Luke Faraone
104c2a06ae
Set iptables rules for each IP, not just each interface
...
(imported from commit c24d2123489dc384bf50e379d245807af3488ebf)
2013-12-13 18:07:08 -05:00
Kevin Mehall
f929e51776
puppet: Make Camo Nagios check waste less bandwidth
...
Use http://www.google.com/favicon.ico instead of a 1.7MB animated gif from
imgur.
(imported from commit 94993af35bf87b0f22e6e743a9ba1cc1c5c9a78f)
2013-12-13 17:27:01 -05:00
Tim Abbott
950e4c800b
puppet: Declare upstreams properly in app nginx config.
...
(imported from commit 859eeed0d5b92c1b5b2b0764aba06aebcde8e2e2)
2013-12-12 16:48:52 -05:00
Tim Abbott
ae4d214c49
Fix longpolling treatment for api.zulip.com/v1/events.
...
(imported from commit 78029972938ad7c9aa862330e38965b4b032c935)
2013-12-12 16:03:45 -05:00
Tim Abbott
73f04b21e9
Add zulip.customer29.invalid host.
...
(imported from commit ea3e7bb465c920b8ec21b7471cd261868f5059e7)
2013-12-12 16:03:45 -05:00
Tim Abbott
c21e85e569
Remove staging.humbughq.com loadbalancer config.
...
The DNS has been disabled for some time.
(imported from commit e054c0fb0b37077d8303eab4d4ffec6ff53e8990)
2013-12-12 16:03:45 -05:00
Kevin Mehall
662edc2558
[manual] Backend support for Android GCM push notifications
...
This adds a dependency on gcmclient:
http://gcm-client.readthedocs.org/en/latest/gcmclient.html
pip install gcm-client
or
apt-get install python-gcm-client
(imported from commit 9f1fbf1f793e4a27baed85c6f1aa7a7b03106a10)
2013-12-11 15:37:48 -05:00
Luke Faraone
b0a0853bd2
Specify full fingerprint rather than short key ID
...
(imported from commit fc4e9d51c440000e469f8e3882739215a3bcb022)
2013-12-11 10:54:30 -05:00
Luke Faraone
510b3349a7
Switch to downloading keys via SSL in puppet
...
(imported from commit 05d2b0626338f09370614e916050cfcee7f14829)
2013-12-11 10:54:30 -05:00
Luke Faraone
1b5c1ac021
Update style of client strings.
...
(imported from commit 1516461cf53b2715de68e01f16bb8a8cc33c48ad)
2013-12-09 11:47:52 -05:00
Leo Franchi
e39cc5324b
[puppet] Aggregate narrow timing stats
...
(imported from commit 4eff25635a3cb7687e995ad1127cff68da51329a)
2013-12-07 10:44:54 -05:00
Leo Franchi
f70878e6c5
Fix aggregation rules for endtoend time
...
(imported from commit 29165b09e2d8904ee502cc04610a951d87ef896f)
2013-12-07 10:44:54 -05:00
Tim Abbott
abeb29c226
Fix incorrect proxy_pass location for staging longpolling.
...
(imported from commit a4ac2c5c3416a8d8f748237411df6235f237e893)
2013-12-07 08:02:55 -05:00
Tim Abbott
09a61e8128
nginx: Enable keepalive for communication between lbs and frontends.
...
(imported from commit a7c8d9dfefbb6e5d01c8050688d831787b31bbd4)
2013-12-07 07:41:45 -05:00
Tim Abbott
a337638f7f
nginx config: Enable some popular performance-improving features.
...
(imported from commit 50193d071d091cc864867c9f7d5c9c9fb74b9d92)
2013-12-07 07:41:45 -05:00
Tim Abbott
6663247e22
Set nginx worker_processes automatically based on CPU count.
...
(imported from commit e48143c1410439d0574bc78bfd64c22a3063d558)
2013-12-07 07:41:45 -05:00
Tim Abbott
1843262672
puppet: Mark all Nagios plugins as executable.
...
They were being installed as executable anyway, but this will make
running them manually a bit easier.
(imported from commit a1181d2c90770af5aa44b0f65a47a460efdcf2d7)
2013-12-05 15:25:25 -05:00
Tim Abbott
64807c0628
nginx: Ensure zulip-include files are distributed to the right systems.
...
There were a few recently introduced bugs, and this also cuts down on
our having to review diffs that don't actually affect the relevant
server when doing updates.
(imported from commit 43f3cff9a414bc1632f45a8222012846353e8501)
2013-12-05 15:25:25 -05:00
Tim Abbott
676e9d90ff
nginx: Get rid of trailing / in loadbalancer proxy_pass directives.
...
