diff --git a/entrypoint.sh b/entrypoint.sh index 2caaf11..e1a475c 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -9,19 +9,22 @@ set -e # DB aka Database DB_HOST="${DB_HOST:-127.0.0.1}" DB_HOST_PORT="${DB_HOST_PORT:-5432}" +DB_NAME="${DB_NAME:-zulip}" +DB_SCHEMA="${DB_SCHEMA:-zulip}" DB_USER="${DB_USER:-zulip}" DB_ROOT_USER="${DB_ROOT_USER:-postgres}" DB_ROOT_PASS="${DB_ROOT_PASS:-}" DB_PASSWORD="${DB_PASSWORD:-zulip}" DB_PASS="${DB_PASS:-$(echo $DB_PASSWORD)}" -DB_NAME="${DB_NAME:-zulip}" -DB_SCHEMA="${DB_SCHEMA:-zulip}" +unset DB_PASSWORD # RabbitMQ +RABBITMQ_SETUP="${RABBITMQ_SETUP:-True}" RABBITMQ_HOST="${RABBITMQ_HOST:-127.0.0.1}" RABBITMQ_USERNAME="${RABBITMQ_USERNAME:-zulip}" RABBITMQ_PASSWORD="${RABBITMQ_PASSWORD:-zulip}" RABBITMQ_PASS="${RABBITMQ_PASS:-$(echo $RABBITMQ_PASSWORD)}" -RABBITMQ_SETUP="${RABBITMQ_SETUP:-True}" +ZULIP_SECRETS_rabbitmq_password="${ZULIP_SECRETS_rabbitmq_password:-$(echo $RABBITMQ_PASS)}" +unset RABBITMQ_PASSWORD RABBITMQ_PASS # Redis REDIS_RATE_LIMITING="${REDIS_RATE_LIMITING:-True}" REDIS_HOST="${REDIS_HOST:-127.0.0.1}" @@ -30,12 +33,10 @@ REDIS_HOST_PORT="${REDIS_HOST_PORT:-6379}" MEMCACHED_HOST="${MEMCACHED_HOST:-127.0.0.1}" MEMCACHED_HOST_PORT="${MEMCACHED_HOST_PORT:-11211}" MEMCACHED_TIMEOUT="${MEMCACHED_TIMEOUT:-3600}" -# Zulip user setup -export ZULIP_USER_FULLNAME="${ZULIP_USER_FULLNAME:-Zulip Docker}" -export ZULIP_USER_DOMAIN="${ZULIP_USER_DOMAIN:-$(echo $ZULIP_SETTINGS_EXTERNAL_HOST)}" -export ZULIP_USER_EMAIL="${ZULIP_USER_EMAIL:-}" -ZULIP_USER_PASSWORD="${ZULIP_USER_PASSWORD:-zulip}" -export ZULIP_USER_PASS="${ZULIP_USER_PASS:-$(echo $ZULIP_USER_PASSWORD)}" +# Nginx settings +NGINX_WORKERS="${NGINX_WORKERS:-1}" +NGINX_PROXY_BUFFERING="${NGINX_PROXY_BUFFERING:-off}" +NGINX_MAX_UPLOAD_SIZE="${NGINX_MAX_UPLOAD_SIZE:-20m}" # Zulip certifcate parameters ZULIP_AUTO_GENERATE_CERTS="${ZULIP_AUTO_GENERATE_CERTS:True}" ZULIP_CERTIFICATE_SUBJ="${ZULIP_CERTIFICATE_SUBJ:-}" @@ -46,14 +47,23 @@ ZULIP_CERTIFICATE_O="${ZULIP_CERTIFICATE_O:-Dis}" ZULIP_CERTIFICATE_CN="${ZULIP_CERTIFICATE_CN:-}" # Zulip related settings ZULIP_AUTH_BACKENDS="${ZULIP_AUTH_BACKENDS:-EmailAuthBackend}" -ZULIP_SECRETS_rabbitmq_password="${ZULIP_SECRETS_rabbitmq_password:-$(echo $RABBITMQ_PASS)}" ZULIP_RUN_POST_SETUP_SCRIPTS="${ZULIP_RUN_POST_SETUP_SCRIPTS:-True}" +# Zulip user setup +ZULIP_USER_FULLNAME="${ZULIP_USER_FULLNAME:-Zulip Docker}" +ZULIP_USER_DOMAIN="${ZULIP_USER_DOMAIN:-$(echo $ZULIP_SETTINGS_EXTERNAL_HOST)}" +ZULIP_USER_EMAIL="${ZULIP_USER_EMAIL:-}" +ZULIP_USER_PASSWORD="${ZULIP_USER_PASSWORD:-zulip}" +ZULIP_USER_PASS="${ZULIP_USER_PASS:-$(echo $ZULIP_USER_PASSWORD)}" +unset ZULIP_USER_PASSWORD # Log2Zulip settings LOG2ZULIP_ENABLED="False" LOG2ZULIP_EMAIL="" LOG2ZULIP_API_KEY="" LOG2ZULIP_SITE="" LOG2ZULIP_LOGFILES="/var/log/nginx/error.log" +# Auto backup settings +AUTO_BACKUP_ENABLED="${AUTO_BACKUP_ENABLED:-True}" +AUTO_BACKUP_INTERVAL="${AUTO_BACKUP_INTERVAL:-30 3 * * *}" # entrypoint.sh