diff --git a/puppet/zulip/manifests/camo.pp b/puppet/zulip/manifests/camo.pp index 27b2673c3a..54e4d6312e 100644 --- a/puppet/zulip/manifests/camo.pp +++ b/puppet/zulip/manifests/camo.pp @@ -14,5 +14,9 @@ class zulip::camo { group => 'root', mode => '0644', content => template('zulip/camo_defaults.template.erb'), + notify => Service[camo], + } + service { 'camo': + ensure => running, } } diff --git a/scripts/lib/install b/scripts/lib/install index 30046835e0..3f90540394 100755 --- a/scripts/lib/install +++ b/scripts/lib/install @@ -259,11 +259,16 @@ EOF fi ) > /etc/zulip/zulip.conf +case ",$PUPPET_CLASSES," in + *,zulip::voyager,* | *,zulip::dockervoyager,* | *,zulip::app_frontend,*) + "$ZULIP_PATH"/scripts/setup/generate_secrets.py --production + ;; +esac + "$ZULIP_PATH"/scripts/zulip-puppet-apply -f # Detect which features were selected for the below set +e -[ -e "/etc/init.d/camo" ]; has_camo=$? [ -e "/etc/init.d/nginx" ]; has_nginx=$? [ -e "/etc/supervisor/conf.d/zulip.conf" ]; has_appserver=$? [ -e "/etc/cron.d/rabbitmq-numconsumers" ]; has_rabbit=$? @@ -272,7 +277,6 @@ set -e # Docker service setup is done in the docker config, not here if [ "$DEPLOYMENT_TYPE" = "dockervoyager" ]; then - has_camo=1 has_nginx=1 has_appserver=0 has_rabbit=1 @@ -311,7 +315,6 @@ EOF fi if [ "$has_appserver" = 0 ]; then - "$ZULIP_PATH"/scripts/setup/generate_secrets.py --production if [ -z "$NO_OVERWRITE_SETTINGS" ] || ! [ -e "/etc/zulip/settings.py" ]; then cp -a "$ZULIP_PATH"/zproject/prod_settings_template.py /etc/zulip/settings.py if [ -n "$EXTERNAL_HOST" ]; then @@ -324,15 +327,6 @@ if [ "$has_appserver" = 0 ]; then ln -nsf /etc/zulip/settings.py "$ZULIP_PATH"/zproject/prod_settings.py fi -# Restart camo since generate_secrets.py likely replaced its secret key -if [ "$has_camo" = 0 ]; then - # Cut off stdin because a bug in the Debian packaging for camo - # causes our stdin to leak to the daemon, which can cause tools - # invoking the installer to hang. - # TODO: fix in Debian too. - service camo restart /dev/null; then set +x diff --git a/scripts/setup/generate_secrets.py b/scripts/setup/generate_secrets.py index 7baad7c243..6acd192b58 100755 --- a/scripts/setup/generate_secrets.py +++ b/scripts/setup/generate_secrets.py @@ -20,8 +20,6 @@ from zerver.lib.utils import generate_random_token os.chdir(os.path.join(os.path.dirname(__file__), '..', '..')) -CAMO_CONFIG_FILENAME = '/etc/default/camo' - # Standard, 64-bit tokens AUTOGENERATED_SETTINGS = [ 'avatar_salt', @@ -30,18 +28,6 @@ AUTOGENERATED_SETTINGS = [ 'thumbor_key', ] -# TODO: We can eliminate this function if we refactor the install -# script to run generate_secrets before zulip-puppet-apply. -def generate_camo_config_file(camo_key): - # type: (str) -> None - camo_config = """ENABLED=yes -PORT=9292 -CAMO_KEY=%s -""" % (camo_key,) - with open(CAMO_CONFIG_FILENAME, 'w') as camo_file: - camo_file.write(camo_config) - print("Generated Camo config file %s" % (CAMO_CONFIG_FILENAME,)) - def generate_django_secretkey(): # type: () -> str """Secret key generation taken from Django's startproject.py""" @@ -102,10 +88,6 @@ def generate_secrets(development=False): if need_secret('zulip_org_id'): add_secret('zulip_org_id', str(uuid.uuid4())) - if not development: - # Write the Camo config file directly - generate_camo_config_file(current_conf['camo_key']) - if len(lines) == 0: print("generate_secrets: No new secrets to generate.") return