From here on we start to authenticate uploaded file request before
serving this files in production. This involves allowing NGINX to
pass on these file requests to Django for authentication and then
serve these files by making use on internal redirect requests having
x-accel-redirect field. The redirection on requests and loading
of x-accel-redirect param is handled by django-sendfile.
NOTE: This commit starts to authenticate these requests for Zulip
servers running platforms either Ubuntu Xenial (16.04) or above.
Fixes: #320 and #291 partially.
We're not yet ready to add 2FA to Zulip yet, but we've determined we'd
like to work from these libraries.
I'm not bothering to bump PROVISION_VERSION for this, since we're
likely to do something else that bumps it soon, and we're not merging
anything that uses these new libraries.
There's one migration required by this release:
* queue_processors: Stop passing state_handler to handle_message.
state_handler is now a property of bot_handler and thus, does
not need to be passed to bot_handler.handle_message().
The commit responsible is:
2a74ad11c5
This commit renames various source requirements files like `dev.txt`,
`mypy.txt` etc to `dev.in`, `mypy.in` etc and various locked requirements
files like `dev_lock.txt`, `mypy_lock.txt` etc to `dev.txt`, `mypy.txt`
etc. This will help in emphasizing to the user that *.in are actually
input to `update-locked-requirements` tool which should be run after
updating any of these.
This is only used for
puppet/zulip_ops/files/zulip-ec2-configure-interfaces, and that
actually doesn't even use the Zulip virtualenv (and correctly already
has puppet configuration to install this dependency).
This is a nonfunctional refactor of how the common.txt requirements
are included. It is preparation for a new model for freezing our
recursive dependencies based on `pip compile`.
netifaces is used in puppet/zulip_internal/files/zulip-ec2-configure-interfaces.
flup is used for fastcgi.
python-dateutils is used in some puppet scripts.