Commit Graph

736 Commits

Author SHA1 Message Date
Tim Abbott a4df001cef check_queue_worker_errors: Add support for running unprivileged.
Previously, this script needed access to Django settings, which in
turn required access to /etc/zulip/zulip-secrets.conf.  Since that
isn't world-readable, this meant that this couldn't run as an
unprivileged `nagios` user.

Fix that by just hardcoding the appropriate path under /var/log/.
2018-10-18 15:03:17 -07:00
Tim Abbott 98d89b676d pg_backup_and_purge: Fix incorrect conversion to use python3 types.
When using the Python 3 typing style, Python scripts can't import from
typing inside an `if False` (in contrast, one needs to import inside
an `if False` to support the Python 3 syntax without needing
python-typing installed).  So this was just incorrectly half-converted
from the Python 2 style to the Python 3 style.
2018-10-16 11:12:52 -07:00
Tim Abbott 2c7f9ce0fc puppet: Fix puppet-lint warnings in various manifests.
Apparently, `puppet-lint` on Ubuntu trusty throws warnings for certain
quoting patterns that are OK in modern `puppet-lint`.  I believe the
old Zulip code was actually correct (i.e. the old `puppet-lint`
implementation was the problem), but it seems worth changing anyway to
suppress the warnings.

We also exclude more of puppet-apt from linting, since it's
third-party code.
2018-08-28 13:46:31 -07:00
Tim Abbott b53a712856 nginx: Update configuration for using certbot certs everywhere. 2018-08-22 11:59:15 -07:00
Abhilash Verma 0e2322a322 logging: Show timestamp in UTC in non-django production scripts.
Done in pair programming with @aero31aero.

Fixes #9678.
2018-08-20 12:52:40 -07:00
Tim Abbott 5021f7b76f puppet: Fix accidental conflict on apache2 package.
Apparently, the work to force installation of the Python 3 version of
mod_wsgi was buggy and tried to force uninstall apache2.

Fixes #10318.
2018-08-16 14:15:35 -07:00
Tim Abbott 90828297e4 puppet-lint: Enforce double_quoted_strings check.
This makes our puppet codebase more consistent by using single-quoted
strings consistently.
2018-08-13 12:31:19 -07:00
Tim Abbott d0b51b70f4 puppet-lint: Enforce 2sp_soft_tables puppet-lint check.
This cleans up the puppet codebase's whitespace formatting to be more
consistent.
2018-08-13 12:31:16 -07:00
Tim Abbott b26e0a957d puppet-lint: Enforce arrow_alignment check.
This fixes all exceptions in our puppet codebase to this lint rule.
2018-08-13 12:30:57 -07:00
Tim Abbott 054c07b585 mypy: Fix run types in pg_backup_and_purge. 2018-08-09 12:57:53 -07:00
Tim Abbott db1f706d09 pg_backup_and_purge: Fix buggy recovery status parsing.
This was converted to Python 3 incorrectly, in a way that actually
completely broke the script (the .decode() that this adds is critical,
since 'f' != b'f').

We fix this, and also add an assert that makes the parsing code
safer against future refactors.
2018-08-09 11:48:48 -07:00
Aditya Bansal 5bfe24beef puppet-lint: Fix an error with defined type safepackage in base.pp.
We fix "ERROR: safepackage not in autoload module layout" error
which was caused by a defined type "safepackage" definitation
lying in the wrong place. We refactor to create the defined type
according to puppet guidelines. Link below:
https://docs.puppet.com/puppet/2.7/lang_defined_types.html
2018-08-07 10:03:40 -07:00
Aditya Bansal 710d4507de puppet-lint: Fix lines longer than 140 characters lint warnings.
We fix these by adding ignore statements in a bunch of files
where this error popped up. We target only specific lines using
the ignore statements and not the entire files.
2018-08-07 10:03:40 -07:00
Anders Kaseorg edfd5ef992 setup_disks.sh: Fix shellcheck warnings.
In puppet/zulip_ops/files/postgresql/setup_disks.sh line 15:
array_name=$(mdadm --examine --scan | sed 's/.*name=//')
^-- SC2034: array_name appears unused. Verify use (or export if used externally).

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2018-08-03 09:15:26 -07:00
Anders Kaseorg 5a0fecc2d5 munin_plugins: Fix shellcheck warnings.
In puppet/zulip_ops/files/munin-plugins/rabbitmq_connections line 66:
echo "connections.value $(HOME=$HOME rabbitmqctl list_connections | grep -v "^Listing" | grep -v "done.$" | wc -l)"
                                                                                         ^-- SC2126: Consider using grep -c instead of grep|wc -l.

