2018-05-22 20:29:33 +02:00
|
|
|
# Deployment options
|
|
|
|
|
|
|
|
The default Zulip installation instructions will install a complete
|
|
|
|
Zulip server, with all of the services it needs, on a single machine.
|
|
|
|
|
|
|
|
For production deployment, however, it's common to want to do
|
2021-08-20 21:53:28 +02:00
|
|
|
something more complicated. This page documents the options for doing so.
|
2018-05-22 20:29:33 +02:00
|
|
|
|
2018-10-17 00:19:51 +02:00
|
|
|
## Installing Zulip from Git
|
|
|
|
|
|
|
|
To install a development version of Zulip from Git, just clone the Git
|
|
|
|
repository from GitHub:
|
|
|
|
|
2021-08-20 07:09:04 +02:00
|
|
|
```bash
|
2018-10-17 00:19:51 +02:00
|
|
|
# First, install Git if you don't have it installed already
|
|
|
|
sudo apt install git
|
|
|
|
git clone https://github.com/zulip/zulip.git zulip-server-git
|
|
|
|
```
|
|
|
|
|
|
|
|
and then
|
2022-02-16 01:39:15 +01:00
|
|
|
[continue the normal installation instructions](install.md#step-2-install-zulip).
|
2023-01-17 04:33:42 +01:00
|
|
|
You can also [upgrade Zulip from Git](upgrade.md#upgrading-from-a-git-repository).
|
2018-10-17 00:19:51 +02:00
|
|
|
|
2021-09-01 00:15:31 +02:00
|
|
|
The most common use case for this is upgrading to `main` to get a
|
2020-07-08 21:14:51 +02:00
|
|
|
feature that hasn't made it into an official release yet (often
|
2021-08-20 21:53:28 +02:00
|
|
|
support for a new base OS release). See [upgrading to
|
2021-09-01 00:15:31 +02:00
|
|
|
main][upgrade-to-main] for notes on how `main` works and the
|
2020-07-08 21:14:51 +02:00
|
|
|
support story for it, and [upgrading to future
|
|
|
|
releases][upgrade-to-future-release] for notes on upgrading Zulip
|
|
|
|
afterwards.
|
|
|
|
|
|
|
|
In particular, we are always very glad to investigate problems with
|
2021-09-01 00:15:31 +02:00
|
|
|
installing Zulip from `main`; they are rare and help us ensure that
|
2020-07-08 21:14:51 +02:00
|
|
|
our next major release has a reliable install experience.
|
|
|
|
|
2023-01-17 03:02:58 +01:00
|
|
|
[upgrade-to-main]: modify.md#upgrading-to-main
|
|
|
|
[upgrade-to-future-release]: modify.md#upgrading-to-future-releases
|
2020-07-08 21:14:51 +02:00
|
|
|
|
2018-10-17 00:27:03 +02:00
|
|
|
## Zulip in Docker
|
|
|
|
|
|
|
|
Zulip has an officially supported, experimental
|
2021-08-20 21:53:28 +02:00
|
|
|
[docker image](https://github.com/zulip/docker-zulip). Please note
|
2022-02-24 00:17:21 +01:00
|
|
|
that Zulip's [normal installer](install.md) has been
|
2018-10-17 00:27:03 +02:00
|
|
|
extremely reliable for years, whereas the Docker image is new and has
|
|
|
|
rough edges, so we recommend the normal installer unless you have a
|
|
|
|
specific reason to prefer Docker.
|
|
|
|
|
2024-02-15 21:18:52 +01:00
|
|
|
## Zulip installer details
|
|
|
|
|
|
|
|
The [Zulip installer](install.md) does the following:
|
|
|
|
|
|
|
|
- Creates the `zulip` user, which the various Zulip servers will run as.
|
|
|
|
- Creates `/home/zulip/deployments/`, which the Zulip code for this
|
|
|
|
deployment (and future deployments when you upgrade) goes into. At the
|
|
|
|
very end of the install process, the script moves the Zulip code tree
|
|
|
|
it's running from (which you unpacked from a tarball above) to a
|
|
|
|
directory there, and makes `/home/zulip/deployments/current` as a
|
|
|
|
symbolic link to it.
|
|
|
|
- Installs Zulip's various dependencies.
|
|
|
|
- Configures the various third-party services Zulip uses, including
|
|
|
|
PostgreSQL, RabbitMQ, Memcached and Redis.
|
|
|
|
- Initializes Zulip's database.
