Commit Graph

1400 Commits

Author SHA1 Message Date
Alex Vandiver 0115fa9c60 start-server/restart-server: Drop privileges if necessary.
Rather than tell the user to re-run the command as `zulip` instead of
`root`, do the privilege-dropping ourselves.
2024-02-07 12:33:00 -08:00
Alex Vandiver 24d3832926 teleport: Upgrade to Teleport 14. 2024-01-31 16:41:04 -08:00
Anders Kaseorg 93198a19ed requirements: Upgrade Python requirements.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-01-29 10:41:54 -08:00
Alex Vandiver 5786a38cec log-search: Match against path without query parameters.
The nginx logs have query parameters; display them, but do not use
them for URL matching.
2024-01-26 09:02:00 -08:00
Alex Vandiver 1ba2f39854 install: Support PostgreSQL 16. 2023-12-23 14:57:12 -08:00
Anders Kaseorg a13e42f18a docs: Add missing spaces around code spans.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-12-14 00:05:44 -08:00
Anders Kaseorg 223b626256 python: Use urlsplit instead of urlparse.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-12-05 13:03:07 -08:00
Anders Kaseorg 8a7916f21a python: Consistently use from…import for datetime.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-12-05 12:01:18 -08:00
Alex Vandiver 7c8eacfa12 queue: Increase paging thresholds for deferred_work queue.
This queue is used to things which definitionally may take longer than
a request, so paging after 60s is rather aggressive.  This is
especially true because this queue has a very long tail of very slow
tasks -- p99 of task time in this queue is 8.5s, while p99.9 is 197s.

Raise the paging threshold to 15 minutes.  While there are
semi-user-facing tasks which use this queue (primarily marking
messages as read), those being delayed for minutes is already a real
possibility if they are stuck behind a large realm export -- and this
is not a situation which should necessarily page, since it is not
solvable by the administrator.
2023-11-09 13:51:00 -08:00
Anders Kaseorg dcdbb39c31 install-node: Upgrade Node.js from 18.18.0 to 20.9.0.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-11-08 16:11:15 -08:00
Alex Vandiver fb80ecd9c3 upgrade-zulip: Defer cache-filling to just outside the critical period.
Filling caches needs to happen close to when the server is restarted,
as the gap opens us up to race conditions with user modifications.  If
there are migrations, however, it must happen within the critical
period after the migrations are applied.

Move the call to fill the caches to within the `shutdown_server`
function, so that we push it as close to the server shutdown as
possible.
2023-11-08 11:00:00 -08:00
Anders Kaseorg a50eb2e809 mypy: Enable new error explicit-override.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-12 12:28:41 -07:00
Anders Kaseorg d257002ad8 scripts: Use setup_path in restart-server, stop-server.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-12 12:28:41 -07:00
Anders Kaseorg cc07b8c79c install-node: Upgrade Node.js from 18.17.1 to 18.18.0.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-09 14:16:23 -07:00
Anders Kaseorg 835ee69c80 docs: Fix grammar errors found by mwic.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-09 13:24:09 -07:00
Alex Vandiver 2057057be4 pgroonga: Do not attempt to configure pgroonga without a database.
This can happen if `machine.pgroonga` is set during initial
installation.  We cannot run `CREATE EXTENSION PGROONGA` because the
database that we need to run that statement in does not exist yet;
make the command a silent no-op that does not create the
`pgroonga_setup.sql.applied` flag file, such that a later
`zulip-puppet-apply` once the database exists can pick up and install
the extension.
2023-09-22 11:45:00 -07:00
Anders Kaseorg 2665a3ce2b python: Elide unnecessary list wrappers.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-09-13 12:41:23 -07:00
evykassirer eff0a73925 emoji: Add unified_reactions.json to the sha1sum. 2023-09-13 12:40:59 -07:00
Anders Kaseorg 81bd63cb46 ruff: Fix PIE808 Unnecessary `start` argument in `range`.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-09-01 14:57:01 -07:00
Anders Kaseorg ead7b9177a check-database-compatibility: Ignore twofactor typo.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-08-23 22:14:26 -07:00
shu.chen 321776ac49
provision: Add provision support for Fedora 38.
Tweaked provision script to run successfully in Fedora 38 and
included a script to build the groonga libs from source because
the packages in Fedora repos are outdated.

There is a major version jump from the last supported version (F34)
which is EOL so references and support for older versions were
removed.

