From e9fc6f58a32b0ab4a2bf4a763f71301efb931850 Mon Sep 17 00:00:00 2001
From: Aleksandr Bogdanov <syn@syn.im>
Date: Tue, 30 Oct 2018 16:46:13 +0100
Subject: [PATCH] Initial commit

---
 .dockerignore         |   6 +++
 .gitignore            |   3 ++
 CHANGELOG             |   2 +
 CloudronManifest.json |  30 +++++++++++++
 DESCRIPTION.md        |  15 +++++++
 Dockerfile            |  48 +++++++++++++++++++++
 docker-compose.yml    |  32 ++++++++++++++
 logo.png              | Bin 0 -> 13999 bytes
 mastodon.env.template |  41 ++++++++++++++++++
 nginx.conf            |  96 ++++++++++++++++++++++++++++++++++++++++++
 start.sh              |  28 ++++++++++++
 11 files changed, 301 insertions(+)
 create mode 100644 .dockerignore
 create mode 100644 .gitignore
 create mode 100644 CHANGELOG
 create mode 100644 CloudronManifest.json
 create mode 100644 DESCRIPTION.md
 create mode 100644 Dockerfile
 create mode 100644 docker-compose.yml
 create mode 100644 logo.png
 create mode 100644 mastodon.env.template
 create mode 100644 nginx.conf
 create mode 100755 start.sh

diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 0000000..f618e9b
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,6 @@
+.git
+.gitignore
+.dockerignore
+node_modules
+mastodon
+.idea
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..481bf12
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,3 @@
+node_modules
+mastodon
+.idea
diff --git a/CHANGELOG b/CHANGELOG
new file mode 100644
index 0000000..3206be8
--- /dev/null
+++ b/CHANGELOG
@@ -0,0 +1,2 @@
+[2.5.2]
+* Initial Cloudron packaging
diff --git a/CloudronManifest.json b/CloudronManifest.json
new file mode 100644
index 0000000..ec9f332
--- /dev/null
+++ b/CloudronManifest.json
@@ -0,0 +1,30 @@
+{
+  "id": "org.joinmastodon.cloudronapp",
+  "title": "Mastodon",
+  "author": "Matodon Authors",
+  "description": "file://DESCRIPTION.md",
+  "changelog": "file://CHANGELOG",
+  "tagline": "A federated microblogging network that is decentralized between independently operated servers",
+  "version": "2.5.2",
+  "healthCheckPath": "/about",
+  "httpPort": 8000,
+  "memoryLimit": 536870912,
+  "addons": {
+    "localstorage": {},
+    "postgresql": {},
+    "redis": {},
+    "sendmail": {}
+  },
+  "minBoxVersion": "1.8.1",
+  "manifestVersion": 1,
+  "website": "https://joinmastodon.org/",
+  "contactEmail": "syn+cloudron@syn.im",
+  "icon": "logo.png",
+  "tags": [
+    "social",
+    "forum"
+  ],
+  "mediaLinks": [
+    "https://upload.wikimedia.org/wikipedia/commons/0/0b/Mastodon_desktop_web_screenshot.png"
+  ]
+}
diff --git a/DESCRIPTION.md b/DESCRIPTION.md
new file mode 100644
index 0000000..4043383
--- /dev/null
+++ b/DESCRIPTION.md
@@ -0,0 +1,15 @@
+Social networking, back in your hands
+=====
+Follow friends and discover new ones. Publish anything you want: links, pictures, text, video. All on a platform that is community-owned and ad-free.
+
+Find your perfect community
+=====
+Mastodon isn’t just a website, it is a federation—think Star Trek. Thousands of independent communities running Mastodon form a coherent network, where while every planet is different, being part of one is being part of the whole.
+
+Safer social media experience
+=====
+Mastodon comes with effective anti-abuse tools to help protect yourself. Thanks to the network's spread out and independent nature there are more moderators who you can approach for personal help, and servers with strict codes of conduct.
+
+Sharing your thoughts has never been more convenient
+=====
+You have 500 characters. You can adjust the thumbnails of your pictures with focal points. You can use custom emojis, hide things behind spoiler warnings and choose who sees a given post. Messed it up? You can delete & redraft for quick corrections.
\ No newline at end of file
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..78e79ca
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,48 @@
+FROM cloudron/base:1.0.0
+
+RUN mkdir -p /app/code
+WORKDIR /app/code
+
+RUN curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add -
+RUN echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list
+
+# the following does apt-get update
+RUN curl -sL https://deb.nodesource.com/setup_8.x | bash -
+
+RUN apt-get install -y \
+    imagemagick ffmpeg libpq-dev libxml2-dev libxslt1-dev file git-core \
+    g++ libprotobuf-dev protobuf-compiler pkg-config nodejs gcc autoconf \
+    bison build-essential libssl-dev libyaml-dev libreadline6-dev \
+    zlib1g-dev libncurses5-dev libffi-dev libgdbm5 libgdbm-dev \
+    nginx redis-server redis-tools postgresql postgresql-contrib \
+    certbot yarn libidn11-dev libicu-dev libjemalloc-dev \
+    ruby2.5
+
+RUN gem install bundler --no-ri --no-rdoc
+
+RUN rm -r /etc/nginx/sites-enabled/default /var/lib/nginx /var/log/nginx
+RUN mkdir -p /run/nginx && ln -fs /run/nginx /var/lib/nginx && ln -fs /run/nginx/log /var/log/nginx
+
+RUN git init && \
+    git remote add origin https://github.com/tootsuite/mastodon.git && \
+    git fetch --depth=1 origin $(git ls-remote --tags | grep refs/tags | grep -v 'rc[0-9]*$' | cut -f2 | sort -V | tail -n 1 | cut -d '/' -f3-) && \
+    git checkout FETCH_HEAD
+
+RUN bundle install -j$(getconf _NPROCESSORS_ONLN) --deployment --without development test && \
+    yarn install --pure-lockfile
+
+ENV GEM_PATH=/app/code/vendor/bundle/ruby/2.5.0/gems/ RAILS_ENV=production NODE_ENV=production
+
+# secret keys are not built into assets, so precompiling is safe to do here
+# (these variables are required by rake though)
+RUN SECRET_KEY_BASE=insecure.secret_key_base OTP_SECRET=insecure.otp_secret \
+    bundle exec rake assets:precompile
+
+RUN ln -fs /app/data/.env.production /app/code/.env.production
+RUN ln -fs /app/data/bullet.log /app/code/log/bullet.log
+RUN ln -fs /app/data/system /app/code/public/system
+CMD /app/code/start.sh
+
+COPY nginx.conf /etc/nginx/sites-enabled/mastodon
+COPY mastodon.env.template /app/code
+COPY start.sh /app/code
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 0000000..4f51400
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,32 @@
+version: '2.4'
+
+services:
+  mastodon:
+    build: .