|
|
|
|
|
|
|
|
### Advanced installer options
|
2021-04-18 04:01:20 +02:00
|
|
|
|
|
|
|
The Zulip installer supports the following advanced installer options
|
|
|
|
as well as those mentioned in the
|
2022-02-16 01:39:15 +01:00
|
|
|
[install](install.md#installer-options) documentation:
|
2021-04-18 04:01:20 +02:00
|
|
|
|
2021-08-20 21:45:39 +02:00
|
|
|
- `--postgresql-version`: Sets the version of PostgreSQL that will be
|
2023-12-21 21:46:51 +01:00
|
|
|
installed. We currently support PostgreSQL 12, 13, 14, 15, and 16, with 16
|
|
|
|
being the default.
|
2021-04-18 04:01:20 +02:00
|
|
|
|
2021-08-20 21:45:39 +02:00
|
|
|
- `--postgresql-database-name=exampledbname`: With this option, you
|
2021-03-28 05:41:50 +02:00
|
|
|
can customize the default database name. If you do not set this. The
|
|
|
|
default database name will be `zulip`. This setting can only be set
|
|
|
|
on the first install.
|
|
|
|
|
2021-08-20 21:45:39 +02:00
|
|
|
- `--postgresql-database-user=exampledbuser`: With this option, you
|
2021-03-28 05:41:50 +02:00
|
|
|
can customize the default database user. If you do not set this. The
|
|
|
|
default database user will be `zulip`. This setting can only be set
|
|
|
|
on the first install.
|
|
|
|
|
2021-08-20 21:45:39 +02:00
|
|
|
- `--postgresql-missing-dictionaries`: Set
|
2023-05-31 00:28:07 +02:00
|
|
|
`postgresql.missing_dictionaries` ([docs][missing-dicts]) in the
|
2021-04-18 04:01:20 +02:00
|
|
|
Zulip settings, which omits some configuration needed for full-text
|
|
|
|
indexing. This should be used with [cloud managed databases like
|
|
|
|
RDS](#using-zulip-with-amazon-rds-as-the-database). This option
|
|
|
|
conflicts with `--no-overwrite-settings`.
|
|
|
|
|
2021-08-20 21:45:39 +02:00
|
|
|
- `--no-init-db`: This option instructs the installer to not do any
|
2021-04-18 04:01:20 +02:00
|
|
|
database initialization. This should be used when you already have a
|
|
|
|
Zulip database.
|
|
|
|
|
2021-08-20 21:45:39 +02:00
|
|
|
- `--no-overwrite-settings`: This option preserves existing
|
2021-04-18 04:01:20 +02:00
|
|
|
`/etc/zulip` configuration files.
|
|
|
|
|
2024-02-16 23:07:19 +01:00
|
|
|
[missing-dicts]: system-configuration.md#missing_dictionaries
|
2023-05-31 00:28:07 +02:00
|
|
|
|
2021-06-03 01:42:15 +02:00
|
|
|
## Installing on an existing server
|
|
|
|
|
|
|
|
Zulip's installation process assumes it is the only application
|
|
|
|
running on the server; though installing alongside other applications
|
|
|
|
is not recommended, we do have [some notes on the
|
2022-02-24 00:17:21 +01:00
|
|
|
process](install-existing-server.md).
|
2021-06-03 01:42:15 +02:00
|
|
|
|
2023-01-30 21:30:34 +01:00
|
|
|
## Deployment hooks
|
|
|
|
|
|
|
|
Zulip's upgrades have a hook system which allows for arbitrary
|
|
|
|
user-configured actions to run before and after an upgrade; see the
|
2023-01-28 02:00:15 +01:00
|
|
|
[upgrading documentation](upgrade.md#deployment-hooks) for details on
|
|
|
|
how to write your own.