Fixes: #20635
2023-08-22 11:26:29 -07:00
Anders Kaseorg 344bfbf539 install-node: Upgrade Node.js from 18.17.0 to 18.17.1.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-08-17 18:16:47 -07:00
Anders Kaseorg c43629a222 ruff: Fix PLW1510 `subprocess.run` without explicit `check` argument.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-08-17 17:05:34 -07:00
David Rosa d205850d54 docs: Update .html links pointing to "Upgrade Zulip" or "Modify Zulip".
Follow-up to #24089.
2023-08-11 16:49:32 -07:00
Anders Kaseorg e932e2ce52 ruff: Fix UP032 Use f-string instead of `format` call.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-08-02 15:58:55 -07:00
Anders Kaseorg 5ccb408f19 build-pgroonga: Upgrade PGroonga from 3.0.3 to 3.1.0.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-07-25 17:33:42 -07:00
n0099 2b1d250154 nginx: Switch from `$host` to `$http_host` for HTTP/3 compatibility.
nginx sets the value of the `$http_host` variable to the empty string
when using http/3, as there is technically no `Host:` header sent:
https://github.com/nginx-quic/nginx-quic/issues/3

Users with a browser that support http/3 will send their first request
to nginx with http/2, and get an expected HTTP 200 -- but any
subsequent requests will fail with am HTTP 400, since the browser will
have upgraded to http/3, which has an empty `Host` header, which Zulip
rejects.

Switch to the `$host` variable, which works for all HTTP versions.

Co-authored-by: Alex Vandiver <alexmv@zulip.com>
2023-07-25 18:20:34 -04:00
Anders Kaseorg 2ae285af7c ruff: Fix PLR1714 Consider merging multiple comparisons.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-07-23 15:21:33 -07:00
Anders Kaseorg e890033f76 install-node: Upgrade Node.js from 18.16.0 to 18.17.0.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-07-21 15:58:42 -07:00
Anders Kaseorg b285813beb error_notify: Remove custom email error reporting handler.
Restore the default django.utils.log.AdminEmailHandler when
ERROR_REPORTING is enabled.  Those with more sophisticated needs can
turn it off and use Sentry or a Sentry-compatible system.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-07-20 11:00:09 -07:00
Alex Vandiver 1accc6929e upgrade: Check PostgreSQL versions after venv setup.
The claim in the comment from c8ec3dfcf6, that we can and should use
the current deploy's venv, misses one key case -- when upgrading the
operating system, the current deploy's venv is unworkable, since it
was configured for a previous version of Python.  As such, any attempt
to load Django to verify the version of PostgreSQL it is talking to
must happen after the venv is configured.

Move the database version check into
`scripts/lib/check-database-compatibility`, which also moves it after
the new venv is configured.

Because we no longer reliably know, at `apt-get upgrade` time, what
version of PostgreSQL is installed, we hold all versions of the
pgroonga packages.
2023-07-19 14:19:28 -07:00
Alex Vandiver 3bf83e8830 log-search: Prevent BrokenPipeError exceptions when run with `head`.
See https://docs.python.org/3/library/signal.html#note-on-sigpipe
2023-07-13 11:53:42 -07:00
Alex Vandiver 695295421a puppet: Upgrade Teleport to the 13.x series. 2023-07-13 11:46:51 -07:00
Alex Vandiver f5540303ba pgroonga: Remove 'GRANT USAGE' statement again.
dc2726c814 removed these statements, but c8ec3dfcf6 accidentally
brought one back.  Remove it.
2023-06-26 10:47:17 -04:00
Alex Vandiver ec4bfd7c78 install: Use the initially-cloned repo as the base /srv/zulip.git.
This ensures that the next `upgrade-zulip-from-git` has access to the
commit history of the initial install, if it was from a forked
repository.  `/home/zulip/deployments/current` and `/srv/zulip.git`
are not quite organized into the steady-state that they will have
after one `upgrade-zulip-from-git`:
 - `/home/zulip/deployments/current` is its own clone, not a worktree
 - `/srv/zulip.git` has an origin of `/home/zulip/deployments/current`
 - `remote.origin.mirror` is set on `/srv/zulip.git`
 - `remote.origin.fetch` is `+refs/*:refs/*`

All but the first are automatically cleaned up by
`upgrade-zulip-from-git` when it is next run, using the code added in
30457ecd02.  The additional complexity of making an existing
independent clone into a worktree seem not worth solving the first
point.
2023-06-24 07:43:04 -07:00
Alex Vandiver 1276653ec8 upgrade-zulip: The "git rev-parse" command can parse "git describe" output directly. 2023-06-24 07:43:04 -07:00
Alex Vandiver c8ec3dfcf6 pgroonga: Run upgrade SQL when pgroonga package is updated.
Updating the pgroonga package is not sufficient to upgrade the
extension in PostgreSQL -- an `ALTER EXTENSION pgroonga UPDATE` must
explicitly be run[^1].  Failure to do so can lead to unexpected behavior,
including crashes of PostgreSQL.

Expand on the existing `pgroonga_setup.sql.applied` file, to track
which version of the PostgreSQL extension has been configured.  If the
file exists but is empty, we run `ALTER EXTENSION pgroonga UPDATE`
regardless -- if it is a no-op, it still succeeds with a `NOTICE`:

```
zulip=# ALTER EXTENSION pgroonga UPDATE;
NOTICE:  version "3.0.8" of extension "pgroonga" is already installed
ALTER EXTENSION
```

The simple `ALTER EXTENSION` is sufficient for the
backwards-compatible case[^1] -- which, for our usage, is every
upgrade since 0.9 -> 1.0.  Since version 1.0 was released in 2015,
before pgroonga support was added to Zulip in 2016, we can assume for
the moment that all pgroonga upgrades are backwards-compatible, and
not bother regenerating indexes.