In puppet/zulip_ops/files/munin-plugins/rabbitmq_consumers line 32:
VHOST=${vhost:-"/"}
^-- SC2034: VHOST appears unused. Verify use (or export if used externally).

In puppet/zulip_ops/files/munin-plugins/rabbitmq_messages line 32:
VHOST=${vhost:-"/"}
^-- SC2034: VHOST appears unused. Verify use (or export if used externally).

In puppet/zulip_ops/files/munin-plugins/rabbitmq_messages_unacknowledged line 32:
VHOST=${vhost:-"/"}
^-- SC2034: VHOST appears unused. Verify use (or export if used externally).

In puppet/zulip_ops/files/munin-plugins/rabbitmq_messages_uncommitted line 32:
VHOST=${vhost:-"/"}
^-- SC2034: VHOST appears unused. Verify use (or export if used externally).

In puppet/zulip_ops/files/munin-plugins/rabbitmq_queue_memory line 32:
VHOST=${vhost:-"/"}
^-- SC2034: VHOST appears unused. Verify use (or export if used externally).

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2018-08-03 09:15:08 -07:00
Anders Kaseorg 16ed5d5e79 env-wal-e: Fix shellcheck warnings.
In puppet/zulip/files/postgresql/env-wal-e line 6:
export AWS_ACCESS_KEY_ID=$(crudini --get "$ZULIP_SECRETS_CONF" secrets s3_backups_key)
       ^-- SC2155: Declare and assign separately to avoid masking return values.

In puppet/zulip/files/postgresql/env-wal-e line 7:
export AWS_SECRET_ACCESS_KEY=$(crudini --get "$ZULIP_SECRETS_CONF" secrets s3_backups_secret_key)
       ^-- SC2155: Declare and assign separately to avoid masking return values.

In puppet/zulip/files/postgresql/env-wal-e line 9:
if [ $? -ne 0 ]; then
     ^-- SC2181: Check exit code directly with e.g. 'if mycmd;', not indirectly with $?.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2018-08-03 09:13:07 -07:00
Anders Kaseorg d5bf4eed9a check_worker_memory: Fix shellcheck warnings.
In puppet/zulip/files/nagios_plugins/zulip_app_frontend/check_worker_memory line 12:
ps -o vsize,size,pid,user,command --sort -vsize $processes > "$datafile"
                                                ^-- SC2086: Double quote to prevent globbing and word splitting.

In puppet/zulip/files/nagios_plugins/zulip_app_frontend/check_worker_memory line 14:
top_worker=$(cat "$datafile" | head -n2 | tail -n1)
                 ^-- SC2002: Useless cat. Consider 'cmd < file | ..' or 'cmd file | ..' instead.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2018-08-03 08:42:08 -07:00
Anders Kaseorg eb4855b77b check_email_deliverer_process: Fix shellcheck warnings.
In puppet/zulip/files/nagios_plugins/zulip_app_frontend/check_email_deliverer_process line 16:
elif [ "$(echo "$STATUS" | egrep '(STOPPED)|(STARTING)|(BACKOFF)|(STOPPING)|(EXITED)|(FATAL)|(UNKNOWN)$')" ]
       ^-- SC2143: Use egrep -q instead of comparing output with [ -n .. ].
                           ^-- SC2196: egrep is non-standard and deprecated. Use grep -E instead.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2018-08-03 08:42:08 -07:00
Anders Kaseorg e3253a7a1b check_email_deliverer_backlog: Fix shellcheck warnings.
In puppet/zulip/files/nagios_plugins/zulip_app_frontend/check_email_deliverer_backlog line 8:
cd /home/zulip/deployments/current
^-- SC2164: Use 'cd ... || exit' or 'cd ... || return' in case cd fails.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2018-08-03 08:42:08 -07:00
Anders Kaseorg 510c97d861 scripts: Use shell quoting when displaying commands to be run.
This way, commands with arguments containing whitespace or
metacharacters are unambiguously readable.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2018-07-30 22:39:08 -07:00
Tim Abbott 7853254df7 puppet: Run thumbor by default on voyager systems.
With this change, all that one needs to do to start using thumbor in
production is to set the `THUMBOR_URL` setting.