|
|
|
|
|
2023-05-30 20:04:29 +02:00
|
|
|
### Zulip message deploy hook
|
|
|
|
|
|
|
|
Zulip can use its deploy hooks to send a message immediately before and after
|
|
|
|
conducting an upgrade. To configure this:
|
|
|
|
|
|
|
|
1. Add `, zulip::hooks::zulip_notify` to the `puppet_classes` line in
|
|
|
|
`/etc/zulip/zulip.conf`
|
|
|
|
1. Add a `[zulip_notify]` section to `/etc/zulip/zulip.conf`:
|
|
|
|
```ini
|
|
|
|
[zulip_notify]
|
|
|
|
bot_email = your-bot@zulip.example.com
|
|
|
|
server = zulip.example.com
|
|
|
|
stream = deployments
|
|
|
|
```
|
2023-05-31 00:28:07 +02:00
|
|
|
1. Add the [api key](https://zulip.com/api/api-keys#get-a-bots-api-key) for the
|
2023-05-30 20:04:29 +02:00
|
|
|
bot user in `/etc/zulip/zulip-secrets.conf` as `zulip_release_api_key`:
|
|
|
|
```ini
|
|
|
|
# Replace with your own bot's token, found in the Zulip UI
|
|
|
|
zulip_release_api_key = abcd1234E6DK0F7pNSqaMSuzd8C5i7Eu
|
|
|
|
```
|
|
|
|
1. As root, run `/home/zulip/deployments/current/scripts/zulip-puppet-apply`.
|
2023-01-28 02:00:15 +01:00
|
|
|
|
|
|
|
### Sentry deploy hook
|
|
|
|
|
|
|
|
Zulip can use its deploy hooks to create [Sentry
|
|
|
|
releases][sentry-release], which can help associate Sentry [error
|
|
|
|
logging][sentry-error] with specific releases. If you are deploying
|
|
|
|
Zulip from Git, it can be aware of which Zulip commits are associated
|
|
|
|
with the release, and help identify which commits might be relevant to
|
|
|
|
an error.
|
|
|
|
|
|
|
|
To do so:
|
|
|
|
|
|
|
|
1. Enable [Sentry error logging][sentry-error].
|
|
|
|
2. Add a new [internal Sentry integration][sentry-internal] named
|
|
|
|
"Release annotator".
|
|
|
|
3. Grant the internal integration the [permissions][sentry-perms] of
|
|
|
|
"Admin" on "Release".
|
|
|
|
4. Add `, zulip::hooks::sentry` to the `puppet_classes` line in `/etc/zulip/zulip.conf`
|
|
|
|
5. Add a `[sentry]` section to `/etc/zulip/zulip.conf`:
|
|
|
|
```ini
|
|
|
|
[sentry]
|
|
|
|
organization = your-organization-name
|
|
|
|
project = your-project-name
|
|
|
|
```
|
2023-05-30 19:55:02 +02:00
|
|
|
6. Add the [authentication token][sentry-tokens] for your internal Sentry integration
|
2023-01-28 02:00:15 +01:00
|
|
|
to your `/etc/zulip/zulip-secrets.conf`:
|
|
|
|
```ini
|
|
|
|
# Replace with your own token, found in Sentry
|
|
|
|
sentry_release_auth_token = 6c12f890c1c864666e64ee9c959c4552b3de473a076815e7669f53793fa16afc
|
|
|
|
```
|
|
|
|
7. As root, run `/home/zulip/deployments/current/scripts/zulip-puppet-apply`.
|
|
|
|
|
|
|
|
If you are deploying Zulip from Git, you will also need to:
|
|
|
|
|
|
|
|
1. In your Zulip project, add the [GitHub integration][sentry-github].
|
|
|
|
2. Configure the `zulip/zulip` GitHub project for your Sentry project.
|
|
|
|
You should do this even if you are deploying a private fork of
|
|
|
|
Zulip.
|
|
|
|
3. Additionally grant the internal integration "Read & Write" on
|
|
|
|
"Organization"; this is necessary to associate the commits with the
|
|
|
|
release.
|
|
|
|
|
|
|
|
[sentry-release]: https://docs.sentry.io/product/releases/
|
|
|
|
[sentry-error]: ../subsystems/logging.md#sentry-error-logging
|
|
|
|
[sentry-github]: https://docs.sentry.io/product/integrations/source-code-mgmt/github/
|
|
|
|
[sentry-internal]: https://docs.sentry.io/product/integrations/integration-platform/internal-integration/
|
|
|
|
[sentry-perms]: https://docs.sentry.io/product/integrations/integration-platform/#permissions
|
|
|
|
[sentry-tokens]: https://docs.sentry.io/product/integrations/integration-platform/internal-integration#auth-tokens
|
2023-01-30 21:30:34 +01:00
|
|
|
|
2018-05-22 20:29:33 +02:00
|
|
|
## Running Zulip's service dependencies on different machines
|
|
|
|
|
|
|
|
Zulip has full support for each top-level service living on its own
|
|
|
|
machine.