+    ports:
+      - 3000
+      - 4000
+      - 80:8000
+    environment:
+      - LOCAL_DOMAIN=localhost
+      - LOCAL_HTTPS=false
+      - POSTGRESQL_HOST=postgres
+      - POSTGRESQL_DATABASE=postgres
+      - POSTGRESQL_USERNAME=postgres
+      - POSTGRESQL_PASSWORD=postgres
+      - REDIS_HOST=redis
+    volumes:
+      - data:/app/data
+    tmpfs:
+      - /run
+      - /tmp
+  postgres:
+    image: postgres
+    environment:
+      - POSTGRES_PASSWORD=postgres
+
+  redis:
+    image: redis
+
+volumes:
+  data:
\ No newline at end of file
diff --git a/logo.png b/logo.png
new file mode 100644
index 0000000000000000000000000000000000000000..d0dfdd66b7c8d705ee4940b04f26f98b781a73ba
GIT binary patch
literal 13999
zcmb8WcUV-*@-{liRuoZCl(1nyKtLob0uE7f&XSWLIfo%91(7(2NKUfJ86-O-5g6hi
z8HSu;U_f$)ui5*Y@BG5O&vWk|KDc_idsS6;S69{hu22;v={tmf5<(!5JF+qoY7ht>
z1_HTu>*h7k64`3A2>#%?s7Z@KO3>76;NcI8SBkG7kn*V8XK${9=Ua|4IxY|h^yAe(
zyr`vZGYEuNLRR9HhKC_;>extsY3|bZGOM)w#fWw$yjah)xVT(buL{#XlAZ5X4tGet
zF2?(9i%OP@j>-J_sn~%KSJBUAA};)%8$HcL_#Q@eFKJCnK5=#Hl(?YR&pl4W3!4+4
zf8-l|>4Jt&ZL`w_kz5ypl8S}g&p_OwlL%Eo1(EzEk!LD)Q<Z**n=a_dJ#2z@%v-NK
zq(4_mN08SI-32S7$HTu83vTTjS*;^UWYX+pHF)=FtTtY%j5eT1FTX#n#>o|(nN)80
zyu~H{?ov09e=0yuvra-ryQS~+&8Bzlcd*Oc&h6;1?tZA2DY9_k)CNh+w?}<=kY=xx
za>&eC!zA>h@dSO5<M@<Bo&ZVE8ihE#!=xs@)>Brk7^M9tHeoSQ!b|2$(vw=3i`I;j
zG@O>{IyzYLB^pL?(l>qJ?>hynYPlR)Ue+4rQ#4#kt*o5ez78i{8H(U6xbPn=7;-g|
z?Pb`tN!QW8?0y(oT4Z<fvwiuny7J7$dv;gI?)f2se3V-eY`AJk&DF^6ki|&s3o>ut
z<ML~@z)cqZA?~^~?HOZv9)sa&_rLPBB4pbvHHZW)XbF9*k+^fa3qHORiE`npJj2QY
zjkg?p8LbQ#V}ecf+xvHf`)6r!w(KyH2Mg}papVgpnUO;Ax-lji)5FRAZaj3EA7F0s
zH*S2Kn8(+eIBjJ)8<FqNW`^Z%-M+vT23UTwi02InZrII<dv|X$b?Kh}K<ldBgF|v}
z3>o$Mm@6H<)Z_|&=d#RqzBb2+h71HWw&zzFf1vQh=P}iXdTxL1hBx5+IUMd~R-alt
zPpgXDmP|`$&-c&lVU`-tmKLbi57YGWrb4Ru;)`P@6sZ5ij>X-}ZP3D;H0G}vy1>|O
z)S0C04_I$0FOSGIjX5UVVoY0!dr@CicMPmHe<pR-FSMdu**=JQ^U9V6tGy->lPF)@
z36{s?%ibJfWOU@T)w5)emGEX%PpPkG<YA!QyO$rulQ|`nj_>29@G);BZ0}>WWA}1y
zlvW?&iV&QFBim89cSfZL7qvmGL{B=7{<7vyB4bu&{3xc!A=y{`7<SCBI;Vmfd7MgF
zV!but#;ED~=xAALMtrvx4T(`mSUT>-<n$d@#-@gcyx*MrDQ+ePO@83d)6i6c+_U^h
zQQ-IkPwrmkI}v+p4q=irtXvN%cJ!`}iC3O!=6yx;yL@{g7pdR!J?Z&)n}yrSJq>jx
zcuf5rwcz?h43+pv6tr0FnylwPbCXHCmEF$G3NQNyU~41<w$?3deYCv1eF6h?!Q@kd
zA1vSIExaEP;nG;crMmF%C08kmBxGzZGzD;MrfBX@eha?bw42c*C13H!l;ZWX3^}1?
zvw~Z>-i-YCRjTEUQp|lnXBZR5<I|XHrv(>G`I-d32~T+~CG`VXB1S8eFpgLbqRd%x
zX`-A=@d9;P`!(7kZ$Z!8*zqVuq<mHzwKd{IcdcV2b+91KXqw-}UnNC?X+Ur+RXor1
zr9ngDH<xIZ<fPYWg!jwB<3~N>(^iYN7BA|`#i2IaK_}q!db}~qbmhYP)kb=IJ!k7S
zIH^Q;xo0j{oxGvxJB$|<HRs#cC*yA<yajp_Ok6v)MygYCm`#$zk2t;dPCpXw&Fl>L
z;HR;1>?pk+nqwH;&ETX3t#K!2%il<;%z6c5gJ{bTMTFh`!&7+TAv^_5<WTqEycff?
z_6YLziv`&zr$9fY%X+c%-O>g0bWh4px)C>g+r`bqVcJd0hJlgX^FNVHh~kCY?-oxd
z&fJ}vxQz8;v^<->-zT-G!8lY6E;PfYRUe+VIhWkUzv~2!f6w_3iLT?CH~a+%;C$*E
ze=s-1L#Ste)KwKK!P}rh*(u`Kqk56fl+A#JNY0%i{_&+D0$E!lR73ucD7R|4ElLQ1
zx4ljv^J+8k$%X-HqO{%P3%+A6<!PV^PY(PYgUKkYWPLTg=j?s}a!LfbT*%5@{9uDt
zZ)E#>#T?SYnSd(5MtF=&24=#foILDg;b7jiY`)eDnRQlXD-zgJwtn$uVk{p~V-Px}
z)v^nRNI9)k7FeBP?1bb~gs|Eh^Z9z`1JeYM&Md||@3eJU?;_i7z$d4LeosD2`-cB1
z7M#t&-dn}OwhxEb!6tCJwB=BNbo2s$tQ$JUEH}E1#`3#B@H+aM8ttKfRuAraV@I5}
ze|)WU!F$A9T6{RZs(SC?I=>MA*=8J>Rn0X~8YXtDoBKqTOMkh2DKy>AjW82{tgdEw
zRyE4V6;gc2)P%b4oBN>^A3*kaGg@7^zn-|z6AnA+`2<`)z@vEU6OH9-&R0V<I%1h!
