Commit Graph

592 Commits

Author SHA1 Message Date
Tim Abbott 1e2cc2e8ad third: Add yarn installer to Zulip repo. 2017-07-21 17:28:20 -07:00
rht 614e3bb1ef scripts: Add script to autogenerate a self-signed SSL cert.
This will simplify step 1 of prod-install instruction to reduce
suffering in testing/experimenting production environments.

Attribution: the scripts/setup/configure-certs is based on @galexrt's
5c0daf6211

Further tweaked by tabbott to rename the script and edit the messages.
2017-07-16 17:22:32 -07:00
Tim Abbott c1d2654f3a setup-apt-repo: Add pgroonga code for Debian stretch.
The Groonga apt repository for Debian has a slightly different
structure.
2017-07-14 17:22:20 -07:00
EdOverflow 86cfed3e81 Update generate_secrets.py 2017-07-11 12:43:46 -07:00
Tim Abbott f724900e68 install-node: Fix provisioning when node/npm don't exist.
Our recent performance changes to this script broke it in the case
where there was no previous version of node/npm installed.
2017-07-11 12:36:35 -07:00
neiljp (Neil Pilgrim) 8433d95d99 mypy: Make success_stamp parameter to do_npm_install be required. 2017-07-08 10:49:42 -07:00
Aditya Bansal a55cb919ff install-node: Fix errors in case node or npm is not installed. 2017-07-06 22:06:01 -07:00
Tim Abbott d7556eef17 install-node: Remove dependency on realpath. 2017-07-06 18:09:39 -07:00
sinwar c52dbd57f5 provision: Avoid spending 2s reinstalling node/npm.
Tweaked by tabbott to just check the versions.

Fixes #5184.
2017-07-06 17:57:22 -07:00
sinwar 9cab965601 install-node: hardcode the path for npm.
This replaces nvm in npm-wrapper by harcoding the path the way we do
with node.  The main benefit is that this saves a few hundred
milliseconds every time we invoke npm.
2017-07-06 17:44:28 -07:00
Tommy Ip 3b8864bafa linter: Create error printing library.
For performance reasons, we spawn each linter in a separate OS thread.
The downside of this is that all lints would end up in stdout without
much visual separation, resulting in confusing error log. This commit
introduce the `print_err` function, which shows which linter each line
of lint is from.
2017-07-06 13:46:10 +08:00
Greg Price e1ce3daaff scripts/upgrade-zulip-from-git: Don't cache the repo URL, only the contents
We document the `deployment.git_repo_url` setting in `/etc/zulip/zulip.conf`
to control where this script fetches from, and don't say that it's
only read on the first such upgrade and cached thereafter.  The documented
behavior seems like the right behavior.  So use the currently configured
URL every time, by writing it anew into the config of our cache repo.
2017-06-28 15:49:57 -07:00
Umair Khan 908f099bb0 unpack-zulip: Do 2-step upgrade for version <= 1.3.10.
If the current version is less than or equal to 1.3.10, first
recommend an upgrade to the version 1.4.3 and then to the final
version.
2017-06-23 08:40:57 -04:00
Aditya Bansal cf503017d2 Use requirements file for pip/setuptools/wheels in venv setup.
Fixes: #5158.
2017-06-19 16:37:50 -04:00
Aditya Bansal e4af0caddb node_cache.py: Refactor to seperate out sha1sum generation.
Basically we just seperate out the sha1sum generation for the
node modules so that it can be reused later for cache clearance
logic. This is achieved by adding a function which returns the
sha1sum based HEX digest.
2017-06-19 07:55:23 -04:00
Vishnu Ks 7c5dd68414 Upgrade setuptools to 36.0.1. 2017-06-19 06:40:18 -04:00
Aditya Bansal f9cbb0936a setup_venv: Add wrapper to retry pip install if it fails first time. 2017-06-14 21:48:15 -07:00
Tim Abbott b70986469c generate_secrets: Fix handling of missing trailing newlines.
When we added support for automatically adding new secrets in
generate_secrets.py, we failed to account for the possibility that a
human editor might have let the secrets file without a trailing
newline.

We address this by adding a leading newline before our new secret.

Fixes #5209.
2017-06-03 23:17:04 -07:00
Tim Abbott c37204c62a upgrade-zulip-stage-2: Remove an unused import. 2017-06-02 15:14:13 -07:00
Tim Abbott 9e0749ad82 email-mirror-postfix: Fix mypy errors. 2017-06-01 22:51:26 -07:00
K.Kanakhin 47ec9fbbe2 email-mirror: Rewrite email mirror script on pure python.
The Zulip email mirror script called by postfix had performance/load
issues, because it spent so much time on startup/import due to use of
the Zulip virtualenv.

The script was rewritten using pure python (no Django) to improve
performance.
2017-06-01 21:50:49 -07:00
Tim Abbott be814b940d setup_venv: Pin a version of setuptools for creating venvs.
This works around a bad recent setuptools release:

https://github.com/pypa/setuptools/issues/1042
2017-05-31 23:58:24 -07:00
Aditya Bansal ee369ceb0c pep8: Add compliance with rule E261 scripts/lib/email-mirror-postfix. 2017-05-31 17:07:15 -07:00
Aditya Bansal 807fee68d6 pep8: Add compliance with rule E261 nagios/check-rabbitmq-consumers. 2017-05-31 17:07:15 -07:00
Aditya Bansal dee726f234 pep8: Add compliance with rule E261 scripts/lib/pythonrc.py. 2017-05-31 17:07:15 -07:00
Elliott Jin 0ec9e54954 bots: Add queue and QueueProcessingWorker for embedded bots. 2017-05-25 15:00:51 -07:00
theopen-institute 7eaa1fa0d0 create-production-venv: Fix symlink creation.
The install script was failing on 2nd+ attempts if the first attempt
was interrupted.

This failure happened because zulip-venv already existed at
`current_venv_path`. Changing the `ln` command's flags from `-s` to
`-nsf` should make this part of the script idempotent.
2017-05-20 21:31:50 -07:00
Tim Abbott 11adbf5783 generate_secrets: Fix placement of mypy type: ignore. 2017-05-17 00:05:57 -07:00
Tim Abbott b01ba5f389 generate_secrets: Fix mypy errors.
I'm pretty sure these errors reflect a problem with Typeshed, but
don't have time to investigate.
2017-05-16 23:28:44 -07:00
Tim Abbott 45a4aeac64 scripts: Run generate_secrets.py during the upgrade process.
Now that generate_secrets.py is idempotent, this allows us to
conveniently add new secrets whenever they are required.
2017-05-16 22:15:26 -07:00
Tim Abbott 2c6a91e24a scripts: Make generate_secrets.py idempotent.
Now, generate_secrets.py will never overwrite existing secrets.  In
addition to being a safer model in generate, this fixes 2 significant
issues:

(1) It makes it much easier to preserve secrets like Oauth tokens in a
development environment (previously, provision would destroy them).
(2) It makes it possible to automatically add new secrets as part of
the upgrade process.  In particular, this is useful for the
zulip_org_id settings.

Fixes #4797.
2017-05-16 22:15:25 -07:00
Tim Abbott 03b5200d8b generate_secrets: Reformat list of autogenerated secrets. 2017-05-16 22:15:25 -07:00
rht 00e057bf44 install-node: bypass nvm wrapper for faster node startup.
This fixes a significant performance issue with LaTeX rendering (and
other things that invoked node) where starting up node took a few
hundred milliseconds due to nvm initialization.

Tweaked by tabbott to avoid copying the node binary itself, instead
using a tiny wrapper script.

This is important primarily because it's possible a future version of
node will expect to find libraries/dependencies/etc. installed via NVM
at some path related to the path of the node binary itself, and that's
more guaranteed with this new model.

Fixes #4618.
2017-05-09 09:17:54 -07:00
Aditya Bansal b3ad6a6d77 pep8: Add compliance with rule E261 to hash_reqs.py. 2017-05-07 23:21:50 -07:00
vaibhav 8881b5eb9f Outgoing Webhook System: Check for @-mentioned outgoing webhook bots.
Also puts them into a processing queue, though the queue processor
does nothing.