|
|
|
|
|
2020-10-26 22:27:53 +01:00
|
|
|
You can configure remote servers for PostgreSQL, RabbitMQ, Redis,
|
2018-05-22 20:29:33 +02:00
|
|
|
in `/etc/zulip/settings.py`; just search for the service name in that
|
|
|
|
file and you'll find inline documentation in comments for how to
|
|
|
|
configure it.
|
|
|
|
|
|
|
|
Since some of these services require some configuration on the node
|
2020-10-26 22:27:53 +01:00
|
|
|
itself (e.g. installing our PostgreSQL extensions), we have designed
|
2020-10-23 02:43:28 +02:00
|
|
|
the Puppet configuration that Zulip uses for installing and upgrading
|
2018-05-22 20:29:33 +02:00
|
|
|
configuration to be completely modular.
|
|
|
|
|
2020-10-20 02:49:54 +02:00
|
|
|
For example, to install a Zulip Redis server on a machine, you can run
|
|
|
|
the following after unpacking a Zulip production release tarball:
|
2018-05-22 20:29:33 +02:00
|
|
|
|
2021-08-20 07:09:04 +02:00
|
|
|
```bash
|
2020-10-20 02:49:54 +02:00
|
|
|
env PUPPET_CLASSES=zulip::profile::redis ./scripts/setup/install
|
2018-05-22 20:29:33 +02:00
|
|
|
```
|
|
|
|
|
2020-10-20 02:49:54 +02:00
|
|
|
All puppet modules under `zulip::profile` are allowed to be configured
|
2021-08-20 21:53:28 +02:00
|
|
|
stand-alone on a host. You can see most likely manifests you might
|
2020-10-20 02:49:54 +02:00
|
|
|
want to choose in the list of includes in [the main manifest for the
|
2020-10-20 03:49:23 +02:00
|
|
|
default all-in-one Zulip server][standalone.pp], though it's also
|
2020-10-20 02:49:54 +02:00
|
|
|
possible to subclass some of the lower-level manifests defined in that
|
2021-08-20 21:53:28 +02:00
|
|
|
directory if you want to customize. A good example of doing this is
|
2024-02-06 21:40:19 +01:00
|
|
|
in the [kandra Puppet configuration][zulipchat-puppet] that we use
|
2020-10-20 02:49:54 +02:00
|
|
|
as part of managing chat.zulip.org and zulip.com.
|
2018-05-22 20:29:33 +02:00
|
|
|
|
2024-03-01 02:48:55 +01:00
|
|
|
[standalone.pp]: https://github.com/zulip/zulip/blob/main/puppet/zulip/manifests/profile/standalone.pp
|
|
|
|
[zulipchat-puppet]: https://github.com/zulip/zulip/tree/main/puppet/kandra/manifests
|
|
|
|
|
2018-05-22 20:29:33 +02:00
|
|
|
### Using Zulip with Amazon RDS as the database
|
|
|
|
|
2019-12-12 10:50:04 +01:00
|
|
|
You can use DBaaS services like Amazon RDS for the Zulip database.
|
|
|
|
The experience is slightly degraded, in that most DBaaS provides don't
|
|
|
|
include useful dictionary files in their installations and don't
|
|
|
|
provide a way to provide them yourself, resulting in a degraded
|
|
|
|
[full-text search](../subsystems/full-text-search.md) experience
|
|
|
|
around issues dictionary files are relevant (e.g. stemming).
|
|
|
|
|
|
|
|
You also need to pass some extra options to the Zulip installer in
|
|
|
|
order to avoid it throwing an error when Zulip attempts to configure
|
|
|
|
the database's dictionary files for full-text search; the details are
|
|
|
|
below.
|
|
|
|
|
2020-08-11 01:47:54 +02:00
|
|
|
#### Step 1: Set up Zulip
|
2019-12-12 10:50:04 +01:00
|
|
|
|
2022-02-24 00:17:21 +01:00
|
|
|
Follow the [standard instructions](install.md), with one
|
2021-08-20 21:53:28 +02:00
|
|
|
change. When running the installer, pass the `--no-init-db`
|
2019-12-12 10:50:04 +01:00
|
|
|
flag, e.g.:
|
|
|
|
|
2021-08-20 07:09:04 +02:00
|
|
|
```bash
|
2019-12-12 10:50:04 +01:00
|
|
|
sudo -s # If not already root
|
|
|
|
./zulip-server-*/scripts/setup/install --certbot \
|
|
|
|
--email=YOUR_EMAIL --hostname=YOUR_HOSTNAME \
|
2020-10-26 22:35:47 +01:00
|
|
|
--no-init-db --postgresql-missing-dictionaries
|
2019-12-12 10:50:04 +01:00
|
|
|
```
|
|
|
|
|
2020-10-26 22:27:53 +01:00
|
|
|
The script also installs and starts PostgreSQL on the server by
|
2019-12-12 10:50:04 +01:00
|
|
|
default. We don't need it, so run the following command to
|
2020-10-26 22:27:53 +01:00
|
|
|
stop and disable the local PostgreSQL server.
