Now, the python venv is now created via `pyvenv` or `python3 -m venv`
instead of the legacy `virtualenv`. For this, not all python processes
from the venv need to be stopped.
Migration from previous versions of this type may be difficult, but
solvable if the venv will be recreated.
The Gunicorn type now supports systemd sockets only. With uWSGI, you can
choose between it and the native sockets based on the parameters chosen.
This is done because it could not be implemented to have multiple
protocols with the systemd sockets (so you may choose).
The systemd socket unit file is generally available, so both types use
the same script to generate the socket unit file.
Changed flag (force to ignore a non-existant directory), typo and
swapped arguments are done. Also, the process to stop all processes from
the virtal environment has changed: Now, it stops all potential services
and ignore errors (because a service doesn't exist).
After that, it sends a kill signal to all processes and then gracefully
wait since there is no option to do that with systemd.
The default value is set to preserve all data saved by netbox. As
explained in the manpage, it sets the directory for all data directories
to `~netbox/data/` (would resolve to `/opt/netbox/data/`), so upgrades
will not remove this data.
This commit brings consistency into the --restart parameter for systemd
units. All units except the netbox wrapper service will be restarted on
unit change.
Cause of corrupt databases if the services are restarted incorrectly,
the order and dependencies are adjusted. Now, the `netbox-rq` service
will be included in restarts of `netbox` and required for the WSGI
servers that it must running.
For these changes, the restart command of `__netbox` was adjusted. The
other ones where edited too, to use the same command.
All services now require redis and postgresql to be started before them
to prevent any start order issues.
If someone asked for what the RQ worker is required, see here:
https://netbox.readthedocs.io/en/stable/additional-features/webhooks/#webhook-processing
Because `/dev/random` was used, the `cdist config` could hang a long
time to get real random values. The pseudo-generated values through
`/dev/urandom` are fully enought for the secret key.
Because `set -e` got printed all the time, the type __netbox always had
some generated code for the remote side. This line was removed because
this is already done by cdist when executing the code-remote script.
Rather, the exit-on-error option was set to some scirpts (two ..).
The `uwsgi-netbox` service now works, also the `netbox` wrapper service.
The PID file was removed from the Gunicorn service as it is not required
and a bit more efford to move it to `/run/` due to permissions.
Generally, all depend on `network.target` instead of
`network-online.target` now, and signals for reload, stop and kill were
added (especially required the uwsgi service).
To avoid aborts because of the python venv could not be updated by
killing all processes that uses the venv.
It will be done all times to prevent any error, because it could not be
reliably detected if the type installs or updates NetBox.
Enables multiple protocols like fastcgi or HTTP to bind to. This makes
it more flexible to use.
Also, a little fix for __netbox was done: correctly output a error msg.
Shellcheck warned about creating content for a python array. As the
string will be printed literally into the config, the warning does not
match to the current case.
The wrapper service will "control" the services added from the
__netbox_* types to provide a general interface. This is more dynamic
than the alias approach used previously. Through this, it is possible
to handle multiple wsgi services for netbox - if this works ..
See as a reference:
http://alesnosek.com/blog/2016/12/04/controlling-a-multi-service-application-with-systemd/
Because someone *want* to use something other than just gunicorn, it was
extracted to a own type. Because gunicorn is a bit deep in the netbox
installation process, it's a bit harder to isolate it.
`__netbox_uwsgi` will come, too.
The secret key is generated if it is not set via parameter and the
explorer does not return any. It will be saved in the netbox home
directory to easily read the key for the config generation.
Fixes error message `/opt/netbox/netbox/netbox/settings.py:141:
UserWarning: REMOTE_AUTH_DEFAULT_PERMISSIONS should be a dictionary.
Backward compatibility will be removed in v2.10.`