Mirror
/
zulip
mirror of https://github.com/zulip/zulip.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
30,499 Commits 28 Branches 142 Tags 769 MiB
Commit Graph

795 Commits

Author SHA1 Message Date
Tim Abbott a0add8f651 puppet: Add IPv6 support to standard nginx listen directives. 
This should save some setup work for anyone wanting to setup nginx on
their Zulip server.
 2019-02-13 15:00:21 -08:00
Tim Abbott ab18dbfde5 uwsgi: Increase buffer-size to 8192. 
For users putting Zulip behind certain proxies (and potentially some
third-party API clients), buffer sizes can exceed the uwsgi default of
4096.  Since we aren't doing such high-throughput APIs that a small
buffer size is valuable, we should just raise this for everyone.
 2019-02-13 11:17:55 -08:00
Anders Kaseorg c109690cf8 puppet: Remove unused Python imports. 
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
 2019-02-02 17:02:12 -08:00
Tim Abbott 68552c31cb Revert "puppet: Increase process listening count for uwsgi." 
This reverts commit ccce83d0f0.

This needs sysctl changes as well.
 2019-01-23 11:02:14 -08:00
Tim Abbott ccce83d0f0 puppet: Increase process listening count for uwsgi. 
The default limit is too low for situations right around a server
restart when there might be a large burst of connections.
 2019-01-23 10:34:01 -08:00
Harshit Bansal 50ef91bb08 scripts: Add argparse option to `restart-zerver` for `--fill-cache`. 
Nowm unless you specify `--fill-cache`, memcached caches will not be
pre-filled after a server restart. This will be helpful when someone
is in a hurry (e.g. if the server is down right now, or if he/she
testing a configuration change in a newly setup server), it's best to
just restart without pre-filling the cache.

Fixes: #10900.
 2019-01-14 15:20:01 -08:00
Tom Daff fbffbf8ef0 puppet/nginx: Update to recommended SSL ciphers. 
Update the list of ciphers that nginx will use to the current
Mozilla recommended ones.

These are Intermediate compatibility ones suitable for clients
running anything newer than Firefox 1, Chrome 1, IE 7, Opera 5
and Safari 1. Modern compatibility is not suitable as it excludes
Andriod 4 which is still seen on ~1% of traffic.