|
2019-12-12 10:50:04 +01:00
|
|
|
|
2021-08-20 07:09:04 +02:00
|
|
|
```bash
|
2019-12-12 10:50:04 +01:00
|
|
|
sudo service postgresql stop
|
|
|
|
sudo update-rc.d postgresql disable
|
|
|
|
```
|
|
|
|
|
|
|
|
This complication will be removed in a future version.
|
|
|
|
|
2020-10-26 22:27:53 +01:00
|
|
|
#### Step 2: Create the PostgreSQL database
|
2019-12-12 10:50:04 +01:00
|
|
|
|
2020-10-26 22:27:53 +01:00
|
|
|
Access an administrative `psql` shell on your PostgreSQL database, and
|
2019-12-12 10:50:04 +01:00
|
|
|
run the commands in `scripts/setup/create-db.sql` to:
|
|
|
|
|
2021-08-20 21:45:39 +02:00
|
|
|
- Create a database called `zulip`.
|
|
|
|
- Create a user called `zulip`.
|
|
|
|
- Now log in with the `zulip` user to create a schema called
|
2019-12-12 10:50:04 +01:00
|
|
|
`zulip` in the `zulip` database. You might have to grant `create`
|
|
|
|
privileges first for the `zulip` user to do this.
|
|
|
|
|
2020-10-26 22:27:53 +01:00
|
|
|
Depending on how authentication works for your PostgreSQL installation,
|
2019-12-12 10:50:04 +01:00
|
|
|
you may also need to set a password for the Zulip user, generate a
|
|
|
|
client certificate, or similar; consult the documentation for your
|
|
|
|
database provider for the available options.
|
|
|
|
|
2020-10-26 22:27:53 +01:00
|
|
|
#### Step 3: Configure Zulip to use the PostgreSQL database
|
2019-12-12 10:50:04 +01:00
|
|
|
|
|
|
|
In `/etc/zulip/settings.py` on your Zulip server, configure the
|
2020-10-26 22:27:53 +01:00
|
|
|
following settings with details for how to connect to your PostgreSQL
|
2021-08-20 21:53:28 +02:00
|
|
|
server. Your database provider should provide these details.
|
2019-12-12 10:50:04 +01:00
|
|
|
|
2021-08-20 21:45:39 +02:00
|
|
|
- `REMOTE_POSTGRES_HOST`: Name or IP address of the PostgreSQL server.
|
|
|
|
- `REMOTE_POSTGRES_PORT`: Port on the PostgreSQL server.
|
|
|
|
- `REMOTE_POSTGRES_SSLMODE`: SSL Mode used to connect to the server.
|
2019-12-12 10:50:04 +01:00
|
|
|
|
|
|
|
If you're using password authentication, you should specify the
|
|
|
|
password of the `zulip` user in /etc/zulip/zulip-secrets.conf as
|
|
|
|
follows:
|
|
|
|
|
2021-08-20 07:09:04 +02:00
|
|
|
```ini
|
2019-12-12 10:50:04 +01:00
|
|
|
postgres_password = abcd1234
|
|
|
|
```
|
|
|
|
|
2019-12-13 08:16:55 +01:00
|
|
|
Now complete the installation by running the following commands.
|
2019-12-12 10:50:04 +01:00
|
|
|
|
2021-08-20 07:09:04 +02:00
|
|
|
```bash
|
2020-10-26 22:27:53 +01:00
|
|
|
# Ask Zulip installer to initialize the PostgreSQL database.
|
2019-12-13 08:16:55 +01:00
|
|
|
su zulip -c '/home/zulip/deployments/current/scripts/setup/initialize-database'
|
2019-12-12 10:50:04 +01:00
|
|
|
|
|
|
|
# And then generate a realm creation link:
|
|
|
|
su zulip -c '/home/zulip/deployments/current/manage.py generate_realm_creation_link'
|
|
|
|
```
|
2018-05-22 20:29:33 +02:00
|
|
|
|
2019-06-17 21:16:34 +02:00
|
|
|
## Using an alternate port
|
|
|
|
|
|
|
|
If you'd like your Zulip server to use an HTTPS port other than 443, you can
|
|
|
|
configure that as follows:
|
|
|
|
|
|
|
|
1. Edit `EXTERNAL_HOST` in `/etc/zulip/settings.py`, which controls how
|
|
|
|
the Zulip server reports its own URL, and restart the Zulip server
|
|
|
|
with `/home/zulip/deployments/current/scripts/restart-server`.