Since without THUMBOR_URL enabled, the thumbor service doesn't
actually do anything, this is pretty safe.
2018-07-30 16:16:52 -07:00
Tim Abbott 02ae71f27f api: Stop using API keys for Django->Tornado authentication.
As part of our effort to change the data model away from each user
having a single API key, we're eliminating the couple requests that
were made from Django to Tornado (as part of a /register or home
request) where we used the user's API key grabbed from the database
for authentication.

Instead, we use the (already existing) internal_notify_view
authentication mechanism, which uses the SHARED_SECRET setting for
security, for these requests, and just fetch the user object using
get_user_profile_by_id directly.

Tweaked by Yago to include the new /api/v1/events/internal endpoint in
the exempt_patterns list in test_helpers, since it's an endpoint we call
through Tornado. Also added a couple missing return type annotations.
2018-07-30 12:28:31 -07:00
Tim Abbott 07af59d4cc tornado: Split get_events_backend into two functions.
The lower-layer function, now called get_events_backend, is intended
to be called by multiple code paths (including the upcoming
get_events_internal).
2018-07-30 12:28:31 -07:00
Anders Kaseorg dbe65231fc puppet/zulip/files/nagios_plugins/zulip_app_frontend/check_send_receive_time: Avoid shelling out for mv.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2018-07-19 10:43:37 -07:00
Joshua Schmidlkofer b1a57d144f thumbor: Add production installer/puppet support.
This commits adds the necessary puppet configuration and
installer/upgrade code for installing and managing the thumbor service
in production.  This configuration is gated by the 'thumbor.pp'
manifest being enabled (which is not yet the default), and so this
commit should have no effect in a default Zulip production environment
(or in the long term, in any Zulip production server that isn't using
thumbor).

Credit for this effort is shared by @TigorC (who initiated the work on
this project), @joshland (who did a great deal of work on this and got
it working during PyCon 2017) and @adnrs96, who completed the work.
2018-07-12 20:37:34 +05:30
Tim Abbott afdfdf775c nginx: Set X-Frame-Options header to DENY.
While there are legitimate use cases for embedded Zulip in an iFrame,
they're rare, and it's more important to prevent this category of
attack by default.

Sysadmins can switch this to a whitelist when they want to use frames.
2018-05-30 09:24:17 -07:00
Sampriti Panda 250015a5d5 pgroonga: Fix issues with HTML escaping in queries. 2018-05-28 16:53:30 -07:00
Vishnu Ks 54a002c2e2 requirements: Upgrade pyflakes to 2.0.0.
We fix a few errors that only the new version finds.
2018-05-24 11:31:36 -07:00
Tim Abbott 42da4522a9 puppet-apt: Fix buggy access to caller_module_name.
New versions of Puppet on Ubuntu bionic don't like this.
2018-05-24 09:52:16 -07:00
Tim Abbott b83ba85100 puppet: Switch memcached to using common total_memory_mb value.
This just cuts a bit of unnecessary code duplication.
2018-05-24 09:49:43 -07:00
Tim Abbott 9b4b15cd0a static_asset_compiler: Remove dependency on node packages.
We no longer need or use these, since Zulip installs a pinned version
of node directly with the scripts/setup/install-node tool.

Noticed because in the effort of adding Ubuntu bionic support, we
noticed the package names changed again.
2018-05-24 09:43:45 -07:00
Tim Abbott c843276196 nginx: Fix accidental load-balancing between IPv4 and IPv6.
Apparently, our nginx configuration's use of "localhost", combined
with the default in modern Linux of having localhost resolve to both
the IPv4 and IPv6 addresses on a given machine, resulted in `nginx`
load-balancing requests to a given Zulip server between the IPv4 and
IPv6 addresses.  This, in turn, resulted in irrelevant 502 errors
problems every few minutes on the /events endpoints for some clients.

Disabling IPv6 on the server resolved the problem, as does simply
spelling localhost as 127.0.0.1 for the `nginx` upstreams that we
declare for proxying to non-Django services on localhost.
2018-05-22 11:56:59 -07:00
Tim Abbott 12dcabcdbd docker: Remove need for static_asset_compiler.
Now that the way we're installing from Git involving building a
release tarball with a 2-stage build, we no longer need to do this.
2018-05-20 13:15:21 -07:00
Tim Abbott 61d6965634 puppet: Add option for controlling file upload nginx config.
Now, one can just set `no_serve_uploads` in `zulip.conf` to prevent
`nginx` from serving locally uploaded files.