More info: https://wiki.mozilla.org/Security/Server_Side_TLS
 2019-01-08 14:19:49 -08:00
rht 3f0bae8c38 puppet: Disable camo when not on Debian. 2019-01-07 18:52:45 -08:00
rht bf65f86a0b puppet: Abstract out ssl certs and private keys dirs. 2019-01-07 18:52:45 -08:00
rht d9ef3fd505 puppet: Manually create ssl-cert group on CentOS to acess ssl private key. 2019-01-07 18:51:39 -08:00
rht 6c3bb507b0 puppet: Ensure nginx sites-available & sites-enabled dirs exist on CentOS. 
These are automatically created on Debian.
 2019-01-07 17:09:42 -08:00
rht f2b6a2c68a puppet: Add CentOS version of the command to start supervisor. 2019-01-05 15:57:53 -08:00
rht 39f28a0d0f puppet: Abstract out supervisor service name. 2019-01-05 15:57:53 -08:00
rht d2069f7720 puppet: Include yum repository for CentOS voyager. 2019-01-05 15:57:45 -08:00
rht 1da17be52a puppet: Ensure supervisord conf.d directory is created on CentOS. 2019-01-05 15:55:43 -08:00
rht 902bb7a80c puppet: Add CentOS version of supervisor conf.d path. 2019-01-05 15:54:21 -08:00
rht 6b0bf828f7 puppet: Add CentOS version of supervisord.conf path. 2019-01-05 15:49:03 -08:00
rht 9ee2ee046a puppet: Use systemctl instead of pg_ctlcluster on CentOS. 2019-01-05 15:49:03 -08:00
rht 2bcf83d940 puppet: Add CentOS packages to static_asset_compiler.pp. 2019-01-05 15:49:03 -08:00
rht 071e32985c puppet: Generalize redis.conf path to CentOS. 2019-01-05 15:49:03 -08:00
rht acaf001cdd puppet: Group commonly reused variables into zulip::common. 2019-01-05 15:49:03 -08:00
rht 766ff38586 puppet: Abstract out nagios plugins directory. 2019-01-05 15:49:03 -08:00
rht b22f6c6a99 puppet: Abstract out postgresql package. 2019-01-05 15:49:03 -08:00
rht 43fdb00fc7 puppet: Abstract out nginx package. 2019-01-05 15:49:03 -08:00
rht 5424fca168 puppet: Add CentOS packages to postgres_appdb_base.pp. 2019-01-05 15:49:03 -08:00
rht 21c71a0c52 puppet: Use generic erlang package variable for all dependencies. 2019-01-05 15:49:02 -08:00
Tim Abbott 047817b6b0 puppet: Disable log2zulip cron job. 
It hasn't been working for years, but more importantly, it spams up
root's mail queue so that one can't find important things in there
(e.g. the fact that the long-term-idle cron job was failing).
 2019-01-05 10:56:44 -08:00
rht 801b04c057 puppet: Abstract out nagios-plugins package. 2019-01-04 15:27:03 -08:00
rht 04372e3300 puppet: Add CentOS packages to postgres_common.pp. 2019-01-04 15:24:42 -08:00
rht bdf36bdc3d puppet: Use pip to install python dependencies on CentOS. 2019-01-04 15:23:45 -08:00
rht 008879eb22 puppet: Add postgresql.conf path for CentOS. 2019-01-03 14:36:43 -08:00
rht dce43e1a0e puppet: Add CentOS-version of pg data path at pg_backup_and_purge. 2019-01-03 14:36:43 -08:00
rht 59993aea80 puppet: Abstract out path to postgresql.conf. 2019-01-03 14:36:43 -08:00
rht c189409ffd puppet: Initialize yum_repository.pp to wrap setup-yum-repo. 2019-01-03 14:36:43 -08:00
rht 1b02fb6d6d puppet: Add CentOS packages to rabbit.pp. 2019-01-03 14:36:43 -08:00
rht a3d67e52fe puppet: Add CentOS packages to redis.pp. 2019-01-03 14:36:43 -08:00
rht 788128f05c puppet: Add CentOS packages to nginx.pp. 2019-01-03 14:36:43 -08:00
rht 1965cc1491 puppet: Add CentOS packages to base.pp. 2019-01-03 14:36:42 -08:00
rht 0caaed4e1f puppet: Add CentOS packages to apache_sso.pp. 2019-01-03 14:36:41 -08:00
rht 9fd18a2c7f puppet: Detect CentOS for release_name. 2019-01-03 14:35:09 -08:00
Fabian Tribrunner 013b169469 check_email_deliverer_backlog: Switch down from root if required. 
This now checks if the user is zulip, and if not, switches to the
zulip user, making it possible to run it as root.

Significantly modified by tabbott to not break existing behavior.
 2019-01-02 10:16:56 -08:00
Fabian Tribrunner 4612a84a67 check_email_deliverer_process: Fix typo in process name. 
This nagios check has never worked, since it had the wrong process
name from the beginning.
 2018-12-30 09:41:42 -08:00
Anders Kaseorg 392175d6e8 Use #!/usr/bin/env for bash shebangs. 
/bin/sh and /usr/bin/env are the only two binaries that NixOS provides
at a fixed path (outside a buildFHSUserEnv sandbox).

This discussion was split from #11004.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
 2018-12-17 17:21:08 -08:00
Tim Abbott 2558f101af docs: Add documentation for `if False` mypy pattern in scripts. 
This should help make it clear what's going on with these scripts.
 2018-12-17 11:12:53 -08:00
Tim Abbott bce90a3340 lint: Add lint rule for scripts importing typing improperly. 
This is a common bug that users might be tempated to introduce.

And also fix two instances of this bug that were present in our
codebase, including an important one in our upgrade code path.
 2018-12-17 10:46:37 -08:00
rht 43bedc0909 provision: Use vendored pg_hba.conf on CentOS. 2018-12-16 13:21:54 -08:00
rht c9d54f7854 puppet: Remove vendored puppetlabs apt and stdlibs dependencies. 
This commit works by vendoring the couple functions we still use from
puppetlabs stdlib (join and range), but removing the rest of the
puppetlabs codebase, and of course cleaning up our linter rules in the
process.

Fixes #7423.
 2018-12-11 13:03:26 -08:00
rht d2aa81858c puppet/zulip_ops: Replace apt::source with setup-apt-repo-debathena. 
Tweaked by tabbott to use a clearer name.
 2018-12-11 13:02:56 -08:00
rht 97766102df puppet/zulip: Replace apt::source and apt::ppa with setup-apt-repo. 2018-12-11 13:01:26 -08:00
Tim Abbott b218c2a70e loadbalancer: Use same certbot cert for zulipstaging.com. 
This is a simple configuration improvement.
 2018-12-07 13:43:21 -08:00