|
|
|
|
1. Add the following block to `/etc/zulip/zulip.conf`:
|
|
|
|
|
2021-08-20 22:54:08 +02:00
|
|
|
```ini
|
|
|
|
[application_server]
|
|
|
|
nginx_listen_port = 12345
|
|
|
|
```
|
2019-06-17 21:16:34 +02:00
|
|
|
|
|
|
|
1. As root, run
|
2021-08-20 22:54:08 +02:00
|
|
|
`/home/zulip/deployments/current/scripts/zulip-puppet-apply`. This
|
|
|
|
will convert Zulip's main `nginx` configuration file to use your new
|
|
|
|
port.
|
2019-06-17 21:16:34 +02:00
|
|
|
|
|
|
|
We also have documentation for a Zulip server [using HTTP][using-http] for use
|
|
|
|
behind reverse proxies.
|
|
|
|
|
2024-02-16 23:07:19 +01:00
|
|
|
[using-http]: reverse-proxies.md#configuring-zulip-to-allow-http
|
2019-06-17 21:16:34 +02:00
|
|
|
|
2021-11-17 22:17:56 +01:00
|
|
|
## Customizing the outgoing HTTP proxy
|
2020-10-15 11:43:44 +02:00
|
|
|
|
2021-11-17 22:17:56 +01:00
|
|
|
To protect against [SSRF][ssrf], Zulip 4.8 and above default to
|
|
|
|
routing all outgoing HTTP and HTTPS traffic through
|
|
|
|
[Smokescreen][smokescreen], an HTTP `CONNECT` proxy; this includes
|
|
|
|
outgoing webhooks, website previews, and mobile push notifications.
|
2022-01-08 00:19:31 +01:00
|
|
|
By default, the Camo image proxy will be automatically configured to
|
|
|
|
use a custom outgoing proxy, but does not use Smokescreen by default
|
|
|
|
because Camo includes similar logic to deny access to private
|
|
|
|
subnets. You can [override][proxy.enable_for_camo] this default
|
|
|
|
configuration if desired.
|
2020-10-15 11:43:44 +02:00
|
|
|
|
2021-11-17 22:17:56 +01:00
|
|
|
To use a custom outgoing proxy:
|
2021-05-13 20:03:57 +02:00
|
|
|
|
2020-10-15 11:43:44 +02:00
|
|
|
1. Add the following block to `/etc/zulip/zulip.conf`, substituting in
|
|
|
|
your proxy's hostname/IP and port:
|
|
|
|
|
2021-08-20 22:54:08 +02:00
|
|
|
```ini
|
|
|
|
[http_proxy]
|
|
|
|
host = 127.0.0.1
|
|
|
|
port = 4750
|
|
|
|
```
|
2020-10-15 11:43:44 +02:00
|
|
|
|
|
|
|
1. As root, run
|
2021-08-20 21:53:28 +02:00
|
|
|
`/home/zulip/deployments/current/scripts/zulip-puppet-apply`. This
|
2021-11-17 22:17:56 +01:00
|
|
|
will reconfigure and restart Zulip.
|
|
|
|
|
|
|
|
If you have a deployment with multiple frontend servers, or wish to
|
|
|
|
install Smokescreen on a separate host, you can apply the
|
|
|
|
`zulip::profile::smokescreen` Puppet class on that host, and follow
|
|
|
|
the above steps, setting the `[http_proxy]` block to point to that
|
|
|
|
host.
|
|
|
|
|
|
|
|
If you wish to disable the outgoing proxy entirely, follow the above
|
|
|
|
steps, configuring an empty `host` value.
|
|
|
|
|
|
|
|
Optionally, you can also configure the [Smokescreen ACL
|
|
|
|
list][smokescreen-acls]. By default, Smokescreen denies access to all
|
|
|
|
[non-public IP
|
|
|
|
addresses](https://en.wikipedia.org/wiki/Private_network), including
|
|
|
|
127.0.0.1, but allows traffic to all public Internet hosts.