This should help simplify the S3 integration setup process.
2018-05-17 07:02:30 -07:00
Tim Abbott 6d74ba8271 puppet: Add zulip.conf option for HTTP only.
This option is intended to support situations like a quick Docker
setup where doing HTTPS adds more setup overhead than it's worth.
It's not intended to be used in actual production environments.
2018-05-17 06:58:35 -07:00
Jason Michalski 3d8e424d84 puppet: Add cron package dependency
The Zulip puppet installs various cron jobs and will fail if cron is not
installed. This was found when installing Zulip in a minimal docker
image.
2018-05-16 15:04:31 -07:00
Tim Abbott f2efa122a6 puppet: Include static_asset_compiler in dockervoyager.
This is required to build static assets from Git.
2018-05-15 18:27:01 -07:00
Tim Abbott 9498260516 puppet: Include process_fts_updates in dockervoyager manifest.
This is preferred, since we don't currently have a way to run Django
logic on the postgres hosts with the Docker implementation.

This is a necessary part of removing the need for the docker-zulip
package to patch this file to make Zulip work with Docker.
2018-05-15 15:37:12 -07:00
Tim Abbott ee3cd95bd1 puppet: Remove python 2 psycopg2 package.
We no longer need this, since we're a Python 3 project now.
2018-05-15 15:37:12 -07:00
Tim Abbott bd5e2ddc74 puppet: Extract zulip::process_fts_updates.
In theory, one might want to run this either on the postgres server or
on an application server.
2018-05-15 15:37:12 -07:00
Tim Abbott b656388ee2 check_send_receive_time: Fix mypy Optional issues.
These were not correctly interacting with the Zulip API, and improved
annotations in the API bindings are now actually being type-checked.
2018-05-15 09:06:56 -07:00
Tim Abbott dc0696af74 puppet: Ensure zulip user owns key /etc/zulip files.
The main purpose of this change is to make it guaranteed that
`manage.py register_server --rotate-key` can edit the
/etc/zulip/zulip-secrets.conf configuration via crudini.

But it also adds value by ensuring zulip-secrets.conf is not readable
by other users.
2018-05-06 21:54:02 -07:00
Tim Abbott 3ac7f01e4b puppet: Replace dockervoyager supervisord hack with a better one.
This hack is still pretty bad, but at least it still works on puppet 4.
2018-05-06 21:28:03 -07:00
Tim Abbott eab1d1d9e7 puppet: Fix puppet-apt bug with modern apt-key.
With modern apt-key, the fingerprints are displayed in the more fully
written-out format with spaces, and so `apt-key add` was being run
every time.

This fixes some unnecessary work being done on each puppet run on
Debian stretch.

I would have preferred to not need to do this by upgrading to
upstream, but see #7423 for notes on why that isn't going to work
(basically they broke support for puppet older than 4).
2018-05-06 21:10:24 -07:00
Tim Abbott 7fe19ef8e7 puppet: Remove </% example characters from sample postgres config.
Apparently, these confused the puppet template parser, since they are
somewhat similar to its syntax, resulting in errors trying to use
these templates.  It's easy enough to just remove the example
content from the base postgres config file.
2018-05-06 19:50:38 -07:00
Tim Abbott 63fe39e381 zulip_ops: Disable Ubuntu's built-in update-motd.d files.
We can't really do this in the zulip manifests (since it's sorta a
sysadmin policy decision), but these scripts can cause significant
load when Nagios logs into a server (because many of them take 50ms or
more of work to run).  So we just get rid of them.
2018-05-06 18:47:40 -07:00
Tim Abbott 427b404b9b puppet: Fix detection of Debian/Ubuntu version.
The previous configuration, missing a ^, had the 8.x for Debian Jessie
match Ubuntu 18.04 by accident.
2018-05-05 11:52:45 -07:00
Tim Abbott cf90b9cec0 puppet: Make memory computations work with Puppet 4.
The actual approach for achieving this goal is to take our manual
parsing and move it to the central base.pp.
2018-05-05 11:25:48 -07:00
Tim Abbott 0c1a0a35ec static_asset_compiler: Assume non-trusty is newer.
It seems unlikely we're going to add support for additional older
Debian-based distributions, so it makes sense to just use an else
statement.  This should save a bit of busywork every time we add a new
distro.
2018-05-05 10:50:17 -07:00
Tim Abbott 8ea8bfe285 puppet: Add basic configuration for Ubuntu bionic. 2018-05-05 10:49:09 -07:00