The trailing "/" actually means "replace the location with /", which
is either useless or actively harmful, depending on the location.
(imported from commit 58b9c4c9e55e3a162ffce49c954bc2182ec57dde)
2013-12-05 15:25:25 -05:00
Tim Abbott
cc00ed6d7e
nginx: Clean up now-empty 'loadbalancer' include file.
...
(imported from commit d13b5d91f6b85ba3e0bef7728985d0eba1cae084)
2013-12-05 15:25:25 -05:00
Tim Abbott
afaff0c2cf
nginx: Set X-Forwarded-For in common proxy configuration.
...
Previously we sometimes set it to $proxy_add_x_forwarded_for and other
times to $remote_addr, but according to
http://wiki.nginx.org/HttpProxyModule#.24proxy_add_x_forwarded_for
$proxy_add_x_forwarded_for handles this for us -- it will be
$remote_addr if there was no X-Forwarded-For header anyway.
(imported from commit 67dc52250e3e7751b1bf375d1a71d0272475435c)
2013-12-05 15:25:25 -05:00
Tim Abbott
afe167ea58
nginx: Use the longpolling proxy configuration on load balancers.
...
(imported from commit f590e6b1eec2856b5128e310797f8ba58846417a)
2013-12-05 15:25:25 -05:00
Tim Abbott
21a69f2188
nginx: Move common longpolling proxy configuration into include file.
...
(imported from commit 4ace82824c32cec8c6da8a1a6b8a527dae105a89)
2013-12-05 15:25:24 -05:00
Tim Abbott
9e24558092
nginx: Move common proxy configuration into an include file.
...
(imported from commit 2ee5afc74fe146f8ee98f18f846342351c61c7f0)
2013-12-05 15:25:24 -05:00
Tim Abbott
3760609f3f
Enable /sockjs handling on api.zulip.com (not used yet).
...
(imported from commit c2581e3243b2129c980fd3dd318eb3d99f3eb593)
2013-12-05 15:25:24 -05:00
Tim Abbott
953c3578dc
external-sso.conf: Fix missing proxy_set_header.
...
(imported from commit 64bcb06cf65f15908ee74d637ab3868916b1dfd7)
2013-12-05 15:25:24 -05:00
Tim Abbott
79910fa2b3
Disable proxy_next_upstream for sockjs in remaining proxy_pass lines.
...
(imported from commit f14c7962253b34040ed9ab077a58c8b200df5d9d)
2013-12-05 15:25:24 -05:00
Tim Abbott
e5be713103
Clean up EXTERNAL_API_HOST usage and defaults.
...
We now have 2 variablse:
EXTERNAL_API_PATH: e.g. staging.zulip.com/api
EXTERNAL_API_URI: e.g. https://staging.zulip.com/api
The former is primarily needed for certain integrations.
(imported from commit 3878b99a4d835c5fcc2a2c6001bc7eeeaf4c9363)
2013-12-04 15:10:54 -05:00
Tim Abbott
b8a151ca4e
Revert "[puppet] Add cron job to restart our workers daily."
...
This reverts commit 0b0180b0751f6c618d877b9c9ffc2b8287254e4d.
(imported from commit a81c552100345d369ffcaf69f28a86dea0893128)
2013-12-04 10:27:45 -05:00
Tim Abbott
f7ac58bab5
Revert "Add user_activity_test worker that does nothing."
...
Now that we've debugged the memory leak, I don't think we need this
anymore.
This reverts commit 1bdc7ee2f72bdebb1cdc94601247834a434614d6.
Conflicts:
puppet/zulip/files/cron.d/rabbitmq-numconsumers
puppet/zulip/files/supervisor/conf.d/zulip.conf
(imported from commit ff87f2aebcbc71013fa7a05aedb24e2dcad82ae6)
2013-12-04 10:27:45 -05:00
Tim Abbott
606d8a4f9b
Add Nagios check for queue worker memory usage.
...
This is detect future memory leaks.
(imported from commit 75fd4c2ad41ea71e87a53fb33e2106c5773909d5)
2013-12-04 10:27:44 -05:00
Tim Abbott
850eae3e8e
puppet: Disable proxy_next_upstream feature in nginx config.
...
(imported from commit 84cad76701f9ee40fa9601ae06b3f804948b96d4)
2013-12-03 15:20:45 -05:00
Tim Abbott
5007d4d87a
[puppet] Update set_real_ip_from to use lb0's internal IP address.
...
This is something we forgot to do in the VPC migration, so our IPs
have all been the lb0 IP in our logs :(.
(imported from commit 9d3fc69cf72a84f7bd7c54e50fb1e776a67d971f)
2013-12-03 14:29:34 -05:00
Luke Faraone
dc5c410257
Remove django-jstemplate, unused per trac #1973
...