|
2021-02-26 23:40:18 +01:00
|
|
|
|
2021-11-17 22:17:56 +01:00
|
|
|
In Zulip 4.7 and older, to enable SSRF protection via Smokescreen, you
|
|
|
|
will need to explicitly add the `zulip::profile::smokescreen` Puppet
|
|
|
|
class, and configure the `[http_proxy]` block as above.
|
2020-10-15 11:43:44 +02:00
|
|
|
|
2024-02-16 23:07:19 +01:00
|
|
|
[proxy.enable_for_camo]: system-configuration.md#enable_for_camo
|
2020-10-15 11:43:44 +02:00
|
|
|
[smokescreen]: https://github.com/stripe/smokescreen
|
2021-05-13 20:03:57 +02:00
|
|
|
[smokescreen-acls]: https://github.com/stripe/smokescreen#acls
|
2021-02-26 23:40:18 +01:00
|
|
|
[ssrf]: https://owasp.org/www-community/attacks/Server_Side_Request_Forgery
|
2020-10-15 11:43:44 +02:00
|
|
|
|
2022-03-23 21:47:53 +01:00
|
|
|
### S3 file storage requests and outgoing proxies
|
|
|
|
|
|
|
|
By default, the [S3 file storage backend][s3] bypasses the Smokescreen
|
|
|
|
proxy, because when running on EC2 it may require metadata from the
|
|
|
|
IMDS metadata endpoint, which resides on the internal IP address
|
|
|
|
169.254.169.254 and would thus be blocked by Smokescreen.
|
|
|
|
|
|
|
|
If your S3-compatible storage backend requires use of Smokescreen or
|
|
|
|
some other proxy, you can override this default by setting
|
|
|
|
`S3_SKIP_PROXY = False` in `/etc/zulip/settings.py`.
|
|
|
|
|
|
|
|
[s3]: upload-backends.md#s3-backend-configuration
|
|
|
|
|
postgresql: Support replication on PostgreSQL >= 11, document.
PostgreSQL 11 and below used a configuration file names
`recovery.conf` to manage replicas and standbys; support for this was
removed in PostgreSQL 12[1], and the configuration parameters were
moved into the main `postgresql.conf`.
Add `zulip.conf` settings for the primary server hostname and
replication username, so that the complete `postgresql.conf`
configuration on PostgreSQL 14 can continue to be managed, even when
replication is enabled. For consistency, also begin writing out the
`recovery.conf` for PostgreSQL 11 and below.
In PostgreSQL 12 configuration and later, the `wal_level =
hot_standby` setting is removed, as `hot_standby` is equivalent to
`replica`, which is the default value[2]. Similarly, the
`hot_standby = on` setting is also the default[3].
Documentation is added for these features, and the commentary on the
"Export and Import" page referencing files under `puppet/zulip_ops/`
is removed, as those files no longer have any replication-specific
configuration.
[1]: https://www.postgresql.org/docs/current/recovery-config.html
[2]: https://www.postgresql.org/docs/12/runtime-config-wal.html#GUC-WAL-LEVEL
[3]: https://www.postgresql.org/docs/12/runtime-config-replication.html#GUC-HOT-STANDBY
2021-11-20 00:33:41 +01:00
|
|
|
## PostgreSQL warm standby
|
|
|
|
|
|
|
|
Zulip's configuration allows for [warm standby database
|
|
|
|
replicas][warm-standby] as a disaster recovery solution; see the
|
|
|
|
linked PostgreSQL documentation for details on this type of
|
2022-03-11 03:39:34 +01:00
|
|
|
deployment. Zulip's configuration builds on top of `wal-g`, our
|
2022-05-07 02:21:44 +02:00
|
|
|
[streaming database backup solution][wal-g], and thus requires that it
|
|
|
|
be configured for the primary and all secondary warm standby replicas.
|
postgresql: Support replication on PostgreSQL >= 11, document.
PostgreSQL 11 and below used a configuration file names
`recovery.conf` to manage replicas and standbys; support for this was
removed in PostgreSQL 12[1], and the configuration parameters were
moved into the main `postgresql.conf`.
Add `zulip.conf` settings for the primary server hostname and
replication username, so that the complete `postgresql.conf`
configuration on PostgreSQL 14 can continue to be managed, even when
replication is enabled. For consistency, also begin writing out the
`recovery.conf` for PostgreSQL 11 and below.
In PostgreSQL 12 configuration and later, the `wal_level =
hot_standby` setting is removed, as `hot_standby` is equivalent to
`replica`, which is the default value[2]. Similarly, the
`hot_standby = on` setting is also the default[3].
