Browse Source

add gpodder worker and heartbeat, fix redis connection. now seems to be basically working.

Thomas Buck 1 month ago
parent
commit
b2df19f140

+ 1
- 0
README.md View File

@@ -34,6 +34,7 @@ You can also use statically configured credentials, which is enough for single-u
34 34
 | Self-Signed   | -          | ✔️      | ❓       | ✔️         | ❓        | N/A       |
35 35
 | grafana       | iot        | ✔️      | ❓       | ✔️         | ❓        | ❓        |
36 36
 | Selfoss       | news       | ❌     | ✔️        | ❓        | ❓        | ❓        |
37
+| gPodder       | gpodder    | ✔️     | ❓        | ❓        | ✔️        | ❌        |
37 38
 
38 39
 You don't have to setup all roles, simply select the subset you require.
39 40
 Please take a look inside the respective folders of the roles, they often contain a `DESIGN.md` file explaining the intricacies of the specific software or its configuration.

+ 8
- 0
roles/gpodder/files/etc_logrotate_gpodder View File

@@ -0,0 +1,8 @@
1
+/home/gpodder/*.log {
2
+        daily
3
+        missingok
4
+        rotate 5
5
+        compress
6
+        notifempty
7
+	su gpodder gpodder
8
+}

+ 68
- 2
roles/gpodder/tasks/gpodder.yml View File

@@ -53,6 +53,14 @@
53 53
   service: name=gpodder state=stopped
54 54
   ignore_errors: True
55 55
 
56
+- name: Stop old gpodder worker instance
57
+  service: name=gpodder_worker state=stopped
58
+  ignore_errors: True
59
+
60
+- name: Stop old gpodder beat instance
61
+  service: name=gpodder_beat state=stopped
62
+  ignore_errors: True
63
+
56 64
 - name: Remove old gpodder directory
57 65
   shell: rm -rf /home/gpodder/gpodder
58 66
 
@@ -80,6 +88,9 @@
80 88
 - name: Install dependencies for production in virtualenv
81 89
   shell: bash -c 'source venv/bin/activate && pip install -r requirements-setup.txt' chdir=/home/gpodder/gpodder
82 90
 
91
+- name: Create gpodder logs directory
92
+  file: state=directory path=/home/gpodder/logs owner=gpodder group=gpodder
93
+
83 94
 - name: Create gpodder media directory
84 95
   file:
85 96
     state: directory
@@ -88,10 +99,31 @@
88 99
     group: gpodder
89 100
     mode: 0750
90 101
 
91
-# TODO put env somewhere so we can use it for systemd unit, migration and cron
102
+- name: Add gpodder wrapper script
103
+  template:
104
+    src=home_gpodder_env.j2
105
+    dest=/home/gpodder/env.sh
106
+    owner=gpodder
107
+    group=gpodder
108
+    mode=0750
109
+
110
+- name: Fix ownership of installed files
111
+  shell: chown -R gpodder:gpodder /home/gpodder/gpodder
112
+
113
+- name: Run collecting script for static files
114
+  become: true
115
+  become_user: gpodder
116
+  shell: ./env.sh python manage.py collectstatic --no-input chdir=/home/gpodder
117
+
118
+#- name: Run compiling script for messages
119
+#  become: true
120
+#  become_user: gpodder
121
+#  shell: ./env.sh python manage.py compilemessages chdir=/home/gpodder
92 122
 
93 123
 - name: Run database migration script
94
-  shell: bash -c 'source venv/bin/activate && DATABASE_URL=postgres://{{ gpodder_db_username }}:{{ gpodder_db_password }}@localhost:5432/{{ gpodder_db_database }}?sslmode=disable SECRET_KEY={{ gpodder_secret }} python manage.py migrate' chdir=/home/gpodder/gpodder
124
+  become: true
125
+  become_user: gpodder
126
+  shell: ./env.sh python manage.py migrate chdir=/home/gpodder
95 127
 
96 128
 - name: Add systemd service to start gpodder automatically
97 129
   template:
@@ -100,12 +132,38 @@
100 132
     owner=root
101 133
     group=root
102 134
 
135
+- name: Add systemd service to start gpodder worker automatically
136
+  template:
137
+    src=etc_systemd_system_gpodder_worker.j2
138
+    dest=/etc/systemd/system/gpodder_worker.service
139
+    owner=root
140
+    group=root
141
+
142
+- name: Add systemd service to start gpodder beat automatically
143
+  template:
144
+    src=etc_systemd_system_gpodder_beat.j2
145
+    dest=/etc/systemd/system/gpodder_beat.service
146
+    owner=root
147
+    group=root
148
+
103 149
 - name: Register new gpodder service
104 150
   systemd: name=gpodder daemon_reload=yes enabled=yes
105 151
 