Rewritten by tabbott to avoid unnecessary database queries in
do_send_messages.
2017-05-02 09:22:04 -07:00
Alexander Trost 889547ff5e configure-rabbitmq: Add support for RABBITMQ_NODE flag.
This can potentially be used by things like a Docker configuration
that runs RabbitMQ on another server.
2017-04-29 15:03:05 -07:00
K.Kanakhin e3e52e7284 email-mirror: Move postfix email mirror integration to separate script.
This fixes a performance problem where we were previously starting up
a full Django process (~0.7s even on a fast machine) every time a new
email came in, potentially allowing users to accidentally DoS a Zulip
server.  Now, we just post over HTTPS, allowing the existing thread
pool support to do its job.

- Add script wrapper to communicate postfix pipe with django web server
  over HTTP(S). It uses shared_secret authentication mode.
- Add django view to process messages from email mirror server.
- Clean management command `email-mirror`. Left just functional
  for cron email processing.
- Add routes for new tornado view.
- Change pipe script in master process postfix config template
  based on updated script.
- Add tests.

Tweaked by tabbott to adjust the directory and set better defaults.

Fixes #2421.
2017-04-24 21:24:23 -07:00
Feorlen 6ff78ca0e8 Set umask 022 before starting prod upgrade.
Follow-on from #2373/ PR https://github.com/zulip/zulip/pull/4316, to set an
appropriate umask also when upgrading so files have appropriate permissions.

I've tested this by starting from a clean install, deleting /srv/* so new
files are downloaded, and then doing an upgrade. It worked starting with both
a current version from master and an older release installed with a less
restrictive umask and then the umask changed.

Fixes #2373.
2017-04-19 10:28:06 -07:00
Tim Abbott 55a9101573 settings: Add support for ZULIP_ORG secrets.
These can be used to authenticate the current Zulip server to
zulip.org.
2017-04-18 23:00:10 -07:00
Feorlen 10ccfcdc8e Set umask 022 before starting prod install.
Fixes #2372.
2017-03-25 23:59:44 -07:00
Tim Abbott 5bf01fb7d4 create-production-venv: Fix issues with api/ relative path.
Fixes #4313.
2017-03-25 19:49:26 -07:00
K.Kanakhin 6a801db1c2 missed-emails-sending: Move email sending to separate queue worker.
- Add new 'missedmessage_email_senders' queue for sending missed messages emails.
- Add the new worker to process 'missedmessage_email_senders' queue.
- Split aggregation missed messages and sending missed messages email
  to separate queue workers.
- Adapt tests for sending missed emails to the new logic.

Fixes #2607
2017-03-07 20:08:40 -08:00
Tim Abbott 0afe832fc7 check-rabbitmq-consumers: Fix typing import issue. 2017-03-04 15:35:26 -08:00
Raghav Jajodia a3a03bd6a5 mypy: Added Dict, List and Set imports.
Fixed mypy errors associated with the upgrade.
2017-03-04 14:33:44 -08:00
Rishi Gupta 2bbfdeeb7b Fix more errors caught by mypy 0.501.
Another set of relatively easy to review changes.
2017-03-03 14:15:38 -08:00
Rishi Gupta 28d3af0965 Fix several new errors caught by mypy 0.501.
Clear out a bunch of easy to review errors, so we can focus on the more
complicated ones.
2017-03-03 14:12:52 -08:00
Tim Abbott f6f2c62caf zulip-puppet-apply: Fix running it as ./zulip-puppet-apply. 2017-02-27 15:25:14 -08:00
Tim Abbott fe0c4cad85 check-rabbitmq-consumers: Go back to hardcoding for now.
This should fix the production test suite in Travis CI, so that we can
debug what's broken here offline.
2017-02-22 22:58:59 -08:00
Tim Abbott b81add60fe check-rabbitmq-consumers: Fix queue_workers call. 2017-02-22 00:48:43 -08:00
Tim Abbott aa6567ee34 queue_workers: Fix confusing --queue_type argument name. 2017-02-22 00:23:26 -08:00
Tim Abbott 19896460f0 nagios: Fix RabbitMQ Nagios checks running Django as root.
This can cause problems by making the /var/log/zulip files owned by
root (not zulip) and thus not writable by the Zulip user.
2017-02-22 00:20:57 -08:00
Tim Abbott 51d3ab1cb7 initialize-database: Clean up final instructions.
Fixes #3678.
2017-02-21 20:19:16 -08:00
Tim Abbott 620f1e444e travis: Fix various bugs in new queue worker test.
* Now queue_workers.py sorts queue names and prints them on their own
  line.  Previously it's output was nondeterministic.
* Simplified grep strategy for removing the "test" worker.
2017-02-19 21:17:42 -08:00
Tim Abbott 333062f08e nagios: Automate queue list in check-rabbitmq-consumers. 2017-02-19 16:19:55 -08:00
Tim Abbott d6bbcd2737 travis: Automate updates to production-helper Nagios test.
This list was likely to end up out of date quickly, since it wasn't
documented that you need to update it when adding a queue.  The best
solution is to just not require it to be updated.
2017-02-19 16:19:53 -08:00
Tim Abbott 34046c1f55 check-rabbitmq-consumers: Add missing embed_links consumer. 2017-02-19 13:12:00 -08:00
Tim Abbott 213af24e47 check-rabbitmq-consumers: Reformat worker_queues list. 2017-02-19 13:12:00 -08:00
Tim Abbott 473c0ee1fe mypy: Remove now-unused type: ignores. 2017-02-18 17:01:01 -08:00
Tim Abbott 609082c475 puppet: Remove hardcoding of /root/zulip from puppet path.
This is an important prerequisite to being able to remove dependence
on the /root/zulip symlink altogether.
2017-02-08 11:13:19 -08:00
Tim Abbott 31d4f99573 upgrade: Stop trying to copy node_modules out of tarballs.
Now that we no longer use node_modules at all in production (it's only
used to generate static assets), we don't include `node_modules` in
the production tarballs, and thus we shouldn't attempt to copy
`node_modules` out of the production tarballs when installing.

Fixes a regression introduced in
d71f2e7b9b.
2017-02-07 10:39:31 -08:00
Tim Abbott 126b1c4edc upgrade: Don't require authors updates deploying from Git.
Fixes #3392.
2017-01-23 23:00:09 -08:00
Tim Abbott 4e171ce787 lint: Clean up E126 PEP-8 rule. 2017-01-23 22:06:13 -08:00
Tim Abbott de99f48ce7 lint: Clean up E401 PEP-8 rule. 2017-01-23 21:36:39 -08:00
Tim Abbott 22d1aa396b lint: Clean up W503 PEP-8 warning. 2017-01-23 20:50:04 -08:00
Ayush Goyal a85b539c4a zulip_tools: Improve color and copy for run() errors.
Tweaks to the text are edited by tabbott.
2017-01-17 14:37:15 -08:00
Tim Abbott 747f66bfe1 docs: Add README.md files for scripts/ and tools/. 2017-01-17 11:01:27 -08:00
Tim Abbott 1d5edff927 setup_venv: Give up if virtualenv-clone isn't working.
virtualenv-clone can sometimes fail if the old virtualenv is
broken; in that case, we can just make a new one.
2017-01-09 11:21:42 -08:00
Tim Abbott 54acbc41ed prod: Ensure the Zulip version of node is installed. 2017-01-06 16:18:29 -08:00
Tim Abbott e4b065e03a Move tools/setup/install-node to scripts/setup/. 2017-01-06 16:18:29 -08:00
Tim Abbott 374e900432 upgrade-zulip: Fix bug in migrations detection. 2017-01-06 16:18:29 -08:00
Tim Abbott e5fbea1007 upgrade-zulip: Move static asset compilation before shutdown.
This saves about a minute of downtime when using
upgrade-zulip-from-git in the default configuration.

It should also save several seconds of downtime when upgrading to a
production release tarball as well.
2017-01-06 14:04:54 -08:00
Tim Abbott 90ee8d1207 upgrade-zulip: Only pause for migrations if not current.
This saves about 1s of downtime when doing a no-op upgrade with the
default settings.  Small, but worthwhile.
2017-01-06 14:03:55 -08:00
Saumya Rawat d3a7d0202f dev: Auto-create log directory in management command.
Check 'zulip/var/log' folder exists and create if not as FileHandler only checks for existence of log file.
2016-12-17 17:18:49 -08:00
Umair Khan 336a041ac0 Django 1.10: Use uWSGI.
Fixes: #1121

With some tweaks by tabbott to make the number of processes configurable.
2016-12-13 21:40:43 -08:00
Umair Khan fda0387695 Create Python version agnostic venv link for prod.
This link points to either 'zulip-venv' or 'zulip-py3-venv' and makes
uWSGI configration very easy.
2016-12-13 21:40:43 -08:00
Tim Abbott 95a49f6ea2 node_cache: Fix buggy production deployment code.
The previous version of the production deployment code for release
tarballs did not correctly install the node_modules directory.
2016-12-08 10:34:04 -08:00
anirudhjain75 beaa62cafa mypy: Convert several directories to use typing.Text.
Specifically, these directories are converted: [analytics/, scripts/,
tools/, zerver/management/, zilencer/, zproject/]
2016-12-07 20:51:05 -08:00
AZtheAsian c23f9e0df7 pep8: Fix E111 violations 2016-12-01 14:18:11 -08:00
Tim Abbott fd7cb10964 install: Check whether the system has at least 2GB RAM.
This should eliminate a common class of user error installing Zulip.

