Commit Graph

378 Commits

Author SHA1 Message Date
Alex Vandiver 1ba2f39854 install: Support PostgreSQL 16. 2023-12-23 14:57:12 -08:00
Alex Vandiver 2057057be4 pgroonga: Do not attempt to configure pgroonga without a database.
This can happen if `machine.pgroonga` is set during initial
installation.  We cannot run `CREATE EXTENSION PGROONGA` because the
database that we need to run that statement in does not exist yet;
make the command a silent no-op that does not create the
`pgroonga_setup.sql.applied` flag file, such that a later
`zulip-puppet-apply` once the database exists can pick up and install
the extension.
2023-09-22 11:45:00 -07:00
Anders Kaseorg 5ccb408f19 build-pgroonga: Upgrade PGroonga from 3.0.3 to 3.1.0.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-07-25 17:33:42 -07:00
Alex Vandiver 695295421a puppet: Upgrade Teleport to the 13.x series. 2023-07-13 11:46:51 -07:00
Alex Vandiver f5540303ba pgroonga: Remove 'GRANT USAGE' statement again.
dc2726c814 removed these statements, but c8ec3dfcf6 accidentally
brought one back.  Remove it.
2023-06-26 10:47:17 -04:00
Alex Vandiver c8ec3dfcf6 pgroonga: Run upgrade SQL when pgroonga package is updated.
Updating the pgroonga package is not sufficient to upgrade the
extension in PostgreSQL -- an `ALTER EXTENSION pgroonga UPDATE` must
explicitly be run[^1].  Failure to do so can lead to unexpected behavior,
including crashes of PostgreSQL.

Expand on the existing `pgroonga_setup.sql.applied` file, to track
which version of the PostgreSQL extension has been configured.  If the
file exists but is empty, we run `ALTER EXTENSION pgroonga UPDATE`
regardless -- if it is a no-op, it still succeeds with a `NOTICE`:

```
zulip=# ALTER EXTENSION pgroonga UPDATE;
NOTICE:  version "3.0.8" of extension "pgroonga" is already installed
ALTER EXTENSION
```

The simple `ALTER EXTENSION` is sufficient for the
backwards-compatible case[^1] -- which, for our usage, is every
upgrade since 0.9 -> 1.0.  Since version 1.0 was released in 2015,
before pgroonga support was added to Zulip in 2016, we can assume for
the moment that all pgroonga upgrades are backwards-compatible, and
not bother regenerating indexes.

Fixes: #25989.

[^1]: https://pgroonga.github.io/upgrade/
2023-06-23 14:40:27 -07:00
Alex Vandiver dc2726c814 pgroonga: Remove now-unnecessary 'GRANT USAGE' statement.
This was only necessary for PGroonga 1.x, and the `pgroonga` schema
will most likely be removed at some point inthe future, which will
make this statement error out.

Drop the unnecessary statement.
2023-06-23 14:40:27 -07:00
Alex Vandiver 875502b2e1 upgrade-postgresql: Only upgrade to a supported version. 2023-06-12 16:37:55 -07:00
Alex Vandiver 1f68726cb8 upgrade-postgresql: Prevent upgrades if /etc/zulip/zulip.conf is wrong.
If the `postgresql.version` in `/etc/zulip/zulip.conf` is out of date
or wrong, upgrading to the actual current version would drop your
production database without prompting.  While we do document taking a
Zulip backup (which includes a database backup) before running
`upgrade-postgresql`[^1], not everyone does so, with possibly
catastrophic consequences.

Do a true end-to-end check of the version in `/etc/zulip/zulip.conf`
by asking Django to query the database for its version, checking that
against the configured value, and aborting if there is any
disagreement.

[^1]: https://zulip.readthedocs.io/en/latest/production/upgrade.html#upgrading-postgresql
2023-06-07 14:59:54 -07:00
Alex Vandiver 32e1384ca0 upgrade-postgresql: Prevent PostgreSQL downgrades. 2023-06-07 14:59:54 -07:00
Alex Vandiver 501d38b781 upgrade-postgresql: Check for undefined variables. 2023-06-07 14:59:54 -07:00
Anders Kaseorg 12310189ed install: Support Debian 12.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-05-18 11:52:22 -07:00
Alex Vandiver f11350f789 puppet: Add PostgreSQL 15 support.
Instead of copying over a mostly-unchanged `postgresql.conf`, we
transition to deploying a `conf.d/zulip.conf` which contains the
only material changes we made to the file, which were previously
appended to the end.