152
+- name: Register new gpodder worker service
153
+  systemd: name=gpodder_worker daemon_reload=yes enabled=yes
154
+
155
+- name: Register new gpodder beat service
156
+  systemd: name=gpodder_beat daemon_reload=yes enabled=yes
157
+
106 158
 - name: Start new gpodder instance
107 159
   service: name=gpodder state=started
108 160
 
161
+- name: Start new gpodder worker instance
162
+  service: name=gpodder_worker state=started
163
+
164
+- name: Start new gpodder beat instance
165
+  service: name=gpodder_beat state=started
166
+
109 167
 # TODO cron jobs
110 168
 # envdir envs/dev python manage.py update-toplist
111 169
 # envdir envs/dev python manage.py update-episode-toplist
@@ -117,6 +175,14 @@
117 175
 # envdir envs/dev python manage.py feed-downloader --toplist --max <max-updates>
118 176
 # envdir envs/dev python manage.py feed-downloader --update-new --max <max-updates>
119 177
 
178
+- name: Configure gpodder logrotate
179
+  copy:
180
+    src=etc_logrotate_gpodder
181
+    dest=/etc/logrotate.d/gpodder
182
+    owner=root
183
+    group=root
184
+    mode=0644
185
+
120 186
 - name: Create the Apache gpodder sites config files
121 187
   template:
122 188
     src=etc_apache2_sites-available_gpodder.j2

+ 14
- 0
roles/gpodder/templates/etc_apache2_sites-available_gpodder.j2 View File

@@ -27,6 +27,20 @@
27 27
     Alias                   /static /home/gpodder/gpodder/static
28 28
     ProxyPassMatch          ^/static !
29 29
 
30
+    Alias                   /favicon.ico /home/gpodder/gpodder/static/favicon.ico
31
+    ProxyPassMatch          ^/favicon.ico !
32
+
33
+    Alias                   /favicon.png /home/gpodder/gpodder/static/favicon.png
34
+    ProxyPassMatch          ^/favicon.png !
35
+
36
+    <Directory /data/gpodder>
37
+        AllowOverride None
38
+        Require all granted
39
+    </Directory>
40
+
41
+    Alias                   /media /data/gpodder
42
+    ProxyPassMatch          ^/media !
43
+
30 44
     ProxyPass               / http://localhost:{{ gpodder_internal_port }}/
31 45
     ProxyPassReverse        / http://localhost:{{ gpodder_internal_port }}/
32 46
 </VirtualHost>

+ 4
- 16
roles/gpodder/templates/etc_systemd_system_gpodder.j2 View File

@@ -9,22 +9,10 @@ Type=simple
9 9
 User=gpodder
10 10
 Restart=always
11 11
 RestartSec=3
12
-WorkingDirectory=/home/gpodder/gpodder
13
-ExecStart=bash -c 'source venv/bin/activate && python manage.py runserver 127.0.0.1:{{ gpodder_internal_port }}'
14
-Environment=DATABASE_URL=postgres://{{ gpodder_db_username }}:{{ gpodder_db_password }}@localhost:5432/{{ gpodder_db_database }}?sslmode=disable
15
-Environment=DEFAULT_BASE_URL=https://{{ gpodder_subdomain }}.{{ domain }}
16
-Environment=SECRET_KEY={{ gpodder_secret }}
17
-Environment=MEDIA_ROOT=/data/gpodder
18
-Environment=DEBUG=False
19
-Environment=MAINTENANCE=False
20
-Environment=STAFF_TOKEN={{ gpodder_staff_token }}
21
-Environment=DEFAULT_FROM_EMAIL=noreply@{{ domain }}
22
-Environment=EMAIL_BACKEND=django.core.mail.backends.smtp.EmailBackend
23
-Environment=EMAIL_HOST={{ domain }}
24
-Environment=EMAIL_PORT=587
25
-Environment=EMAIL_HOST_USER=noreply@{{ domain }}
26
-Environment=EMAIL_HOST_PASSWORD={{ lookup('password', secret + '/' + 'mail_noreply_password length=20 chars=ascii_lowercase,ascii_uppercase,digits') }}
27
-Environment=EMAIL_USE_TLS=True
12
+WorkingDirectory=/home/gpodder
13
+ExecStart=bash -c './env.sh gunicorn mygpo.wsgi:application --bind=127.0.0.1:{{ gpodder_internal_port }} --workers=2 --access-logfile -'
14
+StandardOutput=append:/home/gpodder/gpodder_out.log
15
+StandardError=append:/home/gpodder/gpodder_err.log
28 16
 