z5|i%)yz}GAJW=tD(u83pLt!O%54QK7LtHlU)LifLudmk@G&qQbN@I*5#-E%93!idG
zS6x$MAsa1Uo%gorZ-XenS9l&$jd#Hs2c*dH%Ob2JZFQjD?_IeetdYrvRY+LL>(AH9
za}dcbEW${9<2o=$6i<P3>4)p^$@_{T9YS`Hq2E6fhnbVSs=U7On2$OYIefAZf;=(v
ziAIrb49azVPtZlJ{g@-y^2~<fLE^kU{Oq(Gqza#gn^;4Yi;dqgLc&gl!=!BDG0#g8
z<kah*3<V)imQp$O*iuTTvtZLk6YLGP5S3r^3#qzxi8Rl#W8_Lx>OJi35ZhU_)$3fJ
z5rs2z4=D4XxH5Y|ydf9l$$I1GBvH2F*9oEA)rgNx=LdaDY!!brn=`T7t<rLxnhKe&
zd&rvQ?$P5llU+0leSMgy!(E2pyzzM<r@NE{veB~mGB~1O!DD7teAnatp8=7PoCWrw
zN$&T?Kf!1&4kl(Ce#>$aL2Os*%<im3$R5&Dsi9bv++;a#L2R*uQ+B#ll+@?zV-vC8
zZKSI9ydceuJ&8f;D=?ZrX)b`KYq5}kVj-T=YQ7hF!zpk2>k#p&vuIw(-MvnZpPV|Y
zI;acFlaJ5q6!4l8(Wf!G<CLURSdXI#2P55H{dNfTdgupuFuFNk4_Ycf6~_yOP@A`3
zeAV>4A(0N-T&1KiYE7|&P;Ua;w6iZ{DMK&cm{wHwLuO@~w5PfF-*yDj!G^X+Uvpcz
z;5Gk<OWzp4Dvv(UMQu0!2z9Z}vbzo;Kzf_QZS*he*a(XkI1j4jsR$v6LpRTG&G#qS
zUt#v)#1YBp$acu&s+j1?#HZT@3x_r3Dk6}0FQ-_oLb24({!nkR^MQ7}fI@2fUoO@e
zXX{6?Rf+>~pg}=*;Ol~rgXf5onR;oZ4rEpgocKyzHh#~M?c1!0lBAFVzwcj_N^`|_
z@)zVd#Z4i<R$qvsa}h>{KYQ#TUp>v88aNgfQr3^MqB6K4lg1Ws{lboGpIxBOd2T>L
zIq(-Ju}2E>VwjtdfZvLWHJV?JnQCBZ-$Fxq-f;_Z<u2z-?#F2HHdap`o&>M^)s(EQ
zwe1i16Lkye>K=kC`EZ71Zt2CetUMJ>no;t(!e*0hf8Im0#?B0cZ}gYF1w8U3{#^5&
zr&~jW{@d@2$Ll)gg3}6dzVkH<DIIU?oR!@#jZL)*zU9}<JG*Xgqrsi2I6isSai+UQ
z@JgE0+_TjPbro10I$921#~G|+do3M0wL|ys+%U0H&b!Ro!XSAsWl$dlbp4SfYara3
zxn#M{krOWt^{=ehKNX>H3}q%8@%@gpbBF7@T0XOzRkO-S!*goU0~a<Gjpy*szW5hD
z^%d~$Y)fB@rt0v>P)n?7WP{7ykFDOh=SH546EMW%=kC46JG`}Rfi5;8V`NX7C>}Oh
zVYUL+?ui$JFlh!e+0$h)PU_!jPD>d2qm=)8|3PLQ%OZY*?YhTw^xZWxeDrS5{K<6`
z3=4~ZDlA2V@auAX;=*$6PHsDe(-vFb5aH!PA$Q?Z?b5feQTaW;&MS0w@Dck*?_u0o
z1-Dp6Thv;c*K2DIqkR6l@b_yh%9wZNN$p>uH0zFe4RvUE5PNWK7IGLnq;Q&Z{?~L&
zNHU2L|9;!F8=q0Dhl6}~Vq8$QK+5MLY=X4NEZ5-!?`7y(*=e0!k%J>R*o9<;5B%R<
zAZw;*t2W*@W>6v#$qZIjQIG>hzw~h88w<V%940JF<e7-3BEdItxqFt<%3Z1sDPPLh
zJ(e%NRvJN)lNvcGl-_z5=HtF$HAaK(TNpNyIHd4D{AHNy@>~jP5gfe5IwvkTHa%2)
zq0$%NrY*oXbsi{5K>fnc%Rjk^ee;aZ{;}!M_H<Hhr8~si)92MxzmyO;kGe>j%4MnM
znBTh)l$^m~d!#B#K@CqY8P4@(DX<&eU7&6-FkKd%cp7+)U*f%BuZ4<!yNphDBQ?Iw
zS$y#Hi05NxzV%kclm^8@xF7+RF!j&goH_$&d}_FiH(}Wa#@JNMtBsQ&Qc9|+ypzQi
zugsNrm6tVzrpw&#aFgmAFSWNyZX?DQXN)F{FG~5kd>RmqQFc9(-w@(L_yg!`515sD
zYz+M0&1>p7sjbO(rsM1fd57BS%%H3n%XptV3+wx{Ot)A@7*E%~5BrpO^{$mwhi;<T
z*T?Yqx|)S94ql52ICk2(R5fg&!h~cWUC3Bct(-&{q68`KP$iZ(eSO(96_=#a1S947
zjziB+SnR<JtyToc=ANcI_i`T&xgUra@3)Er-Exytc^UQIQ8plq4Elr~mc8@0U-?rq
z&1zLaN8l3Az{f=@e_?uPwsx)P=O4ojHQ8pCV|2R+z0V+WA-2%{oh)qcH9U8tL^a~G
zDmKCM>DNY)SUwvRE6XDwc{bGMy&^e1CW@KQ{0r<N9=b{KG5OptP+34*_J@u?FB{HK
zy!R#bfFD;Ki!(IbMWnlQTVM<%I{sCEZTCht61!KD(cVN0QJ=WFPY4)Q*Vnh70$Z<%
zwCAPi=%;fz!+pt@(<kr;lz2O6`J9wokR5QJss?3D;FDkSg$>~dck{YO$()}tK6Lbi
zx+hE&PRixEEGYwSWc@7Qtn7B*@kh@BCyzGl&ivg0uh06XjtT9E;_oC`G3$*MB;Us>
z-ib?%Iy3PM+_N*VceoQpMDcmV1M>?d4npfmK|YnZ=ymNBY5CK8bzYA4xTL{14P;a^
zMx*B~a%rFH%}<1B4!O9b|Mbp+mM{o6b~Et}ZU6dRvk+d}R{ThkfGCj{Iq$4dWud2d
zFacM@G(HM8!|>q->_@NDHkc<;VH0knJ{+~}+)yr4o`}8iIH~8Xs)h4hCEml*&`yhU
z5I-^62rH!18>EwFT%$*ZWaZ);D(7#Db7TCb;Z-R<5qiVILGe(+jES1-j<RE7T%6@e
znu(Bw?}Rf;fv?RoP5V4k;a`0}rzD4C6&o-#JdAeR?@)5<S-p;B!1C6mDGB$X%%dRh
z(K^j}96qUnIz+2EacIPbI<+Q}-M(QDGN33<M@fbm5hT+zYD(37C13Jn^7_^-CqBu$
zb%v-rsVr7nCJJO}5;g6EB8fH?uUU3goD$UyZaaf4)Qe%~H*hq#iRcaI21Jd1n4C9h
z4Y$45{=LFnYr74(m#1#wGet}Ggxx#Saql?{!Wd#c3Oo1i!!CT3lPkrYs92TZRs!gO
zl)W{sFx5ED7JQF5#xWsBcf6X0IG0SPO&~#x*0}k;LpKYYb_s;wR=X)bDwAJ#6n|Uw
zNb6e_ZmN$?RNf8IM2Y{LxiG##9PoDO-OCr;ZNmD_)280U=wd~)1m=!;kS-~+^{kLC
z6u99#G`l-i!b)(f@orD-m(~l$I+WCz(>@JO3rm(<j}F{_Df05XU&&sf=eaIaOMls=
zzNo%VwI3y9u|X`CY;81uCSFP@A~ToxEnmkg(B8C#P5E)>Zj7f?;lkzSi$xvyO1|p8
zaF^vX(@rq~DQ&0E8RcTPS_j6BIwu`DihL<Mg><1!^}&7H?KvC2JRV;@H@_f{Ij_xP
z>fG1~W9*I!XJ)rE-ft26Yk2#JJ`F`R@xv>7RL_=BVD44gmCIVE>v|kZ>BSSivQwdN
z`fl>+D7Kbe_z_NXa^qtBMIzns<<6zt)>^GX`!DVBjqQl?zqUoH2`VqYEGFB)_485q
z(TKzG&FW}_9B0>*v$p$1Hu=tm1~ZQvjAo8i%X4EWRc@oJU>pME(QX{}Zndx0SRXRv
zZ&e;b9dHT}g^oURL$zy}{y8;aRHXYIRWP@9Y0=>CF1oMN@oao3?wz88&j_DuJV{T?