While shipping separate while `postgresql.conf` files for each
supported version is useful if there is large variety in supported
options between versions, there is not no such variation at current,
and the burden of overriding the entire default configuration is that
it must be keep up to date wit the package's version.
2023-05-10 14:06:02 -07:00
Alex Vandiver 7e637786b3 upgrade-postgresql: Only try to start new cluster if it is stopped.
pg_upgradecluster will start the cluster if the old cluster was
started before it ran, or if there are post-upgrade scripts to run.
Because neither of those are fully under our control, only attempt to
start the new cluster if it isn't already.
2023-05-05 13:35:32 -07:00
Alex Vandiver 40e5a12e3c upgrade-postgresql: Use jq rather than grep to check cluster status. 2023-05-05 13:35:32 -07:00
Daniil Fadeev 2f203f4de1 emails: Inline CSS in emails in build_email.
Previously, we had an architecture where CSS inlining for emails was
done at provision time in inline_email_css.py. This was necessary
because the library we were using for this, Premailer, was extremely
slow, and doing the inlining for every outgoing email would have been
prohibitively expensive.

Now that we've migrated to a more modern library that inlines the
small amount of CSS we have into emails nearly instantly, we are able
to remove the complex architecture built to work around Premailer
being slow and just do the CSS inlining as the final step in sending
each individual email.

This has several significant benefits:

* Removes a fiddly provisioning step that made the edit/refresh cycle
  for modifying email templates confusing; there's no longer a CSS
  inlining step that, if you forget to do it, results in your testing a
  stale variant of the email templates.
* Fixes internationalization problems related to translators working
  with pre-CSS-inlined emails, and then Django trying to apply the
  translators to the post-CSS-inlined version.
* Makes the send_custom_email pipeline simpler and easier to improve.

Signed-off-by: Daniil Fadeev <fadeevd@zulip.com>
2023-04-05 12:22:29 -07:00
Anders Kaseorg 54b08ee30b setup-apt-repo: Fix GPG check of groonga-apt-source-*.deb.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-04-05 12:19:06 -07:00
Daniil Fadeev 5c6f842b28 emails: Replace Premailer with CSS-inline.
Primary goal of library replacement is improving execution speed.
This commit should not affect the functionality of the system
or make any changes to it.
2023-04-03 15:15:05 -07:00
Alex Vandiver 5db55c38dc puppet: Add a sha256_file_to. 2023-02-10 15:53:10 -08:00
Anders Kaseorg df001db1a9 black: Reformat with Black 23.
Black 23 enforces some slightly more specific rules about empty line
counts and redundant parenthesis removal, but the result is still
compatible with Black 22.

(This does not actually upgrade our Python environment to Black 23
yet.)

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-02-02 10:40:13 -08:00
Alex Vandiver 26696aaa53 upgrade-postgresql: Also upgrade postgresql-client.
The `pg_upgrade` tool uses `pg_dump` as an internal step, and verifies
that the version of `pg_upgrade` is the same exactly the same as the
version of the PostgreSQL server it is upgrading to.  A mismatch (even
in packaging versions) leads to it aborting:

```
/usr/lib/postgresql/14/bin/pg_upgrade -b /usr/lib/postgresql/13/bin -B /usr/lib/postgresql/14/bin -p 5432 -P 5435 -d /etc/postgresql/13/main -D /etc/postgresql/14/main --link
Finding the real data directory for the source cluster      ok
Finding the real data directory for the target cluster      ok

check for "/usr/lib/postgresql/14/bin/pg_dump" failed: incorrect version: found "pg_dump (PostgreSQL) 14.6 (Ubuntu 14.6-0ubuntu0.22.04.1)", expected "pg_dump (PostgreSQL) 14.6 (Ubuntu 14.6-1.pgdg22.04+1)"
Failure, exiting
```

Explicitly upgrade `postgresql-client` at the same time we upgrade
`postgresql` itself, so their versions match.