Fixes #2290, fixes #2320.
2016-11-30 16:07:57 -08:00
Tommy Ip e4091c6413 pep8: Fix E222 violations. 2016-11-30 21:49:02 +00:00
Tommy Ip 46b7d54b3e pep8: Fix E701 violations. 2016-11-30 20:45:09 +00:00
Igor Tokarev e6ae53cbff install: Add clear error message if upstart is installed on Xenial.
Fixes #2199.
2016-11-29 19:16:26 -08:00
Rafid Aslam 7a2282986a pep8: Fix E225 pep8 violations. 2016-11-28 15:21:15 -08:00
Anders Kaseorg 78d6c3d7e9 install: Fix RabbitMQ node name if RabbitMQ is not installed.
This indirectly causes the RabbitMQ node name for new Zulip
installations to default to zulip@localhost, which would eliminate the
persistent problems we have had

Fixes #194, #465, #1375, #1751.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2016-11-26 18:54:29 -08:00
Anders Kaseorg 207cf6302b Always start python via shebang lines.
This is preparation for supporting using Python 3 in production.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2016-11-26 14:46:37 -08:00
Anders Kaseorg 2d6525df04 install: Install python3, python3-six
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2016-11-26 13:26:18 -08:00
Anders Kaseorg 573ec14955 Remove shebang line from non-scripts
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2016-11-26 13:20:22 -08:00
Anders Kaseorg 712c98cb48 Use zulip-py3-venv when running on Python 3
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2016-11-26 13:20:22 -08:00
Tim Abbott f5935e81c7 install: Support being run not directly from /root/zulip.
This adds a dependency on the realpath package on trusty; we could try
to remove it if needed, but given that realpath is included in
coreutils on Xenial (and presumably anything else modern), I think
it's reasonable to add it.

Fixes #1797.
2016-11-18 19:56:58 -08:00
Tim Abbott 5b35aada7c zulip_tools: Fix run to not eat error output.
We fix this by just using `subprocess.check_call`.
2016-10-27 12:26:01 -07:00
Tim Abbott 8e82257444 Fix node_cache code to not require root.
The previous code caused problems using a system where the zulip user
doesn't have sudo rights.
2016-10-25 17:52:19 -07:00
Tim Abbott 41b0079ab2 node_cache: Fix success_stamp logic.
Previously, success_stamp was touched whenever we used a particular
node_modules version; it makes more sense to only touch it when the
node_modules directory has actually changed.
2016-10-25 17:52:17 -07:00
Umair Khan e428f3feda Run apt-get update only if sources.list has changed.
Fixes: #2025
2016-10-19 16:23:21 +05:00
Tim Abbott 4a4664d268 mypy: Remove a bunch of now-unnecessary type: ignore annotations.
Since mypy and typeshed have advanced a lot over the last several
months, we no longer need these `type: ignore` annotations.
2016-10-17 11:48:34 -07:00
Tim Abbott fc20c86d8d install: Move apt-get update into setup-apt-repo. 2016-10-16 01:13:50 -07:00
Tim Abbott fcde846b58 setup_venv: Fix handling of Git requirements.
get_package_names did not correctly strip the GitHub URLs from package
names, resulting in the "package names" for our dependencies installed
from Git being tracked with the complete sha1sum included in the name.
This meant that upgrading our virtualenvs incorrectly ended up
resorting to creating an entirely new virtualenv whenever we changed a
dependency that had previously been installed from GitHub URLs.
2016-10-16 01:10:43 -07:00
Tim Abbott 7c16172f9e node_cache: Fix buggy annotations for stdout/stderr. 2016-10-15 22:53:28 -07:00
Tim Abbott 8821b269bf flush-memcached: Replace 'set -x' with more clear output.
Similar to `terminate-psql-sessions`, this was just unnecessary spam
output.
2016-10-14 17:10:06 -07:00
Tim Abbott 382c8853f3 terminate-psql-sessions: Remove set -x.
Now that we're no longer actively debugging this tool, there's no need
to have it print everything it's doing.

This will make `test-backend` a lot nicer to use.
2016-10-14 17:08:05 -07:00
Tim Abbott 14f6e4c740 scripts: Stop using apt-add-repository.
Unfortunately, apt-add-repository is highly unreliable and was causing
problems both in Travis CI and with developers provisioning their
environment.
2016-10-11 22:10:36 -07:00
K.Kanakhin 14545d1647 create-production-venv: Add PY3 support to production venv creation script.
Create production python virtual env based on system python version.
2016-10-11 14:19:00 -07:00
Diptanshu8 d7253b144c generate-secrets: Refactor to make development/production explicit.
generate-secrets.py now requires --development for development environment
setup or --production for production environment setup (and one of these
options is mandatory).

This solves the problem that it was somewhat easy to accidentally run
generate-secrets.py without the `-d` option while doing manual development
environment setup.

Fixes: #1911.
2016-10-06 17:12:49 -07:00
Tim Abbott a2b91221d0 upgrade-zulip: Only remove zproject/local_settings.py if symlink.
This fixes a problem where if we're deploying from git,
local_settings.py ends up part of the diff in the deployed git
repository.
2016-10-04 20:41:17 -07:00
umkay d260a22637 Add a new statistics/analytics framework.
This is a first pass at building a framework for collecting various
stats about realms, users, streams, etc. Includes:
* New analytics tables for storing counts data
* Raw SQL queries for pulling data from zerver/models.py tables
* Aggregation functions for aggregating hourly stats into daily stats, and
  aggregating user/stream level stats into realm level stats
* A management command for pulling the data

Note that counts.py was added to the linter exclude list due to errors
around %%s.
2016-10-04 17:18:54 -07:00
Umair Khan b4214ec8cb Fix formatting of print in run function. 2016-09-30 10:42:52 -07:00
Tim Abbott c819a66e09 postgres-init-db: Use default bash to call flush-memcached. 2016-09-28 20:46:34 -07:00
Tim Abbott 9c0c6c0c23 node_cache: Don't make node_modules symlinks as root. 2016-09-28 00:36:40 -07:00
Sahil Dua 058587da77 Remove extra new lines at the ends of Zulip authoried files.
Fixes #1627.

[tweaked by tabbott to avoid patching third-party modules, for now]
2016-09-26 21:05:24 -07:00
umkay 798e6faa9e provision: Use NVM to install node and npm.
NVM takes a specific node version and installs the node package and
a corresponding compatible npm package.

We use it in a somewhat hackish way to install node/npm globally with
a pinned version, since that's how we actually want to consume node in
our development environment.

Other details:
- Travis CI now is configured to use the version of node installed by
provision; the easiest way to do this was to sabotage the existing node
installation.
- jsdom is upgraded to a current version, which both requires recent
node and also is required for the tests to pass with recent node.
This fixes running the node tests on Xenial.

Fixes #1498.

[tweaked by tabbott]
2016-09-23 14:34:44 -07:00
Steve Howell 13d6f52203 provision: Handle VENV_CACHE_PATH not existing.
If VENV_CACHE_PATH does not exist (which can happen if you destroy
your vagrant environment), then do a short circuit return in
try_to_copy_venv().
2016-09-20 06:55:08 -07:00
Umair Khan e3078b226a Optimize incremental virtualenv creation.
This adds a new system for copying packages from old virtualenvs that
are sufficiently similar to the new virtualenv required.

In practice, this results in a huge performance improvement for
re-provisioning Zulip development environments when the requirements
files have changed (which is the dominant performance problem with
provision today).