zoKij>`pav-bYYx+6njKW<x*SvE0wAATW@9Yb@Z7D-7<@oNax-!@!dtwKXj-?OZ5vE
z(!ZN7Pl}xl3e&2Oxe|sW!wZf{`pAy4avP@(lS9RRIHOPRU8KDnk4^>1Gj&}jdEJfd
zs#YZO{a0K(PZv+4Sjz6EA?ki^(q1H(p1xjM&aZvlnwVL+UEO@EG;;oywGFjPOl@Nw
zLlldcz9k5TCf;<R5QX0b8^0<|c&+3(7|YbZVD@bQnPeMf5AX#2W@an&^PK1JzT0n)
zc1*;6>t9L&L5fganc*p|n~aU1?{vE0<Sz!l_-;-K%{1)&Q~%u$9h=yr^7d&E=R8#y
z^pGC++;pZ&j>Ph(bjVPZHd>uh*M>z=h=t7@^tshERANqzN4hPqlC^l&KQGIL%9hkB
z8IwjD<Gn%;@1*VIdyA27(LV5B1PO2>aGf1zw(b`~ZD}j<d`eSTBY1(lt9#QLpZe6?
zP-pjk_H0&CO=#sdwxUgFYFy&W7mDM?n(QTMSTTso7eTbG-`V+W{wxzzA@Ve=_?B_Q
z`-*=hB{MLc8`LjcIbpI{^CfaS7h+BN7mw}gPwpQy<+hM3QJxg?IJx!uA5;^VU=i``
z5&V8}sjF8xG{y>cg8QD+m1Brop^OtSoSBXB<Fc<_j<CzQv$0w}PV{(Qbd+~0?bbfg
z8IE<goyTayYQbr7>vI<oyU4g1=2|0X$xa%db5fQ-nxQ`Dxy)pb)Oz*!W@i0$lx;mz
z+Uk3;k;9$|eWt^s%dG%EW5o5ouYTVOi;***`p!3N!x?wJ8E1|c9E`%{sY+{aAEd<g
z(<+M8^fXs2a0^w`PFIoYR<{p2e9`gL<-8!GaC&ulcMWB%0fJg<0fl2Wf#?-%Q(Uck
zob-gf-ja%MU(kKVoSW`*UK8Fn-ybHX8yuS1<Si71)EI%CvT|<cXSMM9U}cBQ4v8Zj
z-n?_}_%S?=&;VS54L&w&$ld$}+wr9o%;!QYPdyimxqKn6fX0-}O<rMqD5Z<vzdcHa
z;B`H#mThdc@AZ!`^oWUof}ZN=n+oaazUr|xgl;Uk^^whopSe3aCBFv<ZQ$Q`!(iw*
z_T{k${?D^|HT9LdPMFmz6!I)){i;?zyZwg0-CuG3wX~54L%%bc`=}|s6H#ohS2?Qj
zu(SlZG$4UJ%E{52&?m@lthl5}O>^c!n`Xm5M6u^BP(KkqsU67atuQ0s^07+p+m6$~
zEK~wt7Ddr!LxuZ7aZ;O#5FXQ9#gz>?-K9y<E5z|KnwEM${R1foxxYbEwx|<zR<F7|
zSUqu%MVPD0S)~iM!ns;Og5~F<LbG@=i@H2!w<|cgJ2bw~<7NG!_X2GvNZZdlwOmIb
zBgd)e)W^xWigz9KChjYJ?b1l)G|vgTYov+pAoa`i7;YY-cO*V5C5)O3sCnz>95r&@
zPOy)Fp~uO+W0O<djf#6|BFLD=7Cq~0cqg3S7+sGV&{y~S5vN`*QuX9g=Qw}CC*_cJ
zPe#VU`uB31?=Z+#s3!R>QQ5B>O~YfN^cZ6)Ph>}24hosJ3LS@>glSldpIgf13YrYg
zO&D#IUE7ux(97<vzNaTb@$I+v$317;$6GH=^A`kJo{hJ3sbhr;T)hVmuUCzJb=*wN
zKEajLjG9d(Mpqc2<rI(E%M_t2%4c|^2Y*Sv%=rBrX*%G`%Qodw`{SVSgyY-Km~%c0
zhsbl`+tEb=$$jkFLr$*_hIQQv<2X~)-Xc(Ec}-`tO-<F?v0?Y3;xNvk_5^IId)O17
z5-k<f2aH`C{a~6(6I7(}wDEbDGELSI(L){BfMtc*8@+`CWT2mhr%$~EbiH{|y(Ms8
z2rJSe!qg^mSh`g?KIu`jv$n~LV;p~6s64U1Kq5=ye>30Iw|>_w{AJX~FEmx#%;=fi
zqqF*Coaf+rFHKtM9uRh=YX7c|f~V5vI;9%wyQh~^L&hP)Y33RqA8b+P+(|a_pg^N{
zCQ?6p=53mB`a!`LWo2s>jK}GT!DbCo6$SG~)@L&fmEsIi!Ol4X)xy0%Tikf|9gL0o
z3lReqX1faCag(K>=nYNh^4POU1C8Q_f+BG!)jX(cSPQs5F;i_#-*nTs7p3CEGNxfJ
zgE7|Y-ct9I-|6I#hT`h{M8%*~GAYFx`Us}o?>Y5NC8x?u)jpFPRHa3)zdvdnZ>aoH
z9f#uTEjY6cO&w9DP%lYeRz;b6WcJkTXpF{IH@cc@Pi$ub8Jo6!BqECZ-(FHN+iz9v
z%k_042Vdp(Fce_y9FO@&R#I-G7&Oz-I2~r}m@O!M`uhed@9df#B+HbMsPn$CA^7^)
zsRze8({E#^D4u!o-lMK-pF<o=L8juP!=%?o%~Q}adgmEk1#y0@y+7SFCS{^55Egv>
zLAvb*&iS-=$=|z4KV#1#m%-CLe9-N*)FnkS4*V`W*<Sz+kXz0kHna-F+51G_VLJ6k
zJH>CL=_gER><w|V{qE$*PM`EO$#AiUT`2KqoV-ou)urW?KU}U|yaOk?{iM<L6T_Bm
z9fgYJt>k3V4Vq89W0dy(&to3|;S$P?*6LPL`4mXq^j~{P4T2J$RbVPzZp?k~;}h6d
zH)x-$F|<@Ld(Y<*N$p;G7$VB{kzhB^RNFWQlWA&YlbW%pf+mefOsukK8Mq-3$Q(~;
z3w{;d?%y_ePR$Ry@W>r-ujmn&uatI>TIA_w01|P*c+=^_annx`DNp73N5%>pTG+&(
zKd%jy9~&CROfcMHLV5NDMDQndvxxx(MWM-CYi)HxpN*XjYc8F$GfiBHhFSb@M<12y
zE9SYYv|`<Qk`z8K7-A``O<iq;+sIo_roJ-)J>K<mYoJ!geBApqyzYDDj&Nt1<{|pa
z87t#+-x?Y&R9YoV{Z^&XkcR5fM|WAIa=FY8!OX$rPUS84w;NyK9u|;uXojeu${?Ah
z@+zq1Ohg6@J9Zz)nFl6<RsR9E6~<B&WFpvKL6f6S|J$zutZY|};SW`y{|q(-6RV=)
zz9M?1q2h4;qOz;e9Gar=p>oDN(_K}R3Y7dmW8k*8uwy<$K>jwut5+|WT)&d@J&czY
z{@>;i_#aY4?R<rCXlh?|{Fk<1a&A~Kmg1k${~sFj{#N!%-YY}=OIu(zFp*RFwSTJ%
zru?Vlf4551&fj`pi6Qm3wy0H#0<bJs>O=qw{ipF?X8Zp$&p$)9EKQ>h2rF)at>pNR
zfVJ9q|J$}Dz|0Z<EX_ar;7Sz=(D)yN|6^tSq5y2I+y6EA>fbB;->3YaL%_oPYc*(>
