def write_updated_configs() -> None: config_file = get_config_file() ports = get_tornado_ports(config_file) expected_ports = list(range(9800, max(ports) + 1)) assert ( sorted(ports) == expected_ports ), f"ports ({sorted(ports)}) must be contiguous, starting with 9800" with open("/etc/zulip/nginx_sharding.conf.tmp", "w") as nginx_sharding_conf_f, open( "/etc/zulip/sharding.json.tmp", "w") as sharding_json_f: if len(ports) == 1: nginx_sharding_conf_f.write( "set $tornado_server http://tornado;\n") sharding_json_f.write("{}\n") return nginx_sharding_conf_f.write( "set $tornado_server http://tornado9800;\n") shard_map: Dict[str, int] = {} external_host = subprocess.check_output( [ os.path.join(BASE_DIR, "scripts/get-django-setting"), "EXTERNAL_HOST" ], text=True, ).strip() for port in config_file["tornado_sharding"]: shards = config_file["tornado_sharding"][port].strip() if shards: for shard in shards.split(" "): if "." in shard: host = shard else: host = f"{shard}.{external_host}" assert host not in shard_map, f"host {host} duplicated" shard_map[host] = int(port) write_realm_nginx_config_line(nginx_sharding_conf_f, host, port) nginx_sharding_conf_f.write("\n") sharding_json_f.write(json.dumps(shard_map) + "\n")
"social_django", # 2FA related apps. "django_otp", "django_otp.plugins.otp_static", "django_otp.plugins.otp_totp", "two_factor", ] if USING_PGROONGA: INSTALLED_APPS += ["pgroonga"] INSTALLED_APPS += EXTRA_INSTALLED_APPS ZILENCER_ENABLED = "zilencer" in INSTALLED_APPS CORPORATE_ENABLED = "corporate" in INSTALLED_APPS if not TORNADO_PORTS: TORNADO_PORTS = get_tornado_ports(config_file) TORNADO_PROCESSES = len(TORNADO_PORTS) RUNNING_INSIDE_TORNADO = False AUTORELOAD = DEBUG SILENCED_SYSTEM_CHECKS = [ # auth.W004 checks that the UserProfile field named by USERNAME_FIELD has # `unique=True`. For us this is `email`, and it's unique only per-realm. # Per Django docs, this is perfectly fine so long as our authentication # backends support the username not being unique; and they do. # See: https://docs.djangoproject.com/en/2.2/topics/auth/customizing/#django.contrib.auth.models.CustomUser.USERNAME_FIELD "auth.W004", # models.E034 limits index names to 30 characters for Oracle compatibility. # We aren't using Oracle. "models.E034",
if new_hash in old_file.read(): sys.exit(0) if options.verify: sys.exit(1) if "SUPPRESS_SHARDING_NOTICE" not in os.environ: print("** Updated sharding; scripts/refresh-sharding-and-restart required") with open('/etc/zulip/nginx_sharding.conf.tmp', 'w') as nginx_sharding_conf_f, \ open('/etc/zulip/sharding.json.tmp', 'w') as sharding_json_f: # Puppet uses this to know if it needs to rewrite the files nginx_sharding_conf_f.write(f"# Configuration hash: {new_hash}\n") config_file = get_config_file() ports = get_tornado_ports(config_file) expected_ports = list(range(9800, max(ports) + 1)) assert sorted(ports) == expected_ports, \ f"ports ({sorted(ports)}) must be contiguous, starting with 9800" if len(ports) == 1: nginx_sharding_conf_f.write("set $tornado_server http://tornado;\n") sharding_json_f.write('{}\n') sys.exit(0) nginx_sharding_conf_f.write("set $tornado_server http://tornado9800;\n") shard_map: Dict[str, int] = {} external_host = subprocess.check_output([ os.path.join(BASE_DIR, 'scripts/get-django-setting'), 'EXTERNAL_HOST' ],