Fixes: #1507.
2016-09-19 22:35:32 -07:00
Umair Khan ff0f413d26 Use npm caching in upgrade-zulip-stage-2. 2016-09-16 12:40:48 -07:00
Umair Khan ec74974de3 Create node_cache module for npm caching. 2016-09-16 12:40:48 -07:00
Umair Khan 859b1fbb2c setup_venv.py: Remove comma from the end. 2016-09-08 14:14:28 -07:00
Christie Koehler 586b236375 upgrade: Create prod_settings symlink in step 2 if it doesn't exist.
Between releases 1.3.13 and 1.4.0, local_settings.py was renamed to
prod_settings.py. The upgrade scripts were adjusted to reflect this name
change. But because the first part of the upgrade script is run with the
currently installed version's code, the symlink to /etc/zulip/settings.py is
created with the old name. This was causing upgrade-zulip-stage-2 to fail.

Now upgrade-zulip-stage-2 creates the symlink at zproject/prod_settings.py
if it doesn't already exist.

Fixes #1731.
2016-09-06 14:51:16 -07:00
Tim Abbott 9818a760b5 Install pgroonga in development and (optionally) in prod.
This is preliminary work towards being able to merge support for using
the pgroonga full-text search solution for all languages in Zulip.
2016-08-25 18:03:55 -07:00
Tim Abbott fba93cb494 scripts: rename deploy-zulip-from-git to reference upgrading. 2016-08-25 10:48:59 -07:00
Vishnu Ks a7ead9e99d settings: Eliminate ADMIN_DOMAIN for creating initial realm.
We now use `./manage.py generate_realm_creation_link` as the flow flow
for creating one's first realm.
2016-08-25 09:37:33 -07:00
Umair Khan 194cbf17a1 Allow run command to accept **kwargs. 2016-08-18 15:06:22 -07:00
Tim Abbott e7c3a0c819 check-rabbitmq-consumers: Add missing tornado_return consumer.
I'd like to move this list to be automatically generated, but this
fixes the fact that it's missing for now.
2016-08-17 22:53:00 -07:00
Taranjeet Singh d606b95242 zulip_tools.py: Move zulip_tools.py in scripts/lib.
This commit moves zulip_tools.py as part of cleaning the root directory
and organizing proejct into better directory structure.
2016-08-15 16:44:50 -07:00
ukhan 180b438c44 Upgrade setuptools prior to updating mock 2016-08-12 17:56:23 -07:00
Tim Abbott 88a123d5e0 Fix excessive CPU usage by rabbitmq-numconsumers Nagios checks.
The previous model for these Nagios checks was kinda crazy -- every
minute, we'd run a full `rabbitmctl list_consumers` for each of the
dozen+ consumers that we have, and then do the exact same parsing
logic for each to determine whether the target queue has a running
consumer to write out a state file.

Because `rabbitmctl list_consumers` takes a small amount of resources,
on systems where CPU is very limited (e.g. t2 style AWS instances),
this minor CPU wastage could be problematic.

Now we just do that `rabbitmqctl list_consumers` once per minute, and
output all the state files from a single command.

Further TODO items on this front include removing the hardcoded list
of queues.
2016-08-12 14:09:36 -07:00
Tim Abbott 6496fe2a53 travis: Remove rabbitmq nodename dependency on hostname.
Because rabbitmq doesn't support changing the nodename of a running
rabbitmq node, Zulip installations suffered a plague of issues where
e.g. a Zulip server would reboot, the hostname would change, and
suddenly the local rabbitmq instance being used by Zulip would stop
working.

We address this problem by using, by default, a fixed rabbitmq
nodename, but providing server administrators the option to set the
rabbitmq nodename used by Zulip however they choose.

To upgrade an existing server to use this new configuration, one will
need to add something like the following to /etc/zulip/zulip.conf:

[rabbitmq]
nodename = zulip@localhost

However, I don't believe we have the puppet code in place to make this
work correctly at initial installation without rabbitmq-server being
already installed (but off), as we can easily setup in Travis CI but I
haven't been willing to do for the installer.  So for now, this just
fixes our Travis CI problems.

Fixes: #1579.
2016-08-12 09:38:23 -07:00
Alexander Trost 8d4896809a Deduplication of configuration: Database Initialization
Comment tweaked slightly by tabbott.
2016-08-05 13:33:22 -07:00
Tim Abbott 5bff72c385 Revert "Use apt-add-repository to setup Zulip PPA."
This reverts commit 3f95e567c1.

Apparently `apt-add-repository` fails periodically in CI.  I suspect
this is some sort of silly networking problem, but given that all
we're saving is a few lines of code, the old version was better if
this fails basically ever.
2016-08-05 13:29:17 -07:00
Tim Abbott 3f95e567c1 Use apt-add-repository to setup Zulip PPA. 2016-08-04 22:17:07 -07:00
Tim Abbott 4d02c6efef scripts: Purge old deployments on every upgrade.
Fixes: #554.
2016-08-04 17:02:48 -07:00
Tim Abbott 51f069aa18 scripts: Refactor deployment-finished logging. 2016-08-04 17:02:48 -07:00
Tim Abbott 91b1521578 purge-old-deployments: Avoid purging last/next deployments. 2016-08-04 17:02:48 -07:00
Tim Abbott 1158a86ae7 restart-server: Maintain a last symlink. 2016-08-04 17:02:48 -07:00
Tim Abbott 82ad32f058 deploy-zulip-from-git: Update next symlink. 2016-08-04 17:02:48 -07:00
Tim Abbott 0d39ed82d1 Annotate cron_file_helper. 2016-08-04 15:57:03 -07:00
Tim Abbott 3839a25c74 Annotate generate_secrets.py. 2016-08-04 15:53:23 -07:00
Tim Abbott a12909d0d3 deploy-zulip-from-git: Move migrations/puppet skipping options to config. 2016-08-02 14:31:07 -07:00
Tim Abbott c4d482e722 upgrade-zulip-stage-2: chdir to deploy_path explicitly.
This makes rerunning this manually if it fails much more convenient.
2016-08-02 14:31:07 -07:00
Tim Abbott 7e348df198 deploy-zulip-from-git: Cleanup git_repo_url computation.
Now we assume the main GitHub zulip.git if a repo isn't specified.
2016-08-02 14:31:07 -07:00
Tim Abbott dc4b89fb08 deploy-zulip-from-git: Add a cache directory. 2016-08-02 14:31:07 -07:00
Tim Abbott 0ee3178167 Move update-deployment to scripts/deploy-zulip-from-git. 2016-08-02 14:31:07 -07:00
Tim Abbott fef32af28c update-deployment: Switch to using update-zulip-part-2. 2016-08-02 14:31:07 -07:00
Tim Abbott 972b42ee7b upgrade-zulip-stage-2: Only stop services early when needed. 2016-08-02 14:31:07 -07:00
Tim Abbott 5886d3eeec upgrade-zulip-stage-2: Add --skip-migrations option. 2016-08-02 14:31:07 -07:00
Tim Abbott 759144232f upgrade-zulip-stage-2: Add --skip-puppet option. 2016-08-02 14:31:07 -07:00
Tim Abbott 8ce55b9789 upgrade-zulip-stage-2: Use argparse for options. 2016-08-02 14:31:07 -07:00
Tim Abbott 3b277c3b1f install: Give nice error message on installation failure. 2016-07-31 19:24:45 -07:00
Tim Abbott 084d504c39 install: Remove unnecessary cd command at end. 2016-07-31 19:24:38 -07:00
Tim Abbott 8b285ec0ff puppet: Read camo key from zulip-secrets.conf. 2016-07-31 00:23:24 -07:00
Tim Abbott 3239197fdb puppet: Silence puppet warnings about missing hiera.yaml. 2016-07-30 21:25:19 -07:00
Tim Abbott 63c757eac3 puppet: add zulipconf function for reading settings from zulip.conf.
This makes it convenient for us to have optional user-defined settings
in the main Zulip puppet configuration.
2016-07-30 21:23:12 -07:00
Tim Abbott af54edcaa7 scripts: Move apt repository setup to its own script. 2016-07-30 21:00:18 -07:00
Tim Abbott d07bcf060e install: Cleanup code for PPA setup. 2016-07-30 21:00:01 -07:00
Eklavya Sharma 51ea5c1602 scripts/: Make subprocess calls unicode-aware. 2016-07-26 12:06:41 -07:00
Alexander Trost 6e10236972 Disable auto-service-restart for docker installations. 2016-07-25 16:40:29 -07:00
Eklavya Sharma 11732f9ab0 Make all scripts in scripts/ pass mypy check. 2016-07-24 00:17:21 +05:30
Eklavya Sharma baa157344c Patch activate script only in development. 2016-07-21 14:11:41 -07:00
Eklavya Sharma e7813094d7 Patch activate script to set VIRTUAL_ENV correctly.
Patch a virtualenv's activate script to not resolve symlinks when
setting the environment variable VIRTUAL_ENV.

