From 52c1e8ac7dd598132d3cc756f092a2836c4be079 Mon Sep 17 00:00:00 2001 From: Tim Abbott Date: Wed, 27 Apr 2016 22:32:27 -0700 Subject: [PATCH] Run a local camo server in voyager production environments. Camo is a caching image proxy, used in Zulip to avoid mixed-content warnings by proxying HTTP image content over HTTPS. We've been using it in zulip.com production for years; this change makes it available in standalone Zulip deployments. --- .../files/nginx/zulip-include-app.d/camo.conf | 7 +++++++ .../files/nginx/zulip-include-frontend/upstreams | 4 ++++ puppet/zulip/manifests/localhost_camo.pp | 14 ++++++++++++++ puppet/zulip/manifests/voyager.pp | 1 + scripts/lib/install | 6 ++++++ tools/travis/production-helper | 2 +- zproject/local_settings_template.py | 5 ++++- zproject/settings.py | 2 ++ zproject/test_settings.py | 7 ++++--- 9 files changed, 43 insertions(+), 5 deletions(-) create mode 100644 puppet/zulip/files/nginx/zulip-include-app.d/camo.conf create mode 100644 puppet/zulip/manifests/localhost_camo.pp diff --git a/puppet/zulip/files/nginx/zulip-include-app.d/camo.conf b/puppet/zulip/files/nginx/zulip-include-app.d/camo.conf new file mode 100644 index 0000000000..f9b34c20f5 --- /dev/null +++ b/puppet/zulip/files/nginx/zulip-include-app.d/camo.conf @@ -0,0 +1,7 @@ +# Proxies /external_content to a local installation of the camo image +# proxy software +location /external_content { + rewrite /external_content/(.*) /$1 break; + proxy_pass http://camo; + include /etc/nginx/zulip-include/proxy; +} diff --git a/puppet/zulip/files/nginx/zulip-include-frontend/upstreams b/puppet/zulip/files/nginx/zulip-include-frontend/upstreams index ebe9681a86..c46d20b948 100644 --- a/puppet/zulip/files/nginx/zulip-include-frontend/upstreams +++ b/puppet/zulip/files/nginx/zulip-include-frontend/upstreams @@ -10,3 +10,7 @@ upstream tornado { upstream localhost_sso { server localhost:8888; } + +upstream camo { + server localhost:9292; +} diff --git a/puppet/zulip/manifests/localhost_camo.pp b/puppet/zulip/manifests/localhost_camo.pp new file mode 100644 index 0000000000..33c824283b --- /dev/null +++ b/puppet/zulip/manifests/localhost_camo.pp @@ -0,0 +1,14 @@ +class zulip::localhost_camo { + include zulip::camo + + # Install nginx configuration to run camo locally + file { "/etc/nginx/zulip-include/app.d/camo.conf": + require => Package["nginx-full"], + ensure => file, + owner => "root", + group => "root", + mode => 644, + notify => Service["nginx"], + source => "puppet:///modules/zulip/nginx/zulip-include-app.d/camo.conf", + } +} diff --git a/puppet/zulip/manifests/voyager.pp b/puppet/zulip/manifests/voyager.pp index 5b96975005..911cdc6d0c 100644 --- a/puppet/zulip/manifests/voyager.pp +++ b/puppet/zulip/manifests/voyager.pp @@ -17,4 +17,5 @@ class zulip::voyager { include zulip::memcached include zulip::rabbit include zulip::redis + include zulip::localhost_camo } diff --git a/scripts/lib/install b/scripts/lib/install index e3abb59ff6..782f315b90 100755 --- a/scripts/lib/install +++ b/scripts/lib/install @@ -42,6 +42,12 @@ fi cp -a /root/zulip/zproject/local_settings_template.py /etc/zulip/settings.py ln -nsf /etc/zulip/settings.py /root/zulip/zproject/local_settings.py +# Restart camo since generate_secrets.py likely replaced its secret key +if [ -z "$TRAVIS" ]; then + # We don't run this in Travis CI due to a weird hang bug + service camo restart +fi + if ! rabbitmqctl status >/dev/null; then set +x echo; echo "RabbitMQ seems to not have started properly after the installation process." diff --git a/tools/travis/production-helper b/tools/travis/production-helper index 517bd193a1..fbad403c73 100755 --- a/tools/travis/production-helper +++ b/tools/travis/production-helper @@ -18,7 +18,7 @@ apt-get update apt-mark hold initramfs-tools initramfs-tools-bin oracle-java8-installer udev linux-image-3.19.0-28-generic linux-image-generic-lts-vivid base-files linux-firmware chromium-browser google-chrome-stable g++-4.8 gcc-4.8 cpp-4.8 openjdk-6-jre-headless openjdk-7-jre-headless apt-get upgrade -y $APT_OPTIONS # Install Zulip -/root/zulip/scripts/setup/install +env TRAVIS=1 /root/zulip/scripts/setup/install cat >>/etc/zulip/settings.py <