091 . "$(dirname "${BASH_SOURCE[0]}")"/../init.sh tootctl media remove --days 14