Fixes #1190.
2016-07-21 14:11:41 -07:00
Tim Abbott dd6e92a714 setup_venv: Fix missing dependencies on image libraries. 2016-07-20 14:55:45 -07:00
Eklavya Sharma 576a090499 Add libpq-dev to VENV_DEPENDENCIES. 2016-07-20 22:15:06 +05:30
Tim Abbott 35339f5117 Rename local_settings_template to prod_settings_template. 2016-07-19 20:59:59 -07:00
Tim Abbott 19b860ceec Rename local_settings.py symlink to prod_settings.py. 2016-07-19 20:59:59 -07:00
Tim Abbott 9c9b6176a9 install: Fix feature detection/set -e incompatibility.
Previously, the whole script would stop when a feature wasn't
available.
2016-07-19 20:12:27 -07:00
Tim Abbott 8eaa75b90f setup_venv: Remove unnecessary postgresql-server-dev-all dependency.
This package is a dependency for building tsearch_extras, but isn't
needed for building a Zulip virtualenv.
2016-07-19 19:19:42 -07:00
Umair Khan 9f42fda7f4 Use stripped down version of Talon. 2016-07-13 11:24:18 -07:00
Umair Khan 395e053ce3 Revert "Revert "Extract reply from email.""
This reverts commit f1ba3ded42.
2016-07-13 11:24:18 -07:00
Sumana Harihareswara 07afc9d34b Move production health check doc to separate page. 2016-07-12 15:46:10 -07:00
Tim Abbott 883e991adf install: Improve support for non-default puppet rules.
Previously, the install script would fail if you passed various
non-default puppet rules, since the code to configure and restart
services that runs later on in the install script largely ran
unconditionally, regardless of whether the relevant service was
actually installed on the target system.

This should make the main install script reusable for installing
e.g. a dedicated Postgres server for use with Zulip.
2016-07-12 14:12:09 -07:00
Tim Abbott 80bf7e32a4 Add option to not create a virtualenv. 2016-07-12 14:12:05 -07:00
Eklavya Sharma f1ba3ded42 Revert "Extract reply from email."
This reverts commit f1f48f305e.

The use of sklearn unfortunately caused a substantial slowdown to the
Zulip provisioning process, which didn't seem worth it for a
relatively minor feature.
2016-07-10 11:30:30 -07:00
Tim Abbott 12028339a3 puppet: Use --detailed-exitcodes to return nonzero exit code on failure.
Apparently, puppet has messed up exit codes and doesn't by default
return the usual 0=success, nonzero=failure codes.  By default, it
seems to always return 0; and with `--detailed-exitcodes`, it returns
the complicated thing documented in the comments.

We fix this by checking the exit code and translating it to what we
actually care about, namely whether errors occurred.

See https://tickets.puppetlabs.com/browse/PUP-2754 for details.

Fixes #1094.
2016-07-08 12:11:44 -07:00
Umair Khan f1f48f305e Extract reply from email. 2016-07-08 10:58:25 -07:00
Eklavya Sharma 7e020e3dae scripts/lib/setup_venv.py: Use universal_newlines=True.
In python 3, subprocess uses bytes for input and output if
universal_newlines=False (the default).  It uses str for input and
output if universal_newlines=True.
Since we're dealing with strings here, add universal_newlines=True
to subprocess.check_output calls.
2016-07-06 13:50:55 -07:00
Eklavya Sharma f1b72c5f41 Upgrade wheel before installing venv requirements.
This is required because an older wheel version causes problems
when building wheels on python 3.
2016-07-02 11:53:26 -07:00
Eklavya Sharma 0b714ea6c6 Use python2-specific requirements files. 2016-07-02 11:53:26 -07:00
Tim Abbott f094123fd3 install: Add support for installing Xenial systems.
This isn't fully supported yet, but merging this makes it more
convenient to test Zulip on Ubuntu Xenial.
2016-06-28 23:05:38 -07:00
Tim Abbott 4aae4de294 Properly cache production virtualenvs in Travis CI.
Previously, the --travis argument wasn't available to the `setup_venv`
code when creating the production virtualenv.
2016-06-28 12:04:11 -07:00
Tim Abbott 7ed0ab8c4a Ensure Zulip virtualenvs are world-readable.
This is important for both ensuring the Nagios checks work correctly
in production, as well as making sure the `zulip` user can access the
virtualenv (owned by the `travis` user) in Travis CI.
2016-06-28 12:03:01 -07:00
Tim Abbott 4a7913bc22 setup_venv: Use correct VENV_CACHE_PATH for production suite. 2016-06-27 21:16:22 -07:00
Eklavya Sharma a9835c0ab2 Activate virtualenv in production Python code.
The manage.py change effectively switches the Zulip production server
to use the virtualenv, since all of our supervisord commands for the
various Python services go through manage.py.

Additionally, this migrates the production scripts and Nagios plugins
to use the virtualenv as well.
2016-06-27 19:55:35 -07:00
Eklavya Sharma 64affb83f9 Create a virtualenv when installing/upgrading production instances. 2016-06-27 19:55:11 -07:00
Tim Abbott 101820bc29 Move docker development environment scripts to tools/.
scripts/ is for scripts which are used in production.
2016-06-27 13:38:06 -07:00
Tim Abbott dfd8fede4a setup_venv: Add missing build essential dependencies.
Apparently, c74a74dc74 introduced a bug
where we are no longer correctly depending on build-essential as part
of the Zulip development environment installation process.

Fixes #1111.
2016-06-24 09:11:10 -07:00
Eklavya Sharma 9482cdccf4 scripts/lib/setup-venv.py: Accept None as target_venv_path.
If target_venv_path in setup_virtualenv is None, create a virtualenv
named 'venv' but don't make a symlink to it.  Also return
cached_venv_path.
2016-06-23 14:17:17 -07:00
Eklavya Sharma 0365a4a9f2 Factor out apt dependencies for setting up virtualenv.
Move apt dependencies for creating a virtualenv from provision.py
to scripts/lib/setup_venv.py.
2016-06-23 14:17:17 -07:00
Tim Abbott d3f3046629 Add python-six to early installer dependencies.
Since we're now using python-six in zulip-puppet-apply, we need to
install python-six before calling into zulip-puppet-apply.
2016-06-22 08:11:34 -07:00
Eklavya Sharma 121a5f26fb Move hash_reqs.py from tools/ to scripts/lib/.
This is needed because hash_reqs.py is used to create a virtualenv.
Currently we only use virtualenv in development, but we will soon
start using it in production.  Scripts used in production should be
put in scripts/.
2016-06-22 18:12:08 +05:30
Eklavya Sharma fc8d4f9ef5 Factor out venv-creating code from provision.py.
Move setup_virtualenv and do_setup_virtualenv from provision.py to
scripts/lib/setup_venv.py.
2016-06-21 11:25:41 -07:00
Tim Abbott f7ce5fc179 generate_secrets: Silence mypy error with configparser.
See https://github.com/python/typeshed/issues/307.
2016-06-20 09:03:09 -07:00
Umair Khan a9a6687b7d Make generate-secrets script use existing values.
Fixes #1035
2016-06-20 17:00:27 +05:00
Michael Cordover b401ec0af7 Warn on postgres-init-db if >200 messages exist.
Closes #548.
2016-06-13 15:57:51 -07:00
acrefoot cf15b0b4e6 Fix hanging nc and 'invalid wait time' error on Trusty.
Apparently, 0 isn't a supported wait time value in some versions of nc.
2016-06-02 18:02:13 -07:00
Eklavya Sharma 94e4b39112 Replace python2.7 by python everywhere. 2016-05-29 05:03:08 -07:00
Eklavya Sharma 149938d468 Change shebangs from python2.7 to python. 2016-05-29 05:03:08 -07:00
Tim Abbott 6e1872987d Move bin/get-django-setting to scripts/. 2016-05-07 19:37:06 -07:00
Tim Abbott a315849a9e Move bin/log-management-command to scripts/lib/.
We're in the process of eliminating the bin/ subdirectory in favor of
the scripts/ tree, and this one isn't user-facing.
2016-05-07 19:37:06 -07:00
Tim Abbott cb81a59e38 Move write-rabbitmq-consumers-state-file to scripts/nagios/. 2016-05-07 19:37:06 -07:00
Tim Abbott 2761c012e5 Move rabbitmq consumer checks from bots/ to scripts/nagios/. 2016-05-07 19:37:06 -07:00
Tim Abbott be6566dc5c nagios: Move cron_file_helper from bots/ to scripts/lib.
This ensures the tool is available in Zulip production deployments.
2016-05-07 19:37:06 -07:00
Tim Abbott 52c1e8ac7d Run a local camo server in voyager production environments.
Camo is a caching image proxy, used in Zulip to avoid mixed-content
warnings by proxying HTTP image content over HTTPS.  We've been using
it in zulip.com production for years; this change makes it available
in standalone Zulip deployments.
2016-05-02 17:21:31 -07:00
Tim Abbott 6e1e4aaef6 postgres-init-db: Add POSTGRES_USER argument. 2016-04-26 15:27:35 -07:00
Tim Abbott dc772518e7 Don't chown supervisor socket if it doesn't exist. 2016-04-26 15:27:35 -07:00
Tim Abbott 6a3c775842 install: Ensure prod-static/serve is created. 2016-04-26 15:27:35 -07:00
Tim Abbott bb25b6060e install: Avoid unnecessarily storing apt key under /root. 2016-04-26 15:07:53 -07:00
Tim Abbott e9416a9fb2 install: Add PUPPET_CLASSES variable. 2016-04-26 15:06:37 -07:00
Tim Abbott a9d86a3620 install: Add DEPLOYMENT_TYPE variable. 2016-04-26 15:04:32 -07:00
Tim Abbott 68c6d514e8 install: Add ADDITIONAL_PACKAGES option. 2016-04-26 15:02:28 -07:00
Tim Abbott ae48f6394b migrations: Disable prompting about content-type deletion.
The main function of prompting inside `manage.py migrate` is to ask
the user if they want to delete stale content-types, which is
unimportant and likely scary, so we disable doing so.
2016-04-13 13:19:02 -07:00
Tim Abbott 4352a022cd Add type: ignore to wildcard imports in pythonrc.py. 2016-04-03 15:40:24 -07:00
Tim Abbott f9222de83e Auto-load commonly used modules in manage.py shell.
This automatically loads settings, zerver.models.* and
zerver.lib.actions.* when you start `manage.py shell`, which should
save a bit of time basically every time someone uses it.