zUj08$xb^omSMU3e5dRue`0n4U{$K2QwNw5h&wtk7KYQkX3ZXCXzn9=YVqe+)UnU0X
z|Le_Hs}HMg-4M@^L<tP<fjSd7!tefGg4#dGS---t6dXVP9yoXZYPG=Qt1F9f>%Rw`
zw7);#_+kAB$Vn9c75vJf*$g%Xm@!!15qI^rx%*c;w#xMX&h@Xs^fj=?WCr4#1q`=7
zeT@z3u&*S#k%sF}Fi(e_>zQT#^IXagU3sRp684!303wXP`f(IYR~Lz3F17vg@4m%|
z)bA1xHQL(<K~MPE2tY8_@iJ9Wj-it!Q2#RaN4`SFJV54XJ*fY;Ld6rWW=mis`9-&K
zu?Y37Qi2F6=ubxH!i9lM=)fqx6gX5sobZPr6_qt2ricW3ENY?vK6usjpO=ucx@oli
zmyzQ8LjQH7h2H(E$1Bb2hMnxBoA&kt`oS8+ci>DUy$=Jf9x1NgNd-O3xsm;E38<jq
z{_TqKP1lW|TuD2zs(tqJM1hO)O68YPh;;pq_m8+9W&(Sl;XUBLlvjp2Hff_W6JFDU
z1pjr_ZFGBxuxXDSB7UVlsPl#k^@tLy|MTE+aW6+OIRDC^Xn6gmt@a67K*m2$XD?iA
zTlB$#(yvfWJ#A<hsDThk0tq?(_>57Fl`I){f|n^@b@zBm%%M8kUkZJ#v#1NLX-gcs
zlLI_&{BP92zdFt|fBN_PWu9gJ(=Xi7?Z)#fApjEWreSuk7(r{K!t6`l3}EcZSpWoJ
z=wb~jVSb<jej*j%1Z4UFatoV}8gBjABis(z8WmpqvCW6e6p;)zE1P#`)J0pAEMsh$
z!`r#Y#OiAh*IfXjfZ~tL4|B?5gnZO9P={Y#?ptDKz$N)sg4~rhx{)06$l+mp=07dd
zS`+NPoDfmJO_qZ_;zhS?F^NKe+hy(HAdut414a8ojR?>p%Es<10D6HOSEg$DK{0~V
zDlO&)1gbDTDL7DACsk+~?HwjGz;_+8h;?-lvl*s#X+WeKU>^CZLqwJQ$^~l(GMm!Z
z;b$nt-ho5VYf;poMl-)|#S84jaDrXPBY)1)ZEN2ot&-907E{3l0*L2T>TJhh<3E|Q
z4%c^j`PA1PA{r+=KAaP4)d;E|v5IWQgplI|u5QwGs-Z5P8U0dI2Q9f1JV=1;m((ar
zMP1R7Q6~}BWjxW%E0mQd<tM#DP1in*tgbXm>Vz8-Fv0qpw0_H39C~RjnYm{Qfz*^Q
zyK1xkdhY_7%nFT8WFY~1o^aooyW}hvoP0x9c--Dk2qY6!!|eE@`!VWKplnoh>l$R7
zg0JC3PA^?E6}A)%6CUX(MnSlE4K{6K!0e|jlU_s+)1#Gx0L`TD%fT=uv*6A8H3ED{
z<1Rp+6X~EL&B!z=to9;6?*{sAKq5TMoqXN>Gl<1!o;pJ>-3(#?U;t@p9e)9k#dSG+
z`q6Dr*w1E%KtL@ve{gLLsV7;o04na;kq}7y>0A%Cg59$uAl`Qob^+2H%w33M1pwR-
zJO`E!t==xe$TFR*)FI7P669M&2%B?D$3>VD@m+a6e8}cobMo*GINQ#Z=Szk(+ij+p
zTa$-JsG%I}_hgf=L+p3quNBrMDxS$fFWnuGSI7$uKqHiniJGG3mqEYvzToUge8}HL
zJX0+>8*!KCa?o^RSu04%-o`*MC~|9l$g%ixg)n{My$7M*YI{9B{Y7<G^=*tQR{QO|
z?FiTPS$YRMdnF5^#9a1MQ1mTzm|Z4>*l#yEV5&ANcrr(~D}5*R@tTkQ_$$0VuJKh)
zJq2we@~T#uc+GD>zOwrV+;FSp6Br6u8(Fv;5N6NJ9`db<oj_#rb1x_{m&<j?$3OWR
ztmn$_nvQ5aeUdp^-Z2=yo;?bIxE;<;VqE-gr`2{d)f6q{KlEEO12|iQ>hf*oXS%5T
zcz_r`i@T0D`v9oj#VJ+grv3u-ljDq%!*_fSs3z~H;)G68eC>5m+ZV6a81Vuc6rOBr
z=xh3_oEd;d`W|uO=Emun<*3KQ4Qf6vpftZ_ZxwAw1IgPeANZb`!^T_S02<|=9`g_f
zq(&qg8n`|h6XD9LN+@<l!pQs$v*HOMU0zmIqc;6L+us-6;MB6_Sz5Otgx~$$A|r*r
zAzy>x^igp;Ry2@o-^z;DRpZP%-4yVi3Qx$F7oM>-C7DJxtfv+cFmp<E2%(pyVKIJ*
zk_=@gqA;+h@|GwaaZkRE3sVY>hJ#r3dw^09-|-h{>|ns%g>cOT-S7KrA+@uT-NB@r
z$#kf^gUYNZnV?yYxVO;2>#sqKS(;+U7`z@NhLtvuX6in+63!+HsN;NgX!3KnD{ev-
z^bd%Xx0&4_C>#|BPezxo^T$&D$!9RF4lxb_n-t(kd74&|s)Ntmpy3LJOR;X0kk$2R
zoirT+@eCR&1qEA`Zv_jV#p$e2cmal>GSW1sU)z_qd$F2OggufVWetS<ngREK06NI(
zs;8^@Q3>VnfZrbhXJ@Xjrdmv)I5%ys&K`g#(U+Due0F;RJQk?$<obk_6gqf*D_)R9
zC5F+6rU6XPYCStIkT!3SaeQREO;ioj1ab5R;4r5U=3Yp46%AdDVl`ZlpGUAUq#Ffk
zKRDZI|A2y}@a$*5?5sveUT93S;apcYLG1*v8`3##K3({W`Z|0$2GuYVwiI{gyajlV
zuWh|Y6R)h?Ga=V%#_|n`6@UW(cv0%44<Z@z&apE?#Z2Ad=}-8aSd2KdMq+S40B;I@
zU|u=pYx;f)AJx!s#dGoXo+a<56!<9zDhB6((Ltjum_&W<$au{75k}@|t=h2HE^4Hc
zwz^MDWN`B_U&`(98A5Ks=*C-LkpKiduWD&p6Kf?e-&X4lW3GV#;?0-o$E&POW}Pu>
z8S0I#pS#dC-Flnpy|H&zXVXmjsLUDxO$gNe8<D|MM2hxspYMsCypc=&ru2o5^e)wm
zs(#$M07eAihm+FJ6d#Hhewo(9kzC|NwP6^qYmPqmk1~_aV#LSbkNz4xx{5cxQ^;7K
z>W*d+d=$#K0Q96bf<TZmiacx5JgIZc05$s@Tl+LP*W<fH+;?RxERDls^q}GOO_A9b
zcOIifDxr3cUTT3W=bd(1CV(~tQo<7?T+y{sJ(O;!LY@k&gCH*X;DtrYM=CF@!0D-h
zh;P#S&N@UJt=d{|Fyiiro**)o^E0e}h}F;P5^!fCpUo`X#%8exePcqGc)l@P@Yd69
z4R8naxr^`i+{=;sPUEAzV1mrf2v-tO=_P;xAv9Uw&~tB_`EDgwziOmn%CvAz(HpT_
zqeX1LW9q8<I2|51`~a1c6`H$%`?OJrYow3?P%Xy`{zor?^RZdi(Zf6e!dEsF`LvGP