(imported from commit 97b2e75766e3576f17b7dab0f1a4a00c34a5c2e5)
2013-12-03 11:36:18 -05:00
Leo Franchi
42e23dc82e
[manual] Release desktop app 0.4.1 for OS X
...
This requires a puppet apply on prod0, and an update of the
Zulip-latest.dmg and Humbug-latest.dmg symlinks in
/src/www/dist/apps/mac and /srv/www/dist/apps/sso/mac
(imported from commit e83170a19ac2de6458a0fd43140068fab4135483)
2013-12-02 15:24:32 -05:00
Zev Benjamin
9fa9f81a0a
puppet: Add ptop to postgres-common packages
...
(imported from commit 085bf7d0ef33f8287bea9152e328908a89144b8f)
2013-12-02 14:54:53 -05:00
Zev Benjamin
20cf06013e
Add missing newline to crontab
...
(imported from commit fe14ff383ff6915f0e60d3e6904ecdedc5ff5bf7)
2013-11-28 02:17:07 -05:00
acrefoot
eb7be522ac
[manual] add supervisor and numconsumer entries for push notifications queue
...
requires puppet-apply on both staging and prod
(imported from commit 6fc25041b40145d7c62a8bb959a8d25d0dbcb44e)
2013-11-27 18:00:33 -05:00
Leo Franchi
d36510e4c3
[manual] Release Zulip Desktop 0.4.0
...
This requires a puppet apply, and also a manual update of
the Zulip-latest.* symlinks in /srv/www/dist/apps
(imported from commit 991dd6924ba33d81f486e914bcbadfec5b350660)
2013-11-26 17:41:25 -05:00
Tim Abbott
3971f18de8
loadbalancer: Fix missing location-sockjs config.
...
(imported from commit 27b168e73014d7b7c71fb00ce5b75271393fc491)
2013-11-26 12:22:17 -05:00
Zev Benjamin
7af4b92b98
puppet: Rename app to prod0 in nagios
...
(imported from commit c2d1c2c06276a816ef33e057d3f859c755490cb3)
2013-11-25 11:43:16 -05:00
Zev Benjamin
9f2af6fd0d
puppet: Fix postgres_primary alias
...
(imported from commit 1cd199224e45700fac03e68c99f9d4f7d9212b45)
2013-11-25 11:43:16 -05:00
Zev Benjamin
847d4dfbca
puppet: Specify hosts for the postgres autovac_freeze check via a hostgroup
...
(imported from commit d0afc1b78015740fa9638563a5672d3400dd5002)
2013-11-23 12:08:49 -05:00
Zev Benjamin
139518ccbe
puppet: Remove postgres0 from nagios and munin configs
...
(imported from commit 6a4eb208b2a344d65d684cf904ba882a5400056d)
2013-11-23 12:06:27 -05:00
Zev Benjamin
dacf97db48
puppet: Use peer authentication for Postgres nagios checks
...
(imported from commit d8f02d5320d6f8b97fd82cd3f0ca65f6e5c42b03)
2013-11-23 10:01:15 -05:00
Zev Benjamin
3454680e4b
puppet: Add VPC subnets to pg_hba.conf
...
(imported from commit 633bf08bfe2f3695bd6c9ed8584b78971ebe065f)
2013-11-23 08:23:49 -05:00
Zev Benjamin
bf8fb3c0df
puppet: Add postgres2 to nagios monitoring
...
(imported from commit 799b1304eebe49cf6d8153fb2bfd0b11a3bcab00)
2013-11-23 08:10:44 -05:00
Zev Benjamin
658972dda3
[manual] puppet: Add postgres2 to munin monitoring
...
You must run
autossh -2 -fN -M 20018 -L 5009:localhost:4949 nagios@postgres2.zulip.net
as nagios on nagios.zulip.net after deploying this commit.
(imported from commit bd8a61f99555ccf0a0010d79dbd89017aaafbb8f)
2013-11-23 08:10:44 -05:00
Zev Benjamin
d7d98aaacc
puppet: Move /etc/iptables/rules to /etc/iptables/rules.v4
...
The /etc/init.d/iptables-persistent initfile changed to expect there to be two
files in /etc/iptables (rules.v4 and rules.v6) instead of a single rules file.
Several of our machines are currently running without iptables rules as a
result.
(imported from commit 266c2ff26b77f7c9ae793690b0d544ee4cfa5020)
2013-11-23 08:10:44 -05:00
Zev Benjamin
c3f4ab6c94
puppet: Add replicator access from postgres2 to pg_hba.conf
...
(imported from commit 2a4f150c67d3136a5e97cb673cc7f14256ffae01)
2013-11-22 17:38:52 -05:00