diff --git a/bundles/pretalx/files/pretalx-clearsessions.service b/bundles/pretalx/files/pretalx-clearsessions.service new file mode 100644 index 0000000..48d0659 --- /dev/null +++ b/bundles/pretalx/files/pretalx-clearsessions.service @@ -0,0 +1,9 @@ +[Unit] +Description=pretalx clearsessions + +[Service] +User=pretalx +Group=pretalx +Environment=PRETALX_CONFIG_FILE=/opt/pretalx/pretalx.cfg +WorkingDirectory=/opt/pretalx +ExecStart=/opt/pretalx/venv/bin/python -m pretalx clearsessions diff --git a/bundles/pretalx/files/pretalx-clearsessions.timer b/bundles/pretalx/files/pretalx-clearsessions.timer new file mode 100644 index 0000000..dad236b --- /dev/null +++ b/bundles/pretalx/files/pretalx-clearsessions.timer @@ -0,0 +1,9 @@ +[Unit] +Description=Run pretalx-clearsessions + +[Timer] +OnCalendar=monthly +Persistent=true + +[Install] +WantedBy=timers.target diff --git a/bundles/pretalx/files/pretalx-runperiodic.service b/bundles/pretalx/files/pretalx-runperiodic.service new file mode 100644 index 0000000..c775753 --- /dev/null +++ b/bundles/pretalx/files/pretalx-runperiodic.service @@ -0,0 +1,9 @@ +[Unit] +Description=pretalx runperiodic + +[Service] +User=pretalx +Group=pretalx +Environment=PRETALX_CONFIG_FILE=/opt/pretalx/pretalx.cfg +WorkingDirectory=/opt/pretalx +ExecStart=/opt/pretalx/venv/bin/python -m pretalx runperiodic diff --git a/bundles/pretalx/files/pretalx-runperiodic.timer b/bundles/pretalx/files/pretalx-runperiodic.timer new file mode 100644 index 0000000..70776bf --- /dev/null +++ b/bundles/pretalx/files/pretalx-runperiodic.timer @@ -0,0 +1,9 @@ +[Unit] +Description=Run pretalx-runperiodic + +[Timer] +OnCalendar=*:0/5 +Persistent=true + +[Install] +WantedBy=timers.target diff --git a/bundles/pretalx/files/pretalx-web.service b/bundles/pretalx/files/pretalx-web.service new file mode 100644 index 0000000..aa43278 --- /dev/null +++ b/bundles/pretalx/files/pretalx-web.service @@ -0,0 +1,14 @@ +[Unit] +Description=pretalx web service +After=network.target + +[Service] +User=pretalx +Group=pretalx +Environment=PRETALX_CONFIG_FILE=/opt/pretalx/pretalx.cfg +WorkingDirectory=/opt/pretalx/src/src +ExecStart=/opt/pretalx/venv/bin/gunicorn pretalx.wsgi --name pretalx --workers 4 --max-requests 1200 --max-requests-jitter 50 --log-level=info --bind=127.0.0.1:8345 +Restart=on-failure + +[Install] +WantedBy=multi-user.target diff --git a/bundles/pretalx/files/pretalx-worker.service b/bundles/pretalx/files/pretalx-worker.service new file mode 100644 index 0000000..b37da11 --- /dev/null +++ b/bundles/pretalx/files/pretalx-worker.service @@ -0,0 +1,14 @@ +[Unit] +Description=pretalx background worker +After=network.target + +[Service] +User=pretalx +Group=pretalx +Environment=PRETALX_CONFIG_FILE=/opt/pretalx/pretalx.cfg +ExecStart=/opt/pretalx/venv/bin/celery -A pretalx.celery_app worker -l info +WorkingDirectory=/opt/pretalx +Restart=on-failure + +[Install] +WantedBy=multi-user.target diff --git a/bundles/pretalx/files/pretalx.cfg b/bundles/pretalx/files/pretalx.cfg new file mode 100644 index 0000000..517e02a --- /dev/null +++ b/bundles/pretalx/files/pretalx.cfg @@ -0,0 +1,24 @@ +[filesystem] +data = /opt/pretalx/data +static = /opt/pretalx/static + +[site] +debug = False +url = https://${domain} + +[database] +backend = postgresql +name = ${database['database']} +user = ${database['user']} +password = ${database['password']} +host = ${database.get('host', 'localhost')} +port = ${database.get('port', 5432)} + +[mail] +from = ${mail_from} +host = localhost +port = 25 +user = +password = +tls = False +ssl = False diff --git a/bundles/pretalx/items.py b/bundles/pretalx/items.py new file mode 100644 index 0000000..eebb4ab --- /dev/null +++ b/bundles/pretalx/items.py @@ -0,0 +1,164 @@ +actions = { + 'pretalx_create_virtualenv': { + 'command': '/usr/bin/python3 -m virtualenv -p python3 /opt/pretalx/venv/', + 'unless': 'test -d /opt/pretalx/venv/', + 'needs': { + # actually /opt/pretalx, but we don't create that + 'directory:/opt/pretalx/src', + }, + }, + 'pretalx_install': { + 'command': 'cd /opt/pretalx/src/src && /opt/pretalx/venv/bin/pip install --upgrade pip wheel gunicorn psycopg2-binary .[redis]', + 'needs': { + 'action:pretalx_create_virtualenv', + }, + 'triggered': True, + }, + 'pretalx_migrate': { + 'command': 'PRETALX_CONFIG_FILE=/opt/pretalx/pretalx.cfg /opt/pretalx/venv/bin/python -m pretalx migrate', + 'needs': { + 'action:pretalx_install', + 'file:/opt/pretalx/pretalx.cfg', + 'postgres_db:pretalx', + 'postgres_role:pretalx', + }, + 'triggered': True, + }, + 'pretalx_rebuild': { + 'command': 'sudo -u pretalx PRETALX_CONFIG_FILE=/opt/pretalx/pretalx.cfg /opt/pretalx/venv/bin/python -m pretalx rebuild', + 'needs': { + 'action:pretalx_install', + 'directory:/opt/pretalx/data', + 'directory:/opt/pretalx/static', + 'file:/opt/pretalx/pretalx.cfg', + }, + 'triggered': True, + }, + 'pretalx_regenerate-css': { + 'command': 'sudo -u pretalx PRETALX_CONFIG_FILE=/opt/pretalx/pretalx.cfg /opt/pretalx/venv/bin/python -m pretalx regenerate_css', + 'needs': { + 'action:pretalx_install', + 'directory:/opt/pretalx/data', + 'directory:/opt/pretalx/static', + 'file:/opt/pretalx/pretalx.cfg', + }, + 'triggered': True, + }, +} + +users = { + 'pretalx': { + 'home': '/opt/pretalx', + }, +} + +directories = { + '/opt/pretalx/src': {}, + '/opt/pretalx/data': { + 'owner': 'pretalx', + }, + '/opt/pretalx/static': { + 'owner': 'pretalx', + }, +} + +git_deploy = { + '/opt/pretalx/src': { + 'repo': 'https://github.com/pretalx/pretalx.git', + 'rev': node.metadata['pretalx']['version'], + 'triggers': { + 'action:pretalx_install', + 'action:pretalx_migrate', + 'action:pretalx_rebuild', + 'svc_systemd:pretalx-web:restart', + 'svc_systemd:pretalx-worker:restart', + }, + }, +} + + +svc_systemd = { + 'pretalx-runperiodic.timer': { + 'needs': { + 'action:pretalx_install', + 'action:pretalx_migrate', + 'action:pretalx_rebuild', + 'file:/etc/systemd/system/pretalx-runperiodic.timer', + 'file:/etc/systemd/system/pretalx-runperiodic.service', + 'file:/opt/pretalx/pretalx.cfg', + }, + }, + 'pretalx-clearsessions.timer': { + 'needs': { + 'action:pretalx_install', + 'action:pretalx_migrate', + 'action:pretalx_rebuild', + 