z1L${P0=ci|I#-TRcB@hxcP-BM*Ka9?e((az$^YWm!(tr}8H@}<Q>|ow=Ot5pR)#t>
zl0+kDRwchARmbC~xz%hCS%8rR!ZXd3jidv`QvfjnE>YdyHk2EEz7%G&px<A&8|4}i
z;Zj<;KZSkyXg+vR9d)lni$dzm&)R#u?jB0nPWsZxVJl8vmHUL$>^usG$Nde2CWoCL
z_T8F@oQ-57DJH^3=?(j5Y6w~jNptT~p+7X0guUk7_j><;qt0w6-}Ign6C?D)uMZU5
zR>-lbTg=a<ONKs(?pT`k(J0pgZ2Nrt_W)@sfR!bF0AB^S{$R8>WwY+vWQg<i^IYhQ
z8w$@j6yLR$q$1<r|9Z4TusjqZLNq^dVQ(-92wmWozBDqbxo~$l1u;9o008l@#xN|b
z7&b8GGM)b5&U$#3L?@HlWT7abTpGM*pD<7%MLiQ|A{Ns9*#hd)(87=5U<#^b^BgJf
z*y3|+Xd#L8RMdNQv)p^9bio<e!qmvFraJr<oxR)zd~!<U2w(G*ulaMAk{vmz*yNY9
zb?wClc6PPcua1{vG`|iw=~@+8@({!$hcd6<w<sERHrNN%a$g^IGPg|VM8gjQDThr^
z*2n~s`J@LLDEiCO90P082b*ezbQLtDVj4;raQ)$F=GV6fYYr5&Cz^stMzemw$c~Sn
zk@1d<6HFZOM3Ib2euNo1eUk^{R-=!rFlff0S|-?#6aNqV!4n$<R}(wkX4qYDh1Zl`
zQ%n9Ty58q}oIv6(nGOS6PR{QAwT7klp;5Q!W}<{ar<N|Md=-@tq=jZKLEUKr3Atnq
z>;g;3s<6J{7}!=QM=I76VGm~ub|&={Q`S;2d=*mo7dU)9fJpa{kdV8vBc`itnwZW$
zG!0Iz^cKYI0@pu`>5-1QanQA{^;aMyTaT+Wo;+!tSYpSdF$VDq!A6|`pWvzqkl%m{
zyON(D1_Ni{OK-1Q?pKlu;t!QV@;9Aa_evKk*l%4)2lynlc!?x@5|_Z80lW_T;DHHn
z&D9pS=+KdLaG$RwdQTrbm<KF}z#?L?kU>)!X!vqMWsvNr{Z>dK2@3TIMwVYo9ZPuq
z0}1|HyT1Ek)PH7TJuE$rz(&4$=X!#342d)<4@Nd_)cx?SkYd78DAV)5MdP>uc1Cz%
zZJU@f?UwEE0UKSb6QBbn#u>WD>+GhJd~6>BLLuuVuO#Rn_?|ZOwc6zt-QBP`_(phE
z!m^@~x^_({33K~zu#O%Ug+TLPfb{kE+>GW!PFfD;ptKBHgZSt8m*g!^<4NX25>!$2
zHhn?aVz1t9vgQMb40FL4G$z6{T;8$Utz)fgA!0PrjPeTNXIdWS=4+sw8!c=&$1lp2
z4k0x$godA;+6WI0&a6}U;46eEgq)jNL#1O9y^j_8ARw?Z@3j)!piy7fe!FlSqQUs9
z4PeRo(oC%*+(?9^AF@QY;Qp$~z`%`>myE5A<zEr_<$HkVnJ@P>JhZ|FeOyPINTS#N
z9!AEp@cF}=cEwU%zt0v2H_MHRz+vamp}<BZCm~Pkz9@vGn&@0{3eWNqkZeSIzt1qY
z@yr(<xAK-3Atb8}O@xGgD$bC<O;8A7H!%Zu{rC{uFoEmg!sn#n+`1%%5NvrZV!<~M
zL>94Fd?^n=ebCY}5f^Nf4k-Y?NTQEP)ts97`#9{zj3$b4USc6~<&6kQKt%eiiy!O-
zymo&(jolXML_4kGR$kaG%q0_V)P1n!r8(%6H<w-*N_ADs*I#i*&t{BjgmrcKc7*-P
z*uS0&nC#}Mq4XuHy8yXTGZkync)LxV6l<h5&T{d7x_)Ody-P=+pH4L!$nc!*TlVzC
zz_%JEbdO_LRyk`GPR{nEadwOE$X<ka9yl`0C`qz(28>MS=buWN$lS5r&A7Oo+xPsx
z#HRNk_@yUbLoYonY?Lg*fX5qdOdAul28+y$#AIdO(eyNVGi8CCaMMD8o95tv#DKxg
zHoL~Xt+ND>4X;>g2mWzs2AHqDK;$PN=9^!Xhs_$-0RSwFbOjW+8}!XM9s#1rL1Fo4
z@eB}~?wyn^f>VNVXXcFxyK-j<hcb9f3H9H$0bv;A^(B@2<!Up<0D|&-?<-JXvWsv9
z1@P{{@JLt|GrFYT?{T@OMv-asvW(ZYZvOGspMc9yQN6Y`fe)@OH%$~3OdW$<&G`dK
z02stnebRtHdRbPk6QP~m@b-xvLr8C?B{V!FP!G0j%mDbHGc(KSa4rou4(G`U*7p8J
z$AUt>g@Arn{^&Xq8BKiz`XzOe?wmj1x-NCISn5gH(!kfXgIH#$*FY2kZuT5o>kC`=
z32+gDtOJls1yn|Ts~P8R?Gu=+X{X1==eE&CAky%-+eNmNH;Y3{g-FwUpFD2A0C69<
zM$eDvA1Y&N?ItNzzau1hQx-<};_tT|{;J2w%KvGoi}ST>*b-=(ne}#;?*{4C<)NbY
zT0i0gszeW7VAGww+KAa4><#V8nFcivZ$YR2eGmtL>qjePL)WoL+;x4=_tkd1s1E_R
zpZ`jC9I!q(TUOv)oeGCMzVNeb;%Y^!HXtN5)6J!B&${`%;WI3CH?&nj(aS5l%Asfj
zwloM%D~%qStc+y>H)@sddh;5^kDWPmh#kn2Mt*#9eQ=E=fn%7mTpjphAq58fZw}T8
zPlj)m>p;Un{yXV8ICryFr)??kVExqw^(oj^G|Fcslw>m=#CfJa>&gz0pji)ix6qtv
zq{To-^NVifZ)&xqfGJA`pr~i1*B=2lpK-29B7ka#vkm-8G?8UC1{A>qRxr?ev|Pr*
zVfjOB<Us$e+AgqTD`yCRtl$U^B+eby9B1P{aExm5Z8I5A3L(XMJO+W0Gd}g?8Yp7m
zMgzuPqVr9o0io>h!R{Q5{>mYhwgTpslLj=L$2CX6Fa)oRI$TzOK?&3q(uQWQAg6_g
zj$C9hZc^0RD2A6y@`BIOy=P|$*_dz<{2<uAzm@^wBv}HES;4=X>JZW`T$Bj+!yap#
zBeNS~cU@b8C`M$Wmy1#<2fE&hc9MifEz0T5fNhi&NZ}Z4NETD=uMh6z#EdyJW*CZ`
z`yq8oa9b9X#C>>M=34n4IMP{}lw~iBg4(j|X!%CAWx$5_e-<BgG)n?NC%3o2(=@=@
zKFi#RrNPz4%f`I%Upbe>l`&OE7Os0dE^qt+*jPpE*YpH7al>~lO(s-Ox-hRBpq{~N
z56dRfGvT%(2!b`z0n#QwQ<<<qI3GA;4z#tkIs+jsE6;P@md3k`4T`)fZG7Y`w*!3g