29 17
 [Install]
30 18
 WantedBy=multi-user.target

+ 18
- 0
roles/gpodder/templates/etc_systemd_system_gpodder_beat.j2 View File

@@ -0,0 +1,18 @@
1
+[Unit]
2
+Description=Starts the gPodder heartbeat server
3
+Requires=network.target
4
+After=network.target
5
+After=syslog.target
6
+
7
+[Service]
8
+Type=simple
9
+User=gpodder
10
+Restart=always
11
+RestartSec=3
12
+WorkingDirectory=/home/gpodder
13
+ExecStart=bash -c './env.sh celery -A mygpo beat --pidfile /tmp/celerybeat.pid -S django'
14
+StandardOutput=append:/home/gpodder/gpodder_beat_out.log
15
+StandardError=append:/home/gpodder/gpodder_beat_err.log
16
+
17
+[Install]
18
+WantedBy=multi-user.target

+ 18
- 0
roles/gpodder/templates/etc_systemd_system_gpodder_worker.j2 View File

@@ -0,0 +1,18 @@
1
+[Unit]
2
+Description=Starts the gPodder worker server
3
+Requires=network.target
4
+After=network.target
5
+After=syslog.target
6
+
7
+[Service]
8
+Type=simple
9
+User=gpodder
10
+Restart=always
11
+RestartSec=3
12
+WorkingDirectory=/home/gpodder
13
+ExecStart=bash -c './env.sh celery -A mygpo worker --concurrency=3 -l info -Ofair'
14
+StandardOutput=append:/home/gpodder/gpodder_worker_out.log
15
+StandardError=append:/home/gpodder/gpodder_worker_err.log
16
+
17
+[Install]
18
+WantedBy=multi-user.target

+ 28
- 0
roles/gpodder/templates/home_gpodder_env.j2 View File

@@ -0,0 +1,28 @@
1
+#!/usr/bin/env bash
2
+
3
+cd /home/gpodder/gpodder
4
+source venv/bin/activate
5
+
6
+export DATABASE_URL=postgres://{{ gpodder_db_username }}:{{ gpodder_db_password }}@localhost:5432/{{ gpodder_db_database }}?sslmode=disable
7
+export DEFAULT_BASE_URL=https://{{ gpodder_subdomain }}.{{ domain }}
8
+export SECRET_KEY={{ gpodder_secret }}
9
+export MEDIA_ROOT=/data/gpodder
10
+export DEBUG=False
11
+export MAINTENANCE=False
12
+export STAFF_TOKEN={{ gpodder_staff_token }}
13
+export DEFAULT_FROM_EMAIL=noreply@{{ domain }}
14
+export EMAIL_BACKEND=django.core.mail.backends.smtp.EmailBackend
15
+export EMAIL_HOST={{ domain }}
16
+export EMAIL_PORT=587
17
+export EMAIL_HOST_USER=noreply@{{ domain }}
18
+export EMAIL_HOST_PASSWORD={{ lookup('password', secret + '/' + 'mail_noreply_password length=20 chars=ascii_lowercase,ascii_uppercase,digits') }}
19
+export EMAIL_USE_TLS=True
20
+export LOGGING_FILENAME=/home/gpodder/gpodder.log
21
+export LOGGING_DIR_GUNICRON=/home/gpodder/logs
22
+export SERVER_EMAIL=noreply@{{ domain }}
23
+export ADMINS="[('{{ main_user_name }}', '{{ main_user_name }}@{{ domain }}')]"
24
+export BROKER_URL=redis://localhost:6379/1
25
+export ACCOUNT_ACTIVATION_DAYS=7
26
+export ACTIVATION_VALID_DAYS=7
27
+
28
+"$@"

+ 13
- 1
roles/monitoring/files/etc_monit_conf.d_gpodder View File

@@ -1,4 +1,4 @@
1
-check process gpodder matching "python manage.py runserver"
1
+check process gpodder matching "gunicorn mygpo.wsgi:application"
2 2
   group www
3 3
   start program = "/bin/systemctl start gpodder"
4 4
   stop program = "/bin/systemctl stop gpodder"
@@ -7,3 +7,15 @@ check process gpodder matching "python manage.py runserver"
7 7
     with retry 2
8 8
     then restart
9 9
   if 5 restarts within 5 cycles then timeout
10
+
11
+check process gpodder_worker matching "celery -A mygpo worker"
12
+  group www
13
+  start program = "/bin/systemctl start gpodder_worker"
14
+  stop program = "/bin/systemctl stop gpodder_worker"
15
+  if 5 restarts within 5 cycles then timeout
16
+
17
+check process gpodder_beat with pidfile /tmp/celerybeat.pid
18
+  group www
19
+  start program = "/bin/systemctl start gpodder_beat"
20
+  stop program = "/bin/systemctl stop gpodder_beat"
21
+  if 5 restarts within 5 cycles then timeout

Loading…
Cancel
Save