specific variables ZULIP_CURRENT_DEPLOY="/home/zulip/deployments/current" @@ -61,7 +71,10 @@ ZPROJECT_SETTINGS="$ZULIP_CURRENT_DEPLOY/zproject/settings.py" # BEGIN appRun functions # === initialConfiguration === -linkDirectoriesToVolume() { +prepareDirectories() { + if [ ! -d "$DATA_DIR/backups" ]; then + mkdir -p "$DATA_DIR/backups" + fi if [ ! -d "$DATA_DIR/certs" ]; then mkdir -p "$DATA_DIR/certs" fi @@ -76,9 +89,6 @@ linkDirectoriesToVolume() { fi ln -sfT "$DATA_DIR/uploads" /home/zulip/uploads chown zulip:zulip -R "$DATA_DIR/uploads" - if [ ! -d "$DATA_DIR/post-setup.d/" ]; then - mkdir -p "$DATA_DIR/post-setup.d/" - fi } setConfigurationValue() { if [ -z "$1" ]; then @@ -95,10 +105,10 @@ setConfigurationValue() { if [ -z "$TYPE" ]; then case "$2" in [Tt][Rr][Uu][Ee]|[Ff][Aa][Ll][Ss][Ee]) - local TYPE="bool" + TYPE="bool" ;; *) - local TYPE="string" + TYPE="string" ;; esac fi @@ -109,31 +119,38 @@ setConfigurationValue() { fi ;; literal) - local VALUE="$2" + VALUE="$2" ;; bool|boolean|int|integer|array) - local VALUE="$KEY = $2" + VALUE="$KEY = $2" ;; string|*) - local VALUE="$KEY = '${2//\'/\'}'" + VALUE="$KEY = '${2//\'/\'}'" ;; esac echo "$VALUE" >> "$FILE" echo "Setting key \"$KEY\" with value \"$VALUE\"." } +nginxConfiguration() { + echo "Executing nginx configuration ..." + sed -i "s/worker_processes .*/worker_processes $NGINX_WORKERS;" /etc/nginx/nginx.conf + sed -i "s/client_max_body_size .*/client_max_body_size $NGINX_MAX_UPLOAD_SIZE;" /etc/nginx/nginx.conf + sed -i "s/proxy_buffering .*/proxy_buffering $NGINX_PROXY_BUFFERING;" /etc/nginx/zulip-include/app + echo "Nginx configuration succeeded." +} configureCerts() { echo "Exectuing certificates configuration..." echo "===" case "$ZULIP_AUTO_GENERATE_CERTS" in [Tt][Rr][Uu][Ee]) - export ZULIP_AUTO_GENERATE_CERTS="True" + ZULIP_AUTO_GENERATE_CERTS="True" ;; [Ff][Aa][Ll][Ss][Ee]) - export ZULIP_AUTO_GENERATE_CERTS="False" + ZULIP_AUTO_GENERATE_CERTS="False" ;; *) - echo "ZULIP_AUTO_GENERATE_CERTS not \"True/true\" or \"Right/right\". Defaulting to \"True\"." - export ZULIP_AUTO_GENERATE_CERTS="True" + echo "Defaulting \"ZULIP_AUTO_GENERATE_CERTS\" to \"True\". Couldn't parse if \"True\" or \"False\"." + ZULIP_AUTO_GENERATE_CERTS="True" ;; esac if [ -e "$DATA_DIR/certs/zulip.key" ]; then @@ -144,16 +161,19 @@ configureCerts() { fi if [ ! -e "$DATA_DIR/certs/zulip.key" ] && [ ! -e "$DATA_DIR/certs/zulip.combined-chain.crt" ]; then if [ ! -z "$ZULIP_AUTO_GENERATE_CERTS" ] && ([ "$ZULIP_AUTO_GENERATE_CERTS" == "True" ] || [ "$ZULIP_AUTO_GENERATE_CERTS" == "true" ]); then - echo "ZULIP_AUTO_GENERATE_CERTS is true and no certs where found in $DATA_DIR/certs. Autogenerating certificates ..." + echo "No certs in \"$DATA_DIR/certs\"." + echo "Autogenerating certificates ..." if [ -z "$ZULIP_CERTIFICATE_SUBJ" ]; then if [ -z "$ZULIP_CERTIFICATE_CN" ]; then if [ -z "$ZULIP_SETTINGS_EXTERNAL_HOST" ]; then - echo "Certificates generation failed. Missing ZULIP_CERTIFICATE_CN and