z9Of6bo3;sSus64pIaE;9#Bf13;4F-ECLTl21L$+?_qBMpU#5|YK`p2NDKN&sj#RGp
zJsu<Y?g9k)MB7|xfnv~=lymqLt?g}@CaM4{nnWW#uS$mLzQ+%hZo^Y7fLTF2?(k*1
z>_yM+D4{>&A-MpkgJgt0eh%&@Ba8b)6jvn1_T6ZjWm^}((w_qQ;|g&XmKN*h6*gH$
z%#Vlx(<IgR$s*3g{!vX3Y(xamQ4H-B(E<b8XFF1B<U|yMQ_l;5D-gkqG2DGTU!a0&
zXBrdwz0|e}$Qd-|@18^~O|i2BZ#2&%FW?o@4Zav4H{yToN4N8%x*6Z4HVLmcDon_~
z__x3M;1r+eZKTjp`HOA0>@Ku4uz+$_lEE54)GF=<qbnaj)BpVFk{mmBGUT=g+<_lB
zn4vy5RxL^81m_LN{DT9h1d*?#Zo!K*TRE{8-#0;?0}?hreKCQF=_C5SWGY`k(0yHX
z$bFZoh8SMtT5ph_I=nrP|3hnpH`K^>O$%!MJ$H=ZB8dYw?ODy3(GVT<_8xXjDSvCD
zw3a%xk@E<9!c=1W#B4q#$-Sns=p|_*W;(Y)FKCehJJ!C2?M>O+4<kGR(S3Mfy}~cs
z9HhBMQ`xs|5$_3i{m2*60~kFq8N916NdVgkB$mMSZ8_{-nt0-m^6l*dE@hMLekuPr
z9Gxy>R?8W=N{t<xyT`D)`);wCwcJx01{m%M^<Cby=_ClV$vrGH`H1rP&{cMHXQc%s
zlNXj=mI=!9A>|o}sRYYsE_E;JGM`qjdaN`x*<ZQCTzi8(i4;-6nxZ)XK!y?D=tfIR
z>^d*K(|(9e&{x*;nXMP8JGZt4gjGPwZv-s<8=-3c<D=jrZDl<HT7kfMJ9pLO5sMPE
zQcEf1S_YzX>|W+td&y8@Tq{TjHuT^AC`SMu383OF0j@6q5^LN(JlGzjWiL*y%$jR^
zZP;J!5MOf!Qr?OwyEcON^HE*ZtlZ_}^L-HqayL~$8MU7od=miNzEjTDt^IW3$89>7
zjTn3GU(+7K-vFoyDgZUi1uozcg<JdtcOIa!yKAD_;%V(y^KG%<gBg9R^}<{G-bgi2
zY&-h`zAU2eWwvUy`hWi*i$v_pO}N5MI=LViQxFN`|N4GQwDJ7l68`~1rpVLkyk+o_
P8AMi6Nuor|`2GI@ZIMxQ

literal 0
HcmV?d00001

diff --git a/mastodon.env.template b/mastodon.env.template
new file mode 100644
index 0000000..004527a
--- /dev/null
+++ b/mastodon.env.template
@@ -0,0 +1,41 @@
+#!/bin/bash
+
+cat <<END
+SINGLE_USER_MODE=false
+
+LOCAL_DOMAIN="${APP_DOMAIN:-"localhost"}"
+
+DB_HOST="${POSTGRESQL_HOST:-"localhost"}"
+DB_PORT="${POSTGRESQL_PORT:-"5432"}"
+DB_NAME="${POSTGRESQL_DATABASE:-"mastodon"}"
+DB_USER="${POSTGRESQL_USERNAME:-"mastodon"}"
+DB_PASS="${POSTGRESQL_PASSWORD:-"mastodon"}"
+DATABASE_URL="${POSTGRESQL_URL:-"postgresql://${DB_USER}:${DB_PASS}@${DB_HOST}:${DB_PORT}/${DB_NAME}"}"
+
+REDIS_HOST="${REDIS_HOST:-"localhost"}"
+REDIS_PORT="${REDIS_PORT:-"6379"}"
+REDIS_PASSWORD=${REDIS_PASSWORD}
+
+SMTP_SERVER="${MAIL_SMTP_SERVER:-"localhost"}"
+SMTP_PORT="${MAIL_SMTP_PORT:-"25"}"
+SMTP_FROM_ADDRESS="${MAIL_FROM:-"Mastodon <mastodon@localhost>"}"
+SMTP_AUTH_METHOD=plain
+SMTP_LOGIN=${MAIL_SMTP_USERNAME}
+SMTP_PASSWORD=${MAIL_SMTP_PASSWORD}
+SMTP_OPENSSL_VERIFY_MODE=none
+
+LDAP_ENABLED=$([ -z "$LDAP_SERVER" ] && echo "false" || echo "true")
+LDAP_HOST=${LDAP_SERVER}
+LDAP_PORT=${LDAP_PORT}
+LDAP_BASE=${LDAP_USERS_BASE_DN}
+LDAP_BIND_DN=${LDAP_BIND_DN}
+LDAP_PASSWORD=${LDAP_BIND_PASSWORD}
+LDAP_UID=mail
+
+# the following is generated by start.sh
+END
+
+#SECRET_KEY_BASE=
+#OTP_SECRET=
+#VAPID_PRIVATE_KEY=
+#VAPID_PUBLIC_KEY=
\ No newline at end of file
diff --git a/nginx.conf b/nginx.conf
new file mode 100644
index 0000000..7adb57b
--- /dev/null
+++ b/nginx.conf
@@ -0,0 +1,96 @@
+map $http_upgrade $connection_upgrade {
+  default upgrade;
+  ''      close;
+}
+
+proxy_cache_path /run/nginx/cache levels=1:2 keys_zone=CACHE:10m inactive=7d max_size=1g;
+
+error_log /dev/stdout info;
+access_log /dev/stdout;
+client_body_temp_path /run/nginx/body 1 2;
+
+server {
+  listen 8000;
+  listen [::]:8000;
+
+  keepalive_timeout    70;
+  sendfile             on;
+  client_max_body_size 80m;
+
+  root /app/code/public;
+
+  gzip on;
+  gzip_disable "msie6";
+  gzip_vary on;
+  gzip_proxied any;
+  gzip_comp_level 6;
+  gzip_buffers 16 8k;
+  gzip_http_version 1.1;