Fixes #275.
2016-03-19 11:32:49 -07:00
Eklavya Sharma 7b8cb105bf Apply Python 3 futurize transform libmodernize.fixes.fix_imports_six
Refer to #256
2016-03-10 22:03:30 -08:00
Eklavya Sharma c59185e119 Apply Python 3 futurize transform libfuturize.fixes.fix_print_with_import
Refer #256
2016-03-10 22:02:17 -08:00
Luke Faraone 9d9bfb27ef Correct shell quoting around $DEFAULT_USER in terminate-psql-sessions
Previously, we used shell quoting that would result in the shell variable not
being substituted. Instead, we use `"`s that will allow for variable
substitution.
2016-02-19 02:09:50 +00:00
Vladislav Manchev dfbea01c8f Add support for running OpenBSD in development environment. 2016-01-21 22:33:55 -08:00
Alexander Trost 84f7a1f1ea Make rabbitmq, redis, and memcached configurable via user settings.py.
Previously these were hardcoded in zproject/settings.py to be accessed
on localhost.

[Modified by Tim Abbott to adjust comments and fix configure-rabbitmq]
2016-01-21 22:07:56 -08:00
Tim Abbott 26e9d55e16 deployments: Refactor locking libraries into zulip_tools.py.
The code in update-deployment and upgrade-zulip for managing the
deployment lock was nearly identical.
2016-01-11 21:36:42 -08:00
Tim Abbott f871090bb6 upgrade-zulip: Archive release tarballs at /home/zulip/archives.
A common issue when doing a Zulip upgrade is trying to pass
upgrade-zulip a tarball path under /root, which doesn't work because
the Zulip user doesn't have permission to read the tarball.  We
could fix this by just unpacking the tarballs as root, but it seemed
like a nicer approach would be to archive the release tarballs
somewhere readable by the Zulip user (/home/zulip/archives) and unpack
them from there.

Fixes #208.
2016-01-11 21:36:42 -08:00
Tim Abbott c101bf663d Run upgrade-zulip-stage-2 from an absolute path.
This should make it more obvious in tracebacks that we are running the
script from the version of Zulip we're upgrading to, not the old
version.
2016-01-11 21:36:42 -08:00
Tim Abbott 52d0423591 Document structure of upgrade-zulip-stage-2 more clearly. 2016-01-11 21:36:41 -08:00
Tim Abbott 186f563176 Fix deployment locks being leaked when a deployment fails.
The point of the lock is to prevent two deployments happening at the
same time and racing with each other, not to prevent doing any future
deployments after an error happens (which is what the current
implementation does in practice).

Addresses part of #208.
2016-01-11 21:36:41 -08:00
Tim Abbott e7353902df upgrade-zulip: Restart process-fts-updates if also a DB host.
Previoulsy, process-fts-updates wouldn't be restarted on a server
upgrade in Voyager configurations.
2016-01-09 16:59:43 -08:00
Tim Abbott 75b5a1b8da upgrade-zulip: Stop zulip-senders too when shutting down services. 2016-01-09 16:59:43 -08:00
Reid Barton b2a92877ff Don't print echo commands in initialize-database post-success message. 2015-12-25 10:38:44 -08:00
Reid Barton 64a142f0a2 Fix running postgres-init-db via a relative path.
If the user runs ./scripts/setup/postgres-init-db, then dirname "$0"
would no longer refer to the correct directory after cd /.
2015-12-25 10:06:45 -08:00
Javier Ros ab89ef501f Add support for a development environment with Docker. 2015-12-14 18:22:56 -08:00
Tim Abbott 7395003e6a Fix buggy #! lines using "/usr/bin/env python2.7 -u".
The #! line processing interpreted the argument to pass to `env` as
"python2.7 -u", which obviously isn't a real program.

We fix this by setting the PYTHONUNBUFFERED environment variable
inside the program, which has the same effect.

Thanks to Dan Fedele for the bug report and suggested solution!
2015-11-16 08:46:48 -08:00
Tim Abbott 827babdf29 terminate-psql-sessions: Remove dependency on bc.
Fixes #281.
2015-11-11 21:35:16 -08:00
Tim Abbott 6eb670097c Expand testing done via Travis CI to cover production pipeline.
With this change, we are now testing the production static asset
pipeline and installation process in a new testing job (and also run
the frontend/backend tests separately).

This means that changes that break the Zulip static asset pipeline or
production installation process are more likely to fail tests.  The
testing is imperfect in that it does not have proper isolation -- we
build a complete Zulip development environment and then install a
Zulip production environment on top of it, so e.g. any apt
dependencies installed for Zulip development will still be available
for the Zulip production environment.  But, it's better than nothing!

A good v2 of this would be to have the production setup process just
install the minimum stuff needed to run `build-release-tarball` and
then uninstall it / clean it up so that we can do a more clear
production installation, but that's more work.
2015-11-01 18:11:39 -08:00
Tim Abbott 421560af21 postgres-init-db: Stop all services before recreating database. 2015-11-01 18:11:39 -08:00
Tim Abbott 3c31f9a2e3 Drop database users prior to DROP/CREATE database.
This fixes an annoying issue where one tries to rebuild the database,
and it fails due to there being existing connections.

The one thing that is potentially scary about this implementation is
that it means it's now a lot easier to accidentally drop your
production database by running the wrong script; might be worth adding
a "--force" flag controlling this behavior or something.

