The type now handles the case when the data directory will be moved to
an other location. To this, adjustment to the "maintainer mode" on
setting and the manpage.
Some database parameters are required if the type is `mysql` or `pgsql`.
Also, the variants of the parameter --database-type decreased to those
that work with the configuration, as it is directly mapped to the
parameter.
The functions in `map-conf-changes.sh` where extended to support the
conditional mandatory argument to throw an error if this parameter is
set.
This commit changes the manifest to do not check for too low versions
and does not download and unpack a tarball if available if the parameter
--install-only is set. This should make it useable now.
Also, a short message change to match the manual.
This type should work, but there are still many things to do here to
work nice and well.
Things that currently not work (well):
- not all parameters work for now
- nextcloud installations in subfolders (e.g. slashes in the object id)
Now, the python venv is now created via `pyvenv` or `python3 -m venv`
instead of the legacy `virtualenv`. For this, not all python processes
from the venv need to be stopped.
Migration from previous versions of this type may be difficult, but
solvable if the venv will be recreated.
The Gunicorn type now supports systemd sockets only. With uWSGI, you can
choose between it and the native sockets based on the parameters chosen.
This is done because it could not be implemented to have multiple
protocols with the systemd sockets (so you may choose).
The systemd socket unit file is generally available, so both types use
the same script to generate the socket unit file.
Changed flag (force to ignore a non-existant directory), typo and
swapped arguments are done. Also, the process to stop all processes from
the virtal environment has changed: Now, it stops all potential services
and ignore errors (because a service doesn't exist).
After that, it sends a kill signal to all processes and then gracefully
wait since there is no option to do that with systemd.
The default value is set to preserve all data saved by netbox. As
explained in the manpage, it sets the directory for all data directories
to `~netbox/data/` (would resolve to `/opt/netbox/data/`), so upgrades
will not remove this data.
Currently, dma does not differentiate between login users on the SMTP server.
It will pick whatever entry it finds first
(https://github.com/corecode/dma/blob/v0.13/net.c#L531).
As a result, the --server parameter only adds confusion.
This commit brings consistency into the --restart parameter for systemd
units. All units except the netbox wrapper service will be restarted on
unit change.
Cause of corrupt databases if the services are restarted incorrectly,
the order and dependencies are adjusted. Now, the `netbox-rq` service
will be included in restarts of `netbox` and required for the WSGI
servers that it must running.
For these changes, the restart command of `__netbox` was adjusted. The
other ones where edited too, to use the same command.
All services now require redis and postgresql to be started before them
to prevent any start order issues.
If someone asked for what the RQ worker is required, see here:
https://netbox.readthedocs.io/en/stable/additional-features/webhooks/#webhook-processing
Because `/dev/random` was used, the `cdist config` could hang a long
time to get real random values. The pseudo-generated values through
`/dev/urandom` are fully enought for the secret key.
Because `set -e` got printed all the time, the type __netbox always had
some generated code for the remote side. This line was removed because
this is already done by cdist when executing the code-remote script.
Rather, the exit-on-error option was set to some scirpts (two ..).
Revert working directory changes as the configuration file still needs
to be accessable. An absolute path would work, too, but it is not the
preferred way.
To still work with the python wsgi application, `--chdir` is used.
The `uwsgi-netbox` service now works, also the `netbox` wrapper service.
The PID file was removed from the Gunicorn service as it is not required
and a bit more efford to move it to `/run/` due to permissions.
Generally, all depend on `network.target` instead of
`network-online.target` now, and signals for reload, stop and kill were
added (especially required the uwsgi service).
To avoid aborts because of the python venv could not be updated by
killing all processes that uses the venv.
It will be done all times to prevent any error, because it could not be
reliably detected if the type installs or updates NetBox.
Enables multiple protocols like fastcgi or HTTP to bind to. This makes
it more flexible to use.
Also, a little fix for __netbox was done: correctly output a error msg.
Shellcheck warned about creating content for a python array. As the
string will be printed literally into the config, the warning does not
match to the current case.
The wrapper service will "control" the services added from the
__netbox_* types to provide a general interface. This is more dynamic
than the alias approach used previously. Through this, it is possible
to handle multiple wsgi services for netbox - if this works ..
See as a reference:
http://alesnosek.com/blog/2016/12/04/controlling-a-multi-service-application-with-systemd/
Because someone *want* to use something other than just gunicorn, it was
extracted to a own type. Because gunicorn is a bit deep in the netbox
installation process, it's a bit harder to isolate it.
`__netbox_uwsgi` will come, too.
Some AWK implementations seem to have a problem with parameters named default.
awk: cmd. line:2: function sepafter(f, default, _) {
awk: cmd. line:2: ^ syntax error
awk: cmd. line:5: return _ ? _ : default
awk: cmd. line:5: ^ syntax error
In addition the temp file is removed if an error occurs.
The secret key is generated if it is not set via parameter and the
explorer does not return any. It will be saved in the netbox home
directory to easily read the key for the config generation.
Fixes error message `/opt/netbox/netbox/netbox/settings.py:141:
UserWarning: REMOTE_AUTH_DEFAULT_PERMISSIONS should be a dictionary.
Backward compatibility will be removed in v2.10.`
The working `ls | grep .` like solution was dropped based on the
shellcheck warning. Rather a solution with `find(1)` is used.
As alternative, it could be simply checked if the glob succeeds or not
by test all given arguments if there are existing files. It was dropped
in question if it's really better than the `find(1)` solution.
The ldap config file will be empty (only comments) if no parameter
name set matches `^ldap-*`.
It still generate a ldap config if one or more ldap parameters are set,
but not all basic parameters.