+  gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
+
+  add_header Strict-Transport-Security "max-age=31536000";
+
+  location / {
+    try_files $uri @proxy;
+  }
+
+  location ~ ^/(emoji|packs|system/accounts/avatars|system/media_attachments/files) {
+    add_header Cache-Control "public, max-age=31536000, immutable";
+    add_header Strict-Transport-Security "max-age=31536000";
+    try_files $uri @proxy;
+  }
+
+  location /sw.js {
+    add_header Cache-Control "public, max-age=0";
+    add_header Strict-Transport-Security "max-age=31536000";
+    try_files $uri @proxy;
+  }
+
+  location @proxy {
+    # forwarding cloudron's nginx proxy-proto headers
+    proxy_set_header Host $host;
+    proxy_set_header X-Real-IP $http_x_real_ip;
+    proxy_set_header X-Forwarded-For $http_x_forwarded_for,$remote_addr;
+    proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
+    proxy_set_header X-Forwarded-Host $http_x_forwarded_host;
+    proxy_set_header X-Forwarded-Port $http_x_forwarded_port;
+    proxy_set_header X-Forwarded-Server $http_x_forwarded_server;
+
+    proxy_set_header Proxy "";
+    proxy_pass_header Server;
+
+    proxy_pass http://127.0.0.1:3000;
+    proxy_buffering on;
+    proxy_redirect off;
+    proxy_http_version 1.1;
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection $connection_upgrade;
+
+    proxy_cache CACHE;
+    proxy_cache_valid 200 7d;
+    proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
+    add_header X-Cached $upstream_cache_status;
+    add_header Strict-Transport-Security "max-age=31536000";
+
+    tcp_nodelay on;
+  }
+
+  location /api/v1/streaming {
+    proxy_set_header Host $host;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto https;
+    proxy_set_header Proxy "";
+
+    proxy_pass http://127.0.0.1:4000;
+    proxy_buffering off;
+    proxy_redirect off;
+    proxy_http_version 1.1;
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection $connection_upgrade;
+
+    tcp_nodelay on;
+  }
+
+  error_page 500 501 502 503 504 /500.html;
+}
diff --git a/start.sh b/start.sh
new file mode 100755
index 0000000..93ad60c
--- /dev/null
+++ b/start.sh
@@ -0,0 +1,28 @@
+#!/bin/bash -eu
+echo "=>Configuring mastodon<="
+bash /app/code/mastodon.env.template > /app/data/.env.production
+
+if ! [ -f /app/data/.keys.env ]; then
+    echo "=>First run, generating keys and setting up the DB<="
+    export RANDFILE=/app/data/.rnd
+    echo -e "SECRET_KEY_BASE=$(openssl rand -hex 64)\nOTP_SECRET=$(openssl rand -hex 64)" > /app/data/.keys.env
+
+    source /app/data/.keys.env
+    HOME=/app/data bundle exec rake mastodon:webpush:generate_vapid_key >> /app/data/.keys.env
+    SAFETY_ASSURED=1 HOME=/app/data bundle exec rails db:schema:load db:seed
+
+    # the app writes to the following dirs:
+    mkdir -p /app/data/system && chown cloudron:cloudron /app/data/system
+fi
+
+cat /app/data/.keys.env >> /app/data/.env.production
+
+echo "=>Starting mastodon<="
+
+SUDO='sudo -u cloudron -H -E'
+PORT=3000 $SUDO bundle exec puma -C config/puma.rb &
+PORT=4000 STREAMING_CLUSTER_NUM=1 $SUDO npm run start &
+DB_POOL=25 MALLOC_ARENA_MAX=2 $SUDO bundle exec sidekiq -c 25 &
+
+mkdir -p /run/nginx/log /run/nginx/body /run/nginx/cache
+nginx -g 'daemon off;'