Fixes: #24192
2023-02-01 14:44:34 -08:00
Anders Kaseorg ff1971f5ad ruff: Fix SIM105 Use `contextlib.suppress` instead of try-except-pass.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-01-23 11:18:36 -08:00
Alex Vandiver a1151aef8b create-database: Hide harmless "non-existant database" warnings.
During installation on a new host, `create-database` attempts to
verify that there isn't a bunch of data already in the database which
is it about to drop and recreate.  In the most common case, this
statement emits a scary-looking warning, since the database does not
exist yet:

```
+ /home/zulip/deployments/current/scripts/setup/create-database
+ POSTGRES_USER=postgres
++ crudini --get /etc/zulip/zulip.conf postgresql database_name
++ echo zulip
+ DATABASE_NAME=zulip
++ crudini --get /etc/zulip/zulip.conf postgresql database_user
++ echo zulip
+ DATABASE_USER=zulip
++ cd /
++ su postgres -c 'psql -v ON_ERROR_STOP=1 -Atc '\''SELECT COUNT(*) FROM zulip.zerver_message;'\'' zulip'
psql: error: connection to server on socket "/var/run/postgresql/.s.PGSQL.5432" failed: FATAL:  database "zulip" does not exist
```

Because we are attempting to gracefully handle the case where the
database does not exist yet, we also continue (and drop the database)
in other, less expected cases -- for instance, if database contains a
schema we do not expect.

Explicitly check for the database existence first, and once we verify
that, allow any further failures in the `SELECT COUNT(*)` to abort
`create-database`.  This serves the dual purpose of hiding the "FATAL"
error for the common case when the database does not exist, as well as
preventing dropping the database if anything else goes awry.
2023-01-05 11:39:23 -08:00
Anders Kaseorg 986bad8f90 install-shellcheck: Upgrade ShellCheck to 0.9.0.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-01-04 14:01:34 -08:00
Alex Vandiver 62562eedf7 upgrade-postgresql: Ensure the new PostgreSQL is running.
If a previous attempt at an upgrade failed for some reason, the new
PostgreSQL may be installed, and the conversion will succeed, but the
new PostgreSQL daemon will not be running (Puppet does not force it to
start).  This causes the upgrade to fail when analyzing statistics,
since the daemon isn't running.

Explicitly start the new PostgreSQL; this does nothing in most cases,
but will provider better resiliency when recovering from previous
partial upgrades.
2023-01-03 11:10:49 -08:00
Anders Kaseorg bd884c88ed Fix typos caught by typos.
https://github.com/crate-ci/typos

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-01-03 11:09:50 -08:00
Alex Vandiver 2bbeef301a upgrade-postgresql: Force a known locale.
Some terminals (e.g. ssh from OS X) set an invalid locale, which
causes the `pg_upgradecluster` call late in the upgrade to fail.

Force a known locale, for consistency.  This mirrors the settings in
upgrade-zulip-stage-2, set in 11ab545f3b, and its subsequent
cleanups in 64c608a51a, ee0f4ca330, and eda9ce2364.
2022-12-06 09:47:30 -08:00
Anders Kaseorg fc9f23a85f scripts: Pass --retry 3 to curl.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-11-08 08:07:36 -08:00
Alex Vandiver 6662a3bac4 teleport: Switch to the new apt host for Teleport.
The apt.releases.teleport.dev repository is deprecated as of the
release of Teleport 11, and has been replaced with
deb.releases.teleport.dev[1].

[1]: https://goteleport.com/docs/changelog/#deprecated-old-debrpm-repositories
2022-10-28 16:52:54 -07:00
Anders Kaseorg 5d77d50423 scripts: Help mypy resolve the psycopg2.connect overload.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-08-30 17:36:21 -07:00
Zixuan James Li 059d0e7be8 settings: Make SHARED_SECRET mandatory.
This implements get_mandatory_secret that ensures SHARED_SECRET is
set when we hit zerver.decorator.authenticate_notify. To avoid getting
ZulipSettingsError when setting up the secrets, we set an environment
variable DISABLE_MANDATORY_SECRET_CHECK to skip the check and default
its value to an empty string.

Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2022-08-25 12:13:03 -07:00
Alex Vandiver 526a04b4e6 restore-backup: Provide flags to leave settings.py and zulip.conf as-is. 2022-07-20 12:35:51 -07:00
Alex Vandiver d8ae270899 restore-backup: Only extract /etc/zulip once.
This is already handled in the earlier block; there is no need to
extract it twice.
2022-07-19 17:56:40 -07:00
Alex Vandiver 1b57669771 restore-backup: Switch to run() to check exit codes. 2022-07-19 17:56:40 -07:00
Alex Vandiver c71c6187ea restore-backup: Ensure it is run as root. 2022-07-19 17:56:40 -07:00
Anders Kaseorg 98ed6248e3 apt-repos: Remove now-unneeded Ubuntu 21.10 repository on 22.04.
Followup to commit f8957863a2 (#22055).

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-05-25 17:25:23 -07:00
Anders Kaseorg f8957863a2 Revert "apt-repos: Downgrade PostgreSQL to dodge PGroonga regression."
This reverts commit 9c8d2b7be3 (#21115).

The PostgreSQL fix was released 2022-05-12.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-05-17 15:07:37 -07:00
Alex Vandiver e13154f089 puppet: Add ksplice support for 22.04. 2022-05-03 12:36:19 -07:00
Alex Vandiver cda55a40e7 puppet: Add teleport support for 22.04. 2022-05-03 12:36:19 -07:00
Anders Kaseorg e952641013 install: Resupport Ubuntu 22.04.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-05-03 09:41:08 -07:00
Alex Vandiver 3476f63dca compare-settings-to-template: Handle prod_settings_template renaming. 2022-04-28 14:52:38 -07:00
Alex Vandiver b6b6faa404 compare-settings-to-template: Simplify and dedent logic. 2022-04-28 14:52:38 -07:00
Alex Vandiver d205050ab0 compare-settings-to-template: Fetch 100 per pagination. 2022-04-28 14:52:38 -07:00
Alex Vandiver d79776f80d compare-settings-to-template: Paginate through all tags.
The default page size is 30, which means this only goes back to 4.6 at
present, due to starting with `shared-...` and old `enterprise-...`
tags.
2022-04-28 14:52:38 -07:00
Anders Kaseorg a543dcc8e3 Remove Debian 10 support.
As a consequence:

• Bump minimum supported Python version to 3.8.
• Move Vagrant environment to Ubuntu 20.04, which has Python 3.8.
• Move CI frontend tests to Ubuntu 20.04.
• Move production build test to Ubuntu 20.04.
• Move 3.4 upgrade test to Ubuntu 20.04.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-04-26 16:32:02 -07:00
Anders Kaseorg 63a1ef0e91 configure-rabbitmq: Remove use of sudo.
It already runs as root everywhere except in provision_inner, so move
the sudo there.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-04-19 12:36:31 -07:00
Alex Vandiver a4d0f03319 scripts: Switch to stop-server/restart-server.
stop-server and restart-server address all services which talk to the
database, and are thus more correct than restarting or stopping
everything in supervisor.

This is possible now that the previous commit ensures that the zulip
user can read the zulip installation directory during
`create-database`; previously, that directory was still owned by root
when `create-database` was run, whereas now it is in
`~zulip/deployments/`.
2022-03-21 16:33:28 -07:00
Alex Vandiver 394f1eadde setup: Rename postgresql-init-db to create-database.
The old name was confusingly similar to initialize-database.
2022-03-21 16:33:28 -07:00
Anders Kaseorg 84e91a6e33 configure-rabbitmq: Use rabbitmqctl await_online_nodes.
rabbitmqctl ping only checks that the Erlang process is registered
with epmd.  There’s a window after that where the rabbit app is still
starting inside it.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-03-14 16:26:05 -07:00
Anders Kaseorg 894a50b5c9 install: Support Ubuntu 22.04.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-02-25 14:49:07 -08:00