Documentation is added for these features, and the commentary on the
"Export and Import" page referencing files under `puppet/zulip_ops/`
is removed, as those files no longer have any replication-specific
configuration.
[1]: https://www.postgresql.org/docs/current/recovery-config.html
[2]: https://www.postgresql.org/docs/12/runtime-config-wal.html#GUC-WAL-LEVEL
[3]: https://www.postgresql.org/docs/12/runtime-config-replication.html#GUC-HOT-STANDBY
2021-11-20 00:33:41 +01:00
|
|
|
|
2022-03-17 00:04:52 +01:00
|
|
|
In addition to having `wal-g` backups configured, warm standby
|
|
|
|
replicas should configure the hostname of their primary replica, and
|
|
|
|
username to use for replication, in `/etc/zulip/zulip.conf`:
|
postgresql: Support replication on PostgreSQL >= 11, document.
PostgreSQL 11 and below used a configuration file names
`recovery.conf` to manage replicas and standbys; support for this was
removed in PostgreSQL 12[1], and the configuration parameters were
moved into the main `postgresql.conf`.
Add `zulip.conf` settings for the primary server hostname and
replication username, so that the complete `postgresql.conf`
configuration on PostgreSQL 14 can continue to be managed, even when
replication is enabled. For consistency, also begin writing out the
`recovery.conf` for PostgreSQL 11 and below.
In PostgreSQL 12 configuration and later, the `wal_level =
hot_standby` setting is removed, as `hot_standby` is equivalent to
`replica`, which is the default value[2]. Similarly, the
`hot_standby = on` setting is also the default[3].
Documentation is added for these features, and the commentary on the
"Export and Import" page referencing files under `puppet/zulip_ops/`
is removed, as those files no longer have any replication-specific
configuration.
[1]: https://www.postgresql.org/docs/current/recovery-config.html
[2]: https://www.postgresql.org/docs/12/runtime-config-wal.html#GUC-WAL-LEVEL
[3]: https://www.postgresql.org/docs/12/runtime-config-replication.html#GUC-HOT-STANDBY
2021-11-20 00:33:41 +01:00
|
|
|
|
|
|
|
```ini
|
|
|
|
[postgresql]
|
|
|
|
replication_user = replicator
|
|
|
|
replication_primary = hostname-of-primary.example.com
|
|
|
|
```
|
|
|
|
|
|
|
|
The `postgres` user on the replica will need to be able to
|
2022-03-17 00:04:52 +01:00
|
|
|
authenticate as the `replication_user` user, which may require further
|
2022-03-10 20:18:30 +01:00
|
|
|
configuration of `pg_hba.conf` and client certificates on the replica.
|
|
|
|
If you are using password authentication, you can set a
|
|
|
|
`postgresql_replication_password` secret in
|
|
|
|
`/etc/zulip/zulip-secrets.conf`.
|
postgresql: Support replication on PostgreSQL >= 11, document.
PostgreSQL 11 and below used a configuration file names
`recovery.conf` to manage replicas and standbys; support for this was
removed in PostgreSQL 12[1], and the configuration parameters were
moved into the main `postgresql.conf`.
Add `zulip.conf` settings for the primary server hostname and
replication username, so that the complete `postgresql.conf`
configuration on PostgreSQL 14 can continue to be managed, even when
replication is enabled. For consistency, also begin writing out the
`recovery.conf` for PostgreSQL 11 and below.
In PostgreSQL 12 configuration and later, the `wal_level =
hot_standby` setting is removed, as `hot_standby` is equivalent to
`replica`, which is the default value[2]. Similarly, the
`hot_standby = on` setting is also the default[3].
Documentation is added for these features, and the commentary on the
"Export and Import" page referencing files under `puppet/zulip_ops/`
is removed, as those files no longer have any replication-specific
configuration.
[1]: https://www.postgresql.org/docs/current/recovery-config.html
[2]: https://www.postgresql.org/docs/12/runtime-config-wal.html#GUC-WAL-LEVEL
[3]: https://www.postgresql.org/docs/12/runtime-config-replication.html#GUC-HOT-STANDBY
2021-11-20 00:33:41 +01:00
|
|
|
|
|
|
|
[warm-standby]: https://www.postgresql.org/docs/current/warm-standby.html
|
2022-03-17 00:04:22 +01:00
|
|
|
[wal-g]: export-and-import.md#database-only-backup-tools
|