as backup ZULIP_SETTINGS_EXTERNAL_HOST not given." - return 1 + echo "Certificates generation failed. \"ZULIP_CERTIFICATE_CN\" and as fallback \"ZULIP_SETTINGS_EXTERNAL_HOST\" not given." + echo "===" + echo "Certificates configuration failed." + exit 1 fi - export ZULIP_CERTIFICATE_CN="$ZULIP_SETTINGS_EXTERNAL_HOST" + ZULIP_CERTIFICATE_CN="$ZULIP_SETTINGS_EXTERNAL_HOST" fi - export ZULIP_CERTIFICATE_SUBJ="/C=$ZULIP_CERTIFICATE_C/ST=$ZULIP_CERTIFICATE_ST/L=$ZULIP_CERTIFICATE_L/O=$ZULIP_CERTIFICATE_O/CN=$ZULIP_CERTIFICATE_CN" + ZULIP_CERTIFICATE_SUBJ="/C=$ZULIP_CERTIFICATE_C/ST=$ZULIP_CERTIFICATE_ST/L=$ZULIP_CERTIFICATE_L/O=$ZULIP_CERTIFICATE_O/CN=$ZULIP_CERTIFICATE_CN" fi openssl genrsa -des3 -passout pass:x -out /tmp/server.pass.key 4096 openssl rsa -passin pass:x -in /tmp/server.pass.key -out "$DATA_DIR/certs/zulip.key" @@ -167,11 +187,15 @@ configureCerts() { fi if [ ! -e "$DATA_DIR/certs/zulip.key" ]; then echo "No zulip.key given in $DATA_DIR." - return 1 + echo "===" + echo "Certificates configuration failed." + exit 1 fi if [ ! -e "$DATA_DIR/certs/zulip.combined-chain.crt" ]; then echo "No zulip.combined-chain.crt given in $DATA_DIR." - return 1 + echo "===" + echo "Certificates configuration failed." + exit 1 fi echo "===" echo "Certificates configuration succeeded." @@ -311,7 +335,6 @@ zulipConfiguration() { echo "Zulip configuration succeeded." } log2zulipConfiguration() { - echo "log2zulip is currently not fully implemented. Stay tuned." if [ "$LOG2ZULIP_ENABLED" != "True" ] || [ "$LOG2ZULIP_ENABLED" != "true" ]; then rm -f /etc/cron/conf.d/log2zulip return 0 @@ -332,10 +355,20 @@ log2zulipConfiguration() { echo "===" echo "Log2Zulip configuration succeeded." } +autoBackupConfiguration() { + if [ "$AUTO_BACKUP_ENABLED" != "True" ] || [ "$AUTO_BACKUP_ENABLED" != "true" ]; then + rm -f /etc/cron.d/autobackup + echo "Auto backup is disabled. Continuing." + return 0 + fi + echo "MAILTO=""\n$AUTO_BACKUP_INTERVAL cd /;/entrypoint.sh app:backup" > /etc/cron.d/autobackup + echo "Auto backup enabled." +} initialConfiguration() { echo "=== Begin Initial Configuration Phase ===" - secretsConfiguration + nginxConfiguration configureCerts + secretsConfiguration databaseConfiguration cacheRatelimitConfiguration authenticationBackends @@ -344,6 +377,7 @@ initialConfiguration() { camoConfiguration zulipConfiguration log2zulipConfiguration + autoBackupConfiguration echo "=== End Initial Configuration Phase ===" } # === bootstrappingEnvironment === @@ -364,6 +398,7 @@ waitingForDatabase() { } bootstrapDatabase() { echo "(Re)creating database structure ..." + echo "===" export PGPASSWORD="$DB_PASS" echo """ CREATE USER zulip; @@ -379,21 +414,25 @@ bootstrapDatabase() { unset fi unset PGPASSWORD + echo "===" echo "Database structure recreated." } bootstrapRabbitMQ() { + echo "Bootstrapping RabbitMQ ..." + echo "===" echo "RabbitMQ deleting user \"guest\"." - rabbitmqctl -n "$RABBITMQ_HOST" delete_user guest || : + rabbitmqctl -n "$RABBITMQ_HOST" delete_user guest 2> /dev/null || : echo "RabbitMQ adding user \"$RABBITMQ_USERNAME\"." - rabbitmqctl -n "$RABBITMQ_HOST" add_user "$RABBITMQ_USERNAME" "$ZULIP_SECRETS_rabbitmq_password" || : + rabbitmqctl -n "$RABBITMQ_HOST" add_user "$RABBITMQ_USERNAME" "$ZULIP_SECRETS_rabbitmq_password" 2> /dev/null || : echo "RabbitMQ setting user tags for \"$RABBITMQ_USERNAME\"." - rabbitmqctl -n "$RABBITMQ_HOST" set_user_tags "$RABBITMQ_USERNAME" administrator || : + rabbitmqctl -n "$RABBITMQ_HOST" set_user_tags "$RABBITMQ_USERNAME" administrator 2> /dev/null || : echo "RabbitMQ setting permissions for user \"$RABBITMQ_USERNAME\"." - rabbitmqctl -n "$RABBITMQ_HOST" set_permissions -p / "$RABBITMQ_USERNAME" '.*' '.*' '.*' || : + rabbitmqctl -n "$RABBITMQ_HOST" set_permissions -p / "$RABBITMQ_USERNAME" '.*' '.*' '.*' 2> /dev/null || : + echo "===" echo "RabbitMQ bootstrap succeeded." } zulipFirstStartInit() { - if [ -z "$FORCE_INIT" ] || [ -e "$DATA_DIR/.initiated" ]; then + if [ -z "$FORCE_FIRST_START_INIT" ] || [ -e "$DATA_DIR/.initiated" ]; then echo "First Start Init not needed." return 0 fi @@ -401,21 +440,21 @@ zulipFirstStartInit() { echo "===" set +e if ! su zulip -c "/home/zulip/deployments/current/manage.py migrate --noinput"; then - RETURN_CODE=$? + local RETURN_CODE=$? echo "===" echo "Zulip first start init failed in \"migrate --noinput\". with exit code $RETURN_CODE" exit $RETURN_CODE fi echo "Creating Zulip cache and third_party_api_results tables ..." if ! su zulip -c "/home/zulip/deployments/current/manage.py createcachetable third_party_api_results"; then - RETURN_CODE=$? + local RETURN_CODE=$? echo "===" echo "Zulip first start init failed in \"createcachetable third_party_api_results\" with exit code $RETURN_CODE." exit $RETURN_CODE fi echo "Initializing Zulip Voyager database ..." if ! su zulip -c "/home/zulip/deployments/current/manage.py initialize_voyager_db"; then - RETURN_CODE=$? + local RETURN_CODE=$? echo "===" echo "Zulip first start init failed in \"initialize_voyager_db\" with exit code $RETURN_CODE." exit $RETURN_CODE @@ -433,7 +472,7 @@ zulipMigration() { echo "===" set +e if ! su zulip -c "/home/zulip/deployments/current/manage.py migrate"; then - RETURN_CODE=$? + local RETURN_CODE=$? echo "===" echo "Zulip migration failed." exit $RETURN_CODE @@ -449,6 +488,15 @@ runPostSetupScripts() { echo "Not running post setup scripts. ZULIP_RUN_POST_SETUP_SCRIPTS isn't true." return 0 fi + if [ ! -d "$DATA_DIR/post-setup.d/" ]; then + echo "No post-setup.d folder found. Skipping post setup scripts execution." + echo "Post setup scripts execution skipped." + return 0 + fi + if [ "$(ls -A "$DATA_DIR/post-setup.d/")" ]; then + echo "No post setup scripts found in \"$DATA_DIR/post-setup.d/\"." + return 0 + fi echo "Post setup scripts execution ..." echo "===" set +e @@ -456,7 +504,7 @@ runPostSetupScripts() { if [ -x "$FILE" ]; then echo "Executing \"$FILE\" ..." bash -c "$FILE" - echo "Executed \"$FILE\"." + echo "Executed \"$FILE\". Return code $?." else echo "Permissions denied for \"$FILE\". Please check the permissions." echo "===" @@ -479,6 +527,15 @@ bootstrappingEnvironment() { echo "=== End Bootstrap Phase ===" } # END appRun functionss +appRun() { + prepareDirectories + initialConfiguration + bootstrappingEnvironment + echo "=== Begin Run Phase ===" + echo "Starting Zulip using supervisor with \"/etc/supervisor/supervisord.conf\" ..." + echo "===" + exec supervisord -c "/etc/supervisor/supervisord.conf" +} appHelp() { echo "Available commands:" echo "> app:help - Show this help menu and exit" @@ -508,35 +565,95 @@ appManagePy() { exit $? } appBackup() { - echo "This function is coming soon, to your nearest docker-zulip entrypoint.sh ;)" - exit 1 -} -appRun() { - linkDirectoriesToVolume - initialConfiguration - bootstrappingEnvironment - echo "=== Begin Run Phase ===" - echo "Starting Zulip using supervisor with \"/etc/supervisor/supervisord.conf\" ..." + echo "Starting backup process ..." echo "===" - exec supervisord -c "/etc/supervisor/supervisord.conf" + if [ -d "/tmp/backup-$(date "%D-%H-%M-%S")" ]; then + echo "Temporary backup folder for \"$(date "%D-%H-%M-%S")\" already exists. Aborting." + echo "===" + echo "Backup process failed." + exit 1 + fi + local BACKUP_FOLDER + BACKUP_FOLDER="/tmp/backup-$(date "%D-%H-%M-%S")" + mkdir -p "$BACKUP_FOLDER" + waitingForDatabase + pg_dump -h "$DB_HOST" -p "$DB_HOST_PORT" -U "$DB_USER" "$DB_NAME" > "$BACKUP_FOLDER/database-postgres.sql" + tar -zcvf "$DATA_DIR/backups/backup-$(date "%D-%H-%M-%S").tar.gz" "$BACKUP_FOLDER/" + rm -r "${BACKUP_FOLDER:?}/" + echo "===" + echo "Backup process succeeded." + exit 0 +} +appRestore() { + echo "Starting restore process ..." + echo "===" + if [ "$(ls -A "$DATA_DIR/backups/")" ]; then + echo "No backups to restore found in \"$DATA_DIR/backups/\"." + echo "===" + echo "Restore process failed." + exit 1 + fi + while true; do + ls "$DATA_DIR/backups/" | awk '{print "|-> " $1}' + echo "Please enter backup filename (full filename with extension): " + read BACKUP_FILE + if [ -z "$BACKUP_FILE" ]; then + echo "Empty filename given. Please try again." + echo "" + continue + fi + if [ ! -e "$DATA_DIR/backups/$BACKUP_FILE" ]; then + echo "File \"$BACKUP_FILE\" not found. Please try again." + echo "" + fi + break + done + echo "File \"$BACKUP_FILE\" found." + echo "" + echo "==============================================================" + echo "!! WARNING !! Your current data will be deleted!" + echo "!! WARNING !! YOU HAVE BEEN WARNED! You can abort with \"CTRL+C\"." + echo "!! WARNING !! Waiting 10 seconds before continuing ..." + echo "==============================================================" + echo "" + local TIMEOUT=10 + while true; do + TIMEOUT=$(expr $TIMEOUT - 1) + if [[ $TIMEOUT -eq 0 ]]; then + break + fi + echo "$TIMEOUT" + sleep 1 + done + echo "!! WARNING !! Starting restore process ... !! WARNING !!" + waitingForDatabase + tar -zxvf "$DATA_DIR/backups/$BACKUP_FILE" -C /tmp + psql -h "$DB_HOST" -p "$DB_HOST_PORT" -U "$DB_USER" "$DB_NAME" < "/tmp/$(basename "$BACKUP_FILE" | cut -d. -f1)/database-postgres.sql" + rm -r "/tmp/$(basename | cut -d. -f1)/" + echo "===" + echo "Restore process succeeded." + exit 0 } case "$1" in - app:help) - appHelp - ;; - app:version) - appVersion + app:run) + appRun ;; app:managepy) shift 1 exec appManagePy "$@" ;; - app:manage) - appManage + app:backup) + appBackup ;; - app:run) - appRun + app:restore) + appRestore + ;; + app:help) + appHelp + ;; + app:version) + appVersion ;; *) if [[ -x $1 ]]; then diff --git a/zulip-puppet/files/cron.d/active-user-stats b/zulip-puppet/files/cron.d/active-user-stats index 9ef1724..0d40738 100644 --- a/zulip-puppet/files/cron.d/active-user-stats +++ b/zulip-puppet/files/cron.d/active-user-stats @@ -1,3 +1,2 @@ MAILTO="" - -*/10 * * * * zulip cd /home/zulip/deployments/current && python manage.py active_user_stats +*/10 * * * * zulip cd /home/zulip/deployments/current;python manage.py active_user_stats diff --git a/zulip-puppet/files/cron.d/check-apns-tokens b/zulip-puppet/files/cron.d/check-apns-tokens index a2681b1..eeee9a2 100644 --- a/zulip-puppet/files/cron.d/check-apns-tokens +++ b/zulip-puppet/files/cron.d/check-apns-tokens @@ -1,4 +1,3 @@ MAILTO="" - # Remove any stale apple device tokens from our list -0 3 * * * zulip cd /home/zulip/deployments/current && python manage.py check_apns_tokens +0 3 * * * zulip cd /home/zulip/deployments/current;python manage.py check_apns_tokens diff --git a/zulip-puppet/files/cron.d/clearsessions b/zulip-puppet/files/cron.d/clearsessions index 7909010..7e19763 100644 --- a/zulip-puppet/files/cron.d/clearsessions +++ b/zulip-puppet/files/cron.d/clearsessions @@ -1,4 +1,3 @@ MAILTO="" - # Clear all expired Django sessions at 10:22 PM every day. -22 22 * * * zulip cd /home/zulip/deployments/current && python manage.py clearsessions +22 22 * * * zulip cd /home/zulip/deployments/current;python manage.py clearsessions diff --git a/zulip-puppet/files/cron.d/email-mirror b/zulip-puppet/files/cron.d/email-mirror index 5175479..b8e93c8 100644 --- a/zulip-puppet/files/cron.d/email-mirror +++ b/zulip-puppet/files/cron.d/email-mirror @@ -1,3 +1,2 @@ MAILTO="" - -* * * * * zulip cd /home/zulip/deployments/current && python manage.py email-mirror +* * * * * zulip cd /home/zulip/deployments/current;python manage.py email-mirror diff --git a/zulip-puppet/files/cron.d/log2zulip b/zulip-puppet/files/cron.d/log2zulip index 7deeea2..e4f11db 100644 --- a/zulip-puppet/files/cron.d/log2zulip +++ b/zulip-puppet/files/cron.d/log2zulip @@ -1,3 +1,2 @@ MAILTO="" - -* * * * * zulip cd /home/zulip/deployments/current && ./bots/log2zulip +* * * * * zulip cd /home/zulip/deployments/current;./bots/log2zulip diff --git a/zulip-puppet/files/cron.d/rabbitmq-numconsumers b/zulip-puppet/files/cron.d/rabbitmq-numconsumers index 92967b8..bfa8bf0 100644 --- a/zulip-puppet/files/cron.d/rabbitmq-numconsumers +++ b/zulip-puppet/files/cron.d/rabbitmq-numconsumers @@ -1,7 +1,6 @@ SHELL=/bin/bash PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin USER=root - * * * * * root /home/zulip/deployments/current/bin/write-rabbitmq-consumers-state-file notify_tornado * * * * * root /home/zulip/deployments/current/bin/write-rabbitmq-consumers-state-file user_activity * * * * * root /home/zulip/deployments/current/bin/write-rabbitmq-consumers-state-file user_activity_interval diff --git a/zulip-puppet/files/cron.d/send-digest-emails b/zulip-puppet/files/cron.d/send-digest-emails index d9863e2..6c976a3 100644 --- a/zulip-puppet/files/cron.d/send-digest-emails +++ b/zulip-puppet/files/cron.d/send-digest-emails @@ -1,4 +1,3 @@ MAILTO="" - # Send digest emails once a day. Time is in UTC. -0 18 * * * zulip cd /home/zulip/deployments/current && python manage.py enqueue_digest_emails +0 18 * * * zulip cd /home/zulip/deployments/current; python manage.py enqueue_digest_emails diff --git a/zulip-puppet/files/nginx/nginx.conf b/zulip-puppet/files/nginx/nginx.conf index 80af9ff..2757e2b 100644 --- a/zulip-puppet/files/nginx/nginx.conf +++ b/zulip-puppet/files/nginx/nginx.conf @@ -27,7 +27,7 @@ http { error_log /var/log/nginx/error.log; reset_timedout_connection on; - + server_tokens off; gzip on; gzip_disable "msie6"; diff --git a/zulip-puppet/files/nginx/zulip-include-frontend/app b/zulip-puppet/files/nginx/zulip-include-frontend/app index 93ce736..9c10114 100644 --- a/zulip-puppet/files/nginx/zulip-include-frontend/app +++ b/zulip-puppet/files/nginx/zulip-include-frontend/app @@ -39,7 +39,7 @@ location /api/v1/events { proxy_pass http://tornado; include /etc/nginx/zulip-include/proxy_longpolling; - + proxy_buffering on; proxy_set_header X-Real-IP $remote_addr; } diff --git a/zulip-puppet/files/nginx/zulip-include-frontend/upstreams b/zulip-puppet/files/nginx/zulip-include-frontend/upstreams index ebe9681..3be40e3 100644 --- a/zulip-puppet/files/nginx/zulip-include-frontend/upstreams +++ b/zulip-puppet/files/nginx/zulip-include-frontend/upstreams @@ -3,10 +3,10 @@ upstream django { } upstream tornado { - server localhost:9993; + server 127.0.0.1:9993; keepalive 10000; } upstream localhost_sso { - server localhost:8888; + server 127.0.0.1:8888; } diff --git a/zulip-puppet/files/supervisor/conf.d/zulip.conf b/zulip-puppet/files/supervisor/conf.d/zulip.conf index 08f4a99..3f6f1b7 100644 --- a/zulip-puppet/files/supervisor/conf.d/zulip.conf +++ b/zulip-puppet/files/supervisor/conf.d/zulip.conf @@ -43,7 +43,7 @@ socket_owner=zulip:zulip socket_mode=0700 [program:zulip-tornado] -command=python /home/zulip/deployments/current/manage.py runtornado localhost:9993 +command=python /home/zulip/deployments/current/manage.py runtornado 127.0.0.1:9993 priority=200 ; the relative start priority (default 999) autostart=true ; start at supervisord start (default: true) autorestart=true ; whether/when to restart (default: unexpected)