Thanks to Nemanja Stanarevic and Neeraj Wahi for prototypes of this
implementation!  They did most of the work and testing for this.
2015-11-01 18:11:39 -08:00
Tim Abbott b7cd000af6 install: Check nginx configuration is valid.
It's better to fail here and have the user correct the issue than fail
later.
2015-11-01 18:06:59 -08:00
Tim Abbott f3783fb4a1 Apply Python 3 futurize transform libfuturize.fixes.fix_print_with_import. 2015-11-01 09:26:16 -08:00
Steven Oud d5435fad1d Consistently use /usr/bin/env python2.7 in shebangs and commands. 2015-10-21 22:58:21 +00:00
Tim Abbott e75ba630fb initialize-database: Make management command errors fatal again.
We accidentally made this non-fatal when we added the nice error
output telling users to run postgres-init-db.
2015-10-15 12:21:46 -04:00
Tim Abbott bf694fa832 Flush memcached whenever we drop the databases.
This fixes some issues that we've had where commands will fail is
confusing ways after the database is rebuilt because data from before
the database was dropped is still in the memcached cache.
2015-10-15 12:18:41 -04:00
Raphael 0608e32eeb Cause install to return 1 on failure.
This fixes issue #123. Namely, the script in scripts/setup/install was
returning 0. Adding `set -e` and `set -o pipeline` causes the install
script to exit and return 1 if any part fails, including piping output
(`set -o pipeline` does this).
2015-10-07 08:46:16 -04:00
Ged Lawrenson 21b7048e54 install: Verify that the script has sufficient privileges. 2015-09-30 10:55:49 -07:00
Tim Abbott 92aebe595b Dramatically extend post-install documentation for production Zulip. 2015-09-30 09:04:14 -07:00
Tim Abbott 40ec59b93e install: Add nice error message for RabbitMQ not having started. 2015-09-29 18:41:31 -07:00
Tim Abbott 5bf66e04fc initialize-database: Print nice instructions for how to redo if fails.
Most of our installation process is idempotent, but this step in
particular is not, so it's important to provide a clear error message
about how to proceed.
2015-09-29 18:27:27 -07:00
Tim Abbott 96bd1c38dc install: Make sure python is installed before using it.
This is relevant for completely bare Ubuntu systems which might only
have python3 installed.

Fixes #40.
2015-09-26 21:34:36 -07:00
Tim Abbott 9748780192 Remove unnecessary puppet.conf configuration.
Fixes #23.
2015-09-26 21:34:19 -07:00
Tim Abbott 00bf7b25b5 install: Remote the python-django-guardian hack.
This is no longer required since it's in the PPA now.
2015-09-26 18:01:18 -07:00
Anders Kaseorg 0d12dfd06f Improve shell quoting hygiene
Most of these problems were found by ShellCheck
(http://www.shellcheck.net).

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2015-09-25 23:25:08 -04:00
Andreas Litt aeb6a5df7c Use current working dir instead of /tmp 2015-09-25 22:11:59 +02:00
Andreas Litt 94c35d8fb0 Fix 'python-django-guardian' download
While the docu on https://www.zulip.org/server.html says:
```
cd /root/zulip
./scripts/setup/install
```
This script downloads the `python-django-guardian_1.3-1~zulip4_all.deb` file to current working dir (`/root/zulip` if you follow the docu), but tries to install it from /root/.
This fails obviously. So i changed the download location to /tmp/.
2015-09-25 22:02:13 +02:00
Tim Abbott b69c6228af Hackishly install a correct version of python-django-guardian in prod install.
(imported from commit 1027e05a1a9805a17fcb4b8dea2c2cf8cda280af)
2015-09-25 09:45:26 -07:00
Tim Abbott abb1a13e31 Switch to new Trusty PPA for Voyager install process.
(imported from commit 91fdc16f121938d36c389f5b285f0da942558759)
2015-09-25 09:45:26 -07:00
Tim Abbott 2348a83678 postgres-init-db: Fix running with cwd=/root.
(imported from commit d2ac25fa8c54b89eed80e941b3eacf1a4c2f5546)
2015-09-25 00:22:15 -07:00
Tim Abbott 6540807761 install: Copy rather than moving local_settings_template.py.
(imported from commit 23e5af225738af32567c543df75375cd5ce378dc)
2015-09-24 22:41:00 -07:00
Tim Abbott 2fb9560476 puppet: enterprise=>voyager for single-server configuration.
(imported from commit 7cc47ac7c470239cd00f69cfd3137b39a0d06e3a)
2015-09-24 22:40:59 -07:00
Tim Abbott cf17168c9f Move prod README to root of repository.
(imported from commit db108ffa7f88f22610ecee085abdcd6c5a2bb681)
2015-09-22 21:22:11 -07:00
Reid Barton 5be0c2902e Connect to the zulip database correctly in postgres-init-db
(imported from commit b6ab80567ff5d229a00c7d2cf5866bca0ee9c7c5)
2015-08-29 12:07:33 -07:00
Reid Barton 942e97d886 Create directory to write log of initial installation into
(imported from commit fa352a7b4f57379df14249fd5f168249ead64777)
2015-08-28 09:40:30 -07:00
Reid Barton d8b44606a3 Make configure-rabbitmq fail on error
If there's a problem with Django settings then RMQPW would just be
empty, causing more confusing errors downstream.

(imported from commit 5948b1a15eb92fc032ea02e499be58365d8e9ecb)
2015-08-28 09:37:58 -07:00
Reid Barton 4e61c06903 Fix postgres syntax when creating zulip schema in production
(imported from commit 51ba85b995e4b5044f914163dab7f2ae14df908f)
2015-08-28 09:37:46 -07:00
Reid Barton 5768fd7f49 Remove reference to Zulip deployment key from Zulip Voyager README
(imported from commit 74a4f86839fb76eb175016453d91b916b9ce416d)
2015-08-23 21:44:27 -07:00
Reid Barton a3d85f501b Create tsearch_extras in production database setup
(imported from commit e6c699b06f022d923b57ccee7ad778f870bf890d)
2015-08-21 16:54:35 -07:00
Tim Abbott d281fc75fd Rename generate_voyager_secrets.py => generate_secrets.py.
(imported from commit c2f370c3b241601b4f6883d3953ceec1efda71be)
2015-08-21 10:33:36 -07:00
David Roe e3f38acbce Enterprise => Voyager.
(imported from commit 41b9a67301aeaf5fd40bbbb8f34a326ca98431fd)
2015-08-21 10:33:35 -07:00
David Roe 3f7cb34b00 enterprise => voyager
(imported from commit 04be792bb480d5e5db1c91d296d1000cf1682571)
2015-08-21 10:33:35 -07:00
Reid Barton 362f9c6c5f Django 1.7: syncdb and migrate are now synonyms
(imported from commit b8a1b2476892bab2418240b04deea6aa40ff1b03)
2015-08-20 23:01:26 -07:00
Yoyo Zhou ec5ed87ca0 Make get_secret return None instead of an exception if the secret isn't defined.
Remove empty key generation from generate_enterprise_secrets, since get_secret ignores missing keys now.

(imported from commit 32d61e3058f0d41bfb4b17775e581a3c84540fe7)
2015-08-20 21:54:38 -07:00
Jonathan Dahan e95dfd78ed Fix production deployment script.
(imported from commit 5b8398a0075dc297d3f86c65ce2ef43977e57ecb)
2015-08-20 20:50:41 -07:00
Tim Abbott 9000d27f12 Update generate_enterprise_secrets to support running in production.
(imported from commit 1051f668ebe684cc60ba4444e815ef60398fad61)
2015-08-20 17:33:16 -07:00
Cat Miller 0a20f168a7 Auto-generate dev-secrets file.
Source LOCAL_DATABASE_PASSWORD and INITIAL_PASSWORD_SALT from the secrets file.
Fix the creation of pgpass file.

Tim's note: This will definitely break the original purpose of the
tool but it should be pretty easy to add that back as an option.

(imported from commit 8ab31ea2b7cbc80a4ad2e843a2529313fad8f5cf)
2015-08-20 00:20:44 -07:00
Tim Abbott 5b8894cd25 Rename USING_SSO to something more clear.
(imported from commit 94e8ae84b01419783872a5d09bafe5c2eb933c18)
2015-08-18 20:48:15 -07:00
Tim Abbott 0dae10eab4 Remove unused secret HASH_SALT.
(imported from commit 831c4cb7680b7bf8dadbd930195175e9a4186356)
2015-08-18 20:17:48 -07:00
Luke Faraone cf7ea9bef9 Allow configure-rabbitmq to be run w/o sudo
(imported from commit 98e820d92b42420d6851a967f6675940ee4d8217)
2015-08-16 16:45:07 -07:00
Tim Abbott b2d01e2da0 [manual] restart-server: Minimize downtime for message sender worker.
The manual step here is that we need to do the `puppet apply` before
pushing this commit, or `restart-server` will crash.

Previously we shut down everything in one group, which performed
poorly with supervisor's bad performance on restarting many daemons at
once.  Now we shut down the unimportant stuff, then the important
stuff, bring back the important stuff, and then bring back the
unimportant stuff.

This new model has a little over 5s of downtime for the core
user-facing daemons -- which is still far more than would be ideal,
but a lot less than the 13s or so that we had before.

