From 2c5fc1827cb460030c24f7638abbc4d6a246a580 Mon Sep 17 00:00:00 2001 From: Alex Vandiver Date: Wed, 5 Jan 2022 10:45:12 -0800 Subject: [PATCH] puppet: Standardize what values are bools, and what true is. For `no_serve_uploads`, `http_only`, which previously specified "non-empty" to enable, this tightens what values are true. For `pgroonga` and `queue_workers_multiprocess`, this broadens the possible values from `enabled`, and `true` respectively. --- docs/production/deployment.md | 42 ++++++++++++------- .../files/postgresql/process_fts_updates | 10 ++++- .../lib/puppet/parser/functions/zulipconf.rb | 7 +++- puppet/zulip/manifests/app_frontend_base.pp | 2 +- puppet/zulip/manifests/nginx.pp | 12 +++--- puppet/zulip/manifests/postgresql_base.pp | 4 +- .../zulip/manifests/profile/app_frontend.pp | 4 +- .../nginx/zulip-enterprise.template.erb | 4 +- 8 files changed, 56 insertions(+), 29 deletions(-) diff --git a/docs/production/deployment.md b/docs/production/deployment.md index 4b8a782a4d..e7e318163f 100644 --- a/docs/production/deployment.md +++ b/docs/production/deployment.md @@ -538,6 +538,20 @@ the system and deployment; `/etc/zulip/settings.py` is used to configure the application itself. The `zulip.conf` sections and settings are described below. +When a setting refers to "set to true" or "set to false", the values +`true` and `false` are canonical, but any of the following values will +be considered "true", case-insensitively: + +- 1 +- y +- t +- yes +- true +- enable +- enabled + +Any other value (including the empty string) is considered false. + ### `[machine]` #### `puppet_classes` @@ -560,8 +574,7 @@ you will need to add **`zulip::apache_sso`** to the list. #### `pgroonga` -Set to the string `enabled` if enabling the [multi-language PGroonga -search +Set to true if enabling the [multi-language PGroonga search extension](../subsystems/full-text-search.html#multi-language-full-text-search). ### `[deployment]` @@ -591,9 +604,9 @@ repository](../production/upgrade-or-modify.html#upgrading-from-a-git-repository #### `http_only` -If set to non-empty, [configures Zulip to allow HTTP -access][using-http]; use if Zulip is deployed behind a reverse proxy -that is handling SSL/TLS termination. +If set to true, [configures Zulip to allow HTTP access][using-http]; +use if Zulip is deployed behind a reverse proxy that is handling +SSL/TLS termination. #### `nginx_listen_port` @@ -603,7 +616,7 @@ Set to the port number if you [prefer to listen on a port other than #### `no_serve_uploads` To enable the [the S3 uploads backend][s3-uploads], one needs to both -configure `settings.py` and set this to 'true' to configure +configure `settings.py` and set this to true to configure `nginx`. Remove this field to return to the local uploads backend (any non-empty value is currently equivalent to true). @@ -618,10 +631,11 @@ mode). The calculation is based on whether the system has enough memory (currently 3.5GiB) to run a single-server Zulip installation in the multiprocess mode. -Set to `true` or `false` to override the automatic calculation. This -override is useful both Docker systems (where the above algorithm -might see the host's memory, not the container's) and/or when using -remote servers for postgres, memcached, redis, and RabbitMQ. +Set explicitly to true or false to override the automatic +calculation. This override is useful both Docker systems (where the +above algorithm might see the host's memory, not the container's) +and/or when using remote servers for postgres, memcached, redis, and +RabbitMQ. #### `rolling_restart` @@ -670,10 +684,10 @@ setting](https://www.postgresql.org/docs/current/runtime-config-query.html#GUC-R #### `replication` -Set to non-empty to enable replication to enable [log shipping -replication between PostgreSQL servers](#postgresql-warm-standby). -This should be enabled on the primary, as well as any replicas, and -further requires configuration of +Set to true to enable replication to enable [log shipping replication +between PostgreSQL servers](#postgresql-warm-standby). This should be +enabled on the primary, as well as any replicas, and further requires +configuration of [wal-g](../production/export-and-import.html#backup-details). #### `replication_primary` diff --git a/puppet/zulip/files/postgresql/process_fts_updates b/puppet/zulip/files/postgresql/process_fts_updates index dff771cbd8..14b052dd4e 100755 --- a/puppet/zulip/files/postgresql/process_fts_updates +++ b/puppet/zulip/files/postgresql/process_fts_updates @@ -141,7 +141,15 @@ except ImportError: config_file = configparser.RawConfigParser() config_file.read("/etc/zulip/zulip.conf") - if config_file.has_option("machine", "pgroonga"): + if get_config(config_file, "machine", "pgroonga", "false").lower() in [ + "1", + "y", + "t", + "yes", + "true", + "enable", + "enabled", + ]: USING_PGROONGA = True pg_args["user"] = get_config(config_file, "postgresql", "database_user", "zulip") diff --git a/puppet/zulip/lib/puppet/parser/functions/zulipconf.rb b/puppet/zulip/lib/puppet/parser/functions/zulipconf.rb index 8946a8ffea..83f004c148 100644 --- a/puppet/zulip/lib/puppet/parser/functions/zulipconf.rb +++ b/puppet/zulip/lib/puppet/parser/functions/zulipconf.rb @@ -5,7 +5,12 @@ module Puppet::Parser::Functions zulip_conf_path = lookupvar("zulip_conf_path") output = `/usr/bin/crudini --get #{zulip_conf_path} #{joined} 2>&1`; result = $?.success? if result - output.strip() + if [true, false].include? default + # If the default is a bool, coerce into a bool + ['1','y','t','true','yes','enable','enabled'].include? output.strip.downcase + else + output.strip + end else default end diff --git a/puppet/zulip/manifests/app_frontend_base.pp b/puppet/zulip/manifests/app_frontend_base.pp index fade71baf5..d26dc48a2d 100644 --- a/puppet/zulip/manifests/app_frontend_base.pp +++ b/puppet/zulip/manifests/app_frontend_base.pp @@ -73,7 +73,7 @@ class zulip::app_frontend_base { # multiprocess. Multiprocess scales much better, but requires more # RAM; we just auto-detect based on available system RAM. $queues_multiprocess_default = $zulip::common::total_memory_mb > 3500 - $queues_multiprocess = Boolean(zulipconf('application_server', 'queue_workers_multiprocess', $queues_multiprocess_default)) + $queues_multiprocess = zulipconf('application_server', 'queue_workers_multiprocess', $queues_multiprocess_default) $queues = [ 'deferred_work', 'digest_emails', diff --git a/puppet/zulip/manifests/nginx.pp b/puppet/zulip/manifests/nginx.pp index 274ab00d8c..0ad56fe874 100644 --- a/puppet/zulip/manifests/nginx.pp +++ b/puppet/zulip/manifests/nginx.pp @@ -39,8 +39,12 @@ class zulip::nginx { # For installations using S3 to serve uploaded files, we want Django # to handle the /serve_uploads and /user_avatars routes, so that it # can serve a redirect (after doing authentication, for uploads). - $no_serve_uploads = zulipconf('application_server', 'no_serve_uploads', '') - if $no_serve_uploads == '' { + $no_serve_uploads = zulipconf('application_server', 'no_serve_uploads', false) + if $no_serve_uploads { + file { '/etc/nginx/zulip-include/app.d/uploads-internal.conf': + ensure => absent, + } + } else { file { '/etc/nginx/zulip-include/app.d/uploads-internal.conf': ensure => file, require => Package[$zulip::common::nginx], @@ -50,10 +54,6 @@ class zulip::nginx { notify => Service['nginx'], source => 'puppet:///modules/zulip/nginx/zulip-include-maybe/uploads-internal.conf', } - } else { - file { '/etc/nginx/zulip-include/app.d/uploads-internal.conf': - ensure => absent, - } } # TODO/compatibility: Removed 2021-04 in Zulip 4.0; these lines can diff --git a/puppet/zulip/manifests/postgresql_base.pp b/puppet/zulip/manifests/postgresql_base.pp index 25fb8fc446..2ec9058ff0 100644 --- a/puppet/zulip/manifests/postgresql_base.pp +++ b/puppet/zulip/manifests/postgresql_base.pp @@ -72,8 +72,8 @@ class zulip::postgresql_base { source => 'puppet:///modules/zulip/nagios_plugins/zulip_postgresql', } - $pgroonga = zulipconf('machine', 'pgroonga', '') - if $pgroonga == 'enabled' { + $pgroonga = zulipconf('machine', 'pgroonga', false) + if $pgroonga { # Needed for optional our full text search system # Removed 2020-12 in version 4.0; these lines can be removed when diff --git a/puppet/zulip/manifests/profile/app_frontend.pp b/puppet/zulip/manifests/profile/app_frontend.pp index 2313cf2680..0b25d39675 100644 --- a/puppet/zulip/manifests/profile/app_frontend.pp +++ b/puppet/zulip/manifests/profile/app_frontend.pp @@ -4,8 +4,8 @@ class zulip::profile::app_frontend { include zulip::app_frontend_base include zulip::app_frontend_once - $nginx_http_only = zulipconf('application_server', 'http_only', undef) - if $nginx_http_only != '' { + $nginx_http_only = zulipconf('application_server', 'http_only', false) + if $nginx_http_only { $nginx_listen_port = zulipconf('application_server', 'nginx_listen_port', 80) } else { $nginx_listen_port = zulipconf('application_server', 'nginx_listen_port', 443) diff --git a/puppet/zulip/templates/nginx/zulip-enterprise.template.erb b/puppet/zulip/templates/nginx/zulip-enterprise.template.erb index 87fa6bcf2f..7276c7ac27 100644 --- a/puppet/zulip/templates/nginx/zulip-enterprise.template.erb +++ b/puppet/zulip/templates/nginx/zulip-enterprise.template.erb @@ -1,4 +1,4 @@ -<% if @nginx_http_only != '' -%> +<% if @nginx_http_only -%> <% else -%> server { listen 80; @@ -15,7 +15,7 @@ server { include /etc/nginx/zulip-include/upstreams; server { -<% if @nginx_http_only != '' -%> +<% if @nginx_http_only -%> listen <%= @nginx_listen_port %>; listen [::]:<%= @nginx_listen_port %>; <% else -%>