Fixes: #25989.

[^1]: https://pgroonga.github.io/upgrade/
2023-06-23 14:40:27 -07:00
Alex Vandiver dc2726c814 pgroonga: Remove now-unnecessary 'GRANT USAGE' statement.
This was only necessary for PGroonga 1.x, and the `pgroonga` schema
will most likely be removed at some point inthe future, which will
make this statement error out.

Drop the unnecessary statement.
2023-06-23 14:40:27 -07:00
Alex Vandiver 875502b2e1 upgrade-postgresql: Only upgrade to a supported version. 2023-06-12 16:37:55 -07:00
Alex Vandiver a472667ca1 upgrade-zulip: Verify postgresql.version against where data is stored.
This prevents installing a PostgreSQL server which matches
/etc/zulip/zulip.conf but which has no data and is not used by Django.
2023-06-07 14:59:54 -07:00
Alex Vandiver b9210e3ed9 upgrade-zulip: Set postgresql.version from running version, not a guess. 2023-06-07 14:59:54 -07:00
Alex Vandiver 6dc8f748ae upgrade-zulip: Simplify PostgreSQL version check.
This is much simpler now that we do not support PostgreSQL 9.x.
2023-06-07 14:59:54 -07:00
Alex Vandiver 1f68726cb8 upgrade-postgresql: Prevent upgrades if /etc/zulip/zulip.conf is wrong.
If the `postgresql.version` in `/etc/zulip/zulip.conf` is out of date
or wrong, upgrading to the actual current version would drop your
production database without prompting.  While we do document taking a
Zulip backup (which includes a database backup) before running
`upgrade-postgresql`[^1], not everyone does so, with possibly
catastrophic consequences.

Do a true end-to-end check of the version in `/etc/zulip/zulip.conf`
by asking Django to query the database for its version, checking that
against the configured value, and aborting if there is any
disagreement.

[^1]: https://zulip.readthedocs.io/en/latest/production/upgrade.html#upgrading-postgresql
2023-06-07 14:59:54 -07:00
Alex Vandiver 32e1384ca0 upgrade-postgresql: Prevent PostgreSQL downgrades. 2023-06-07 14:59:54 -07:00
Alex Vandiver 501d38b781 upgrade-postgresql: Check for undefined variables. 2023-06-07 14:59:54 -07:00
Anders Kaseorg f3684e842a install: Check CPU and OS architecture.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-06-01 17:09:48 -07:00
Anders Kaseorg 37040ac49d install: Add system_requirements_failure helper.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-06-01 17:09:48 -07:00
Anders Kaseorg 12310189ed install: Support Debian 12.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-05-18 11:52:22 -07:00
Anders Kaseorg 83c0ed2a9d build-pgroonga: Upgrade PGroonga from 2.3.6 to 3.0.3.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-05-18 11:52:22 -07:00
Alex Vandiver 0da62e7cda supervisor: Retry, with backoff, to connect to supervisor socket.
If `zulip-puppet-apply` is run during an upgrade, it will immediately
try to re-`stop-server` before running migrations; if the last step in
the puppet application was to restart `supervisor`, it may not be
listening on its UNIX socket yet.  In such cases, `socket.connect()`
throws a `FileNotFoundError`:

```
Traceback (most recent call last):
  File "./scripts/stop-server", line 53, in <module>
    services = list_supervisor_processes(services, only_running=True)
  File "./scripts/lib/supervisor.py", line 34, in list_supervisor_processes
    processes = rpc().supervisor.getAllProcessInfo()
  File "/usr/lib/python3.9/xmlrpc/client.py", line 1116, in __call__
    return self.__send(self.__name, args)
  File "/usr/lib/python3.9/xmlrpc/client.py", line 1456, in __request
    response = self.__transport.request(
  File "/usr/lib/python3.9/xmlrpc/client.py", line 1160, in request
    return self.single_request(host, handler, request_body, verbose)
  File "/usr/lib/python3.9/xmlrpc/client.py", line 1172, in single_request
    http_conn = self.send_request(host, handler, request_body, verbose)
  File "/usr/lib/python3.9/xmlrpc/client.py", line 1285, in send_request
    self.send_content(connection, request_body)
  File "/usr/lib/python3.9/xmlrpc/client.py", line 1315, in send_content
    connection.endheaders(request_body)
  File "/usr/lib/python3.9/http/client.py", line 1250, in endheaders
    self._send_output(message_body, encode_chunked=encode_chunked)
  File "/usr/lib/python3.9/http/client.py", line 1010, in _send_output
    self.send(msg)
  File "/usr/lib/python3.9/http/client.py", line 950, in send
    self.connect()
  File "./scripts/lib/supervisor.py", line 10, in connect
    self.sock.connect(self.host)
FileNotFoundError: [Errno 2] No such file or directory
```

Catch the `FileNotFoundError` and retry twice more, with backoff.  If
it fails repeatedly, point to `service supervisor status` for further
debugging, as `FileNotFoundError` is rather misleading -- the file
exists, it simply is not accepting connections.
2023-05-12 13:14:27 -07:00