Here's some logs with the current setup for the tornado/django downtime:
2013-12-19 20:16:51,995 restart-server: Stopping daemons
2013-12-19 20:16:53,461 restart-server: Starting daemons
2013-12-19 20:16:57,146 restart-server: Starting workers

Compare with the behavior on master today:
2013-12-19 20:21:45,281 restart-server: Stopping daemons
2013-12-19 20:21:49,225 restart-server: Starting daemons
2013-12-19 20:21:58,463 restart-server: Done!

(imported from commit b2c1ba77f3dc989551d0939779208465a8410435)
2013-12-19 17:21:23 -05:00
Luke Faraone 490af28958 Update URL for user APT key.
We're moving to S3, so apt.z.c no longer serves SSL.

(imported from commit a2d376337ddaf2f5fd4ddf193a1ff0732f89c78a)
2013-12-11 10:54:30 -05:00
Tim Abbott 3665a0e289 Fix permissions issues with upgrade-zulip from /root path.
(imported from commit b7fce92ac1b7317388debaae2bc3270fe3ae155e)
2013-11-25 17:16:15 -05:00
Zev Benjamin 9b2aa657be Revert "restart-server: Use 'all' instead of specifying the supervisor jobs to operate on explicitly"
This reverts commit acef4c0027b77053497ef6e9f7aa4b61703205c3.

Despite the lower total downtime, this caused more user-facing downtime.

(imported from commit 5cce032bb20abe83853a65ee72bf0bb28af403cc)
2013-11-21 15:14:38 -05:00
Zev Benjamin a363b7185d restart-server: Use 'all' instead of specifying the supervisor jobs to operate on explicitly
This shaves about 1.5 seconds off our restart time on ls-dev (9s ->
7.5s).  Still too slow, but it's a little bit better.

(imported from commit acef4c0027b77053497ef6e9f7aa4b61703205c3)
2013-11-15 15:23:02 -05:00
Tim Abbott 2e5eec5bd3 install: Remove apache restart from install process.
We don't use apache in the main app -- only for the SSO situation --
this code was just copied from our own install script.  And it caused
problems at CUSTOMER13 because they installed Apache in preparation for
the SSO integration, but restarting it failed.

(imported from commit 3f2961574134847c836e8b69736f60d9f8790201)
2013-11-15 15:04:13 -05:00
Zev Benjamin 974159ec94 Move apache2 restart for SSO sites to restart-server
(imported from commit f999e2b0591a11442c1d3fdba2393ecf6e78bad3)
2013-11-15 11:34:48 -05:00
Leo Franchi 68954ee89a Show info on how to remove lockdir in upgrade-deployment
(imported from commit 59984c9b3ce7ef133f0e929836533ae9d6d40707)
2013-11-14 12:00:03 -05:00
Tim Abbott af21f943a2 Fix paths to zulip_tools for relocated scripts.
(imported from commit 9a3664c0f7da1ce6dcb554e7e9ddef5bde6cad7e)
2013-11-14 11:16:16 -05:00
Tim Abbott 9a6f34a807 Make generate_enterprise_secrets.py work regardless of path.
(imported from commit c1ab8231fbe907a32b18c02a00cee51011abbb21)
2013-11-14 09:10:10 -05:00
Tim Abbott 037460b24c Fix permissions on install script.
(imported from commit af71b3a4988059c58e741bf94d0c28383c08f704)
2013-11-14 08:56:06 -05:00
Tim Abbott f9707dd903 Clean up scripts/ by moving helper tools into lib/.
(imported from commit 31a99d5cc68524a1399daa50eb1fcda54383a317)
2013-11-14 08:47:11 -05:00
Tim Abbott 486fcfa53f README
(imported from commit c02dfbd15ab6bac5a450d04075b15a7c44e8ddfe)
2013-11-14 08:19:20 -05:00
Tim Abbott bd607a32e6 unpack-zulip: Update for zulip-server paths containing versions.
(imported from commit 9318cab0cfcdf57412afbe9386371c8f9994da9f)
2013-11-14 08:19:20 -05:00
Zev Benjamin 87a6838e0e enterprise: Log the output of upgrade-zulip and install scripts
We may eventually want to rotate the log files, but this seems good
enough for now.

(imported from commit 9a54fa6b40bc62f68e52ef552c1a676856b21829)
2013-11-14 08:08:59 -05:00
Zev Benjamin 1546d06344 upgrade-zulip-stage-2: Tweak log message
(imported from commit e8979fa3331119f1f039b3809f6d06fc81fd5e0e)
2013-11-13 16:57:00 -05:00
Zev Benjamin 718a1a8405 upgrade-zulip-stage-2: Restart Apache when using SSO
(imported from commit c06be261ec4ab56551962d26cfc41590a64f49e7)
2013-11-13 16:57:00 -05:00
Zev Benjamin 9addde74ec enterprise: Split upgrade-zulip in two for better future-proofing
(imported from commit 808d8d68a6e799aa2962eec90c0953db3c94cfa4)
2013-11-13 16:57:00 -05:00
Zev Benjamin e8c104012b Move su_to_zulip into zulip_tools.py
(imported from commit 4a79f87dc396da9419a0a1cf5f5b7bb798d5b194)
2013-11-13 16:56:59 -05:00
Zev Benjamin 0b592a27b1 enterprise: Make upgrade-zulip do puppet applies and schema migrations
(imported from commit 6d0109e6cd6a02ed5d57b0c0b4c9dc052f158344)
2013-11-13 16:26:04 -05:00
Zev Benjamin 67ed16a12e enterprise: Make /root/zulip be a symlink to ~zulip/deployments/next
(imported from commit 2a0e7f99fe4517e45ad2794b7fa464df08d40db1)
2013-11-13 16:26:04 -05:00
Zev Benjamin 031dfbcc46 zulip_tools.py: Add a make_deploy_path function and make it invokable from the commandline
(imported from commit 94578d117864fba76f9353784734c712c89c4bf2)
2013-11-13 16:26:04 -05:00
Zev Benjamin baecc950a5 enterprise: Remove dead code
(imported from commit ca0cdc89f72367d15cd8cfe33666a4cff80deb66)
2013-11-13 16:26:03 -05:00
Tim Abbott c54322f76a install: Move DROP SCHEMA PUBLIC to run in zulip database.
(imported from commit 1eef44e7255b8fe1314f7763ebfc6c04083305e5)
2013-11-13 15:35:45 -05:00
Tim Abbott c842b42b12 postgres-init-db: The zulip user doesn't need CREATE DB on enterprise.
Also clean up the series of similar blocks.

(imported from commit fdb468bd6be3077bdbf2d72289064397ea04f27a)
2013-11-13 15:35:45 -05:00
Tim Abbott b4ace85d3a Make sure everything under /home/zulip is owned by zulip.
(imported from commit f6c8b6c0a6dc8b7ada79cb4951818f06faa873e7)
2013-11-13 12:07:15 -05:00
Tim Abbott 0299964051 Make the Zulip user able to edit settings.py.
(imported from commit c69ff2b2e9f176ae2e78b76a7b022e00d09e7c00)
2013-11-13 12:02:50 -05:00
Tim Abbott 6bcd5a7ffc Update installation instructions to include configuring the app.
(imported from commit 89395815c32416ec0636efcff12eb76f5d890bbd)
2013-11-13 12:02:50 -05:00
Tim Abbott 6aaa2b1a24 Create the zulip database owned by zulip.
(imported from commit cc6e895d9e97bdd9d084c7b1a7204bd5b7ae5cd8)
2013-11-13 12:02:50 -05:00
Tim Abbott 0ec8a7a2f1 install: Make sure we own everything under /var/log/zulip
supervisord may start up during the install process and do a bunch of
incorrect stuff, with the net effect of creating files in there owned
by root.

(imported from commit 28379af9680bf9d3c72da196f329abdf8c82c6be)
2013-11-13 12:02:50 -05:00
Tim Abbott b2d4883165 postgres-init-db: Split into internal and external versions for now.
(imported from commit 3516b1377e5914dac2b504961922ef8d08148d1f)
2013-11-13 12:02:50 -05:00
Tim Abbott f4a9e99498 puppet: Move the postgres dictionary symlink creation to puppet.
(imported from commit 823f6683e3d8f3604da68e55dd6761ecb38d4b63)
2013-11-13 12:02:50 -05:00
Tim Abbott 45f21cbb14 Setup the database after the Zulip user is fully setup.
Otherwise we may run into permissions issues.

(imported from commit a8013c84796d16146336c2809dcd8cd935b43a7b)
2013-11-13 12:02:50 -05:00