'file:/etc/systemd/system/pretalx-clearsessions.timer', + 'file:/etc/systemd/system/pretalx-clearsessions.service', + 'file:/opt/pretalx/pretalx.cfg', + }, + }, + 'pretalx-web': { + 'needs': { + 'action:pretalx_install', + 'action:pretalx_migrate', + 'action:pretalx_rebuild', + 'file:/etc/systemd/system/pretalx-web.service', + 'file:/opt/pretalx/pretalx.cfg', + }, + }, + 'pretalx-worker': { + 'needs': { + 'action:pretalx_install', + 'action:pretalx_migrate', + 'action:pretalx_rebuild', + 'file:/etc/systemd/system/pretalx-worker.service', + 'file:/opt/pretalx/pretalx.cfg', + }, + }, +} + +files = { + '/opt/pretalx/pretalx.cfg': { + 'content_type': 'mako', + 'context': node.metadata['pretalx'], + 'triggers': { + 'svc_systemd:pretalx-web:restart', + 'svc_systemd:pretalx-worker:restart', + }, + }, + '/etc/systemd/system/pretalx-runperiodic.timer': { + 'triggers': { + 'action:systemd-reload', + 'svc_systemd:pretalx-runperiodic.timer:restart', + }, + }, + '/etc/systemd/system/pretalx-runperiodic.service': { + 'triggers': { + 'action:systemd-reload', + }, + }, + '/etc/systemd/system/pretalx-clearsessions.timer': { + 'triggers': { + 'action:systemd-reload', + 'svc_systemd:pretalx-clearsessions.timer:restart', + }, + }, + '/etc/systemd/system/pretalx-clearsessions.service': { + 'triggers': { + 'action:systemd-reload', + }, + }, + '/etc/systemd/system/pretalx-web.service': { + 'triggers': { + 'action:systemd-reload', + 'svc_systemd:pretalx-web:restart', + }, + }, + '/etc/systemd/system/pretalx-worker.service': { + 'triggers': { + 'action:systemd-reload', + 'svc_systemd:pretalx-worker:restart', + }, + }, +} diff --git a/bundles/pretalx/metadata.py b/bundles/pretalx/metadata.py new file mode 100644 index 0000000..2ff47ca --- /dev/null +++ b/bundles/pretalx/metadata.py @@ -0,0 +1,62 @@ +defaults = { + 'apt': { + 'packages': { + 'gettext': {}, + }, + }, + 'backups': { + 'paths': { + '/opt/pretalx/data', + }, + }, + 'icinga2_api': { + 'mautrix-telegram': { + 'services': { + 'PRETALX-WEB PROCESS': { + 'command_on_monitored_host': '/usr/local/share/icinga/plugins/check_systemd_unit pretalx-web', + }, + 'PRETALX-WORKER PROCESS': { + 'command_on_monitored_host': '/usr/local/share/icinga/plugins/check_systemd_unit pretalx-worker', + }, + }, + }, + }, + 'pretalx': { + 'database': { + 'user': 'pretalx', + 'password': repo.vault.password_for('{} postgresql pretalx'.format(node.name)), + 'database': 'pretalx', + }, + }, + 'postgresql': { + 'roles': { + 'pretalx': { + 'password': repo.vault.password_for('{} postgresql pretalx'.format(node.name)), + }, + }, + 'databases': { + 'pretalx': { + 'owner': 'pretalx', + }, + }, + }, +} + + +@metadata_reactor.provides( + 'icinga2_api/pretalx/services', +) +def icinga_check_for_new_release(metadata): + return { + 'icinga2_api': { + 'pretalx': { + 'services': { + 'PRETALX UPDATE': { + 'command_on_monitored_host': '/usr/local/share/icinga/plugins/check_github_for_new_release pretalx/pretalx {}'.format(metadata.get('pretalx/version')), + 'vars.notification.mail': True, + 'check_interval': '60m', + }, + }, + }, + }, + }