From fce38ffb8de719fe7c49b69d5f8243e3b3fb9afe Mon Sep 17 00:00:00 2001 From: Jean-Baptiste Holcroft Date: Tue, 21 Nov 2017 13:09:12 +0100 Subject: [PATCH] fully use socket activation --- conf/uwsgi-app@.service | 2 +- conf/uwsgi-app@.socket | 4 ++-- conf/uwsgi.ini | 1 - scripts/_common.sh | 47 +++++++++++++++++++++-------------------- scripts/backup | 6 ------ scripts/install | 2 +- scripts/remove | 2 +- scripts/restore | 12 +---------- scripts/upgrade | 5 +---- 9 files changed, 31 insertions(+), 50 deletions(-) diff --git a/conf/uwsgi-app@.service b/conf/uwsgi-app@.service index c6baff2..c4603d4 100644 --- a/conf/uwsgi-app@.service +++ b/conf/uwsgi-app@.service @@ -8,7 +8,7 @@ ExecStart=/usr/bin/uwsgi \ --socket /var/run/uwsgi/%i.socket \ --logto /var/log/uwsgi/app/%i User=%i -Group=uwsgi +Group=www-data Restart=on-failure KillSignal=SIGQUIT Type=notify diff --git a/conf/uwsgi-app@.socket b/conf/uwsgi-app@.socket index 9b24b9d..0975e29 100644 --- a/conf/uwsgi-app@.socket +++ b/conf/uwsgi-app@.socket @@ -4,8 +4,8 @@ Description=Socket for uWSGI app %i [Socket] ListenStream=/var/run/uwsgi/%i.socket SocketUser=%i -SocketGroup=uwsgi -SocketMode=0660 +SocketGroup=www-data +SocketMode=0775 [Install] WantedBy=sockets.target diff --git a/conf/uwsgi.ini b/conf/uwsgi.ini index 6ad64d2..fc61d73 100644 --- a/conf/uwsgi.ini +++ b/conf/uwsgi.ini @@ -7,7 +7,6 @@ virtualenv = __FINALPATH__/venv wsgi-file = __FINALPATH__/venv/lib/python2.7/site-packages/weblate/wsgi.py # Needed for OAuth/OpenID buffer-size = 8192 -chmod-socket = 666 # Increase number of workers for heavily loaded sites #workers = 6 # Needed for background processing diff --git a/scripts/_common.sh b/scripts/_common.sh index e2772f6..39f4a90 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -3,26 +3,25 @@ current_version="2.17.1" ynh_check_global_uwsgi_config () { + uwsgi --version || ynh_die "You need to add uwsgi (and appropriate plugin) as a dependency" + if [ -f /etc/systemd/system/uwsgi-app@.service ]; then echo "Uwsgi generic file is already installed" else cp ../conf/uwsgi-app@.socket /etc/systemd/system/uwsgi-app@.socket cp ../conf/uwsgi-app@.service /etc/systemd/system/uwsgi-app@.service - - # create uwsgi group - groupadd uwsgi - - # make sure the folder for sockets exists and set authorizations - mkdir -p /var/run/uwsgi/ - chown root:uwsgi /var/run/uwsgi/ - chmod -R 775 /var/run/uwsgi/ - - # make sure the folder for logs exists and set authorizations - mkdir -p /var/log/uwsgi/app/ - chown root:uwsgi /var/log/uwsgi/app/ - chmod -R 775 /var/log/uwsgi/app/ fi + + # make sure the folder for sockets exists and set authorizations + mkdir -p /var/run/uwsgi/ + chown root:www-data /var/run/uwsgi/ + chmod -R 775 /var/run/uwsgi/ + + # make sure the folder for logs exists and set authorizations + mkdir -p /var/log/uwsgi/app/ + chown root:www-data /var/log/uwsgi/app/ + chmod -R 775 /var/log/uwsgi/app/ } # Create a dedicated uwsgi ini file to use with generic uwsgi service @@ -37,14 +36,15 @@ ynh_check_global_uwsgi_config () { # __FINALPATH__ by $final_path # # usage: ynh_add_systemd_config -ynh_add_uwsgi_config () { +ynh_add_uwsgi_service () { ynh_check_global_uwsgi_config - usermod --append --groups uwsgi "$app" || ynh_die "It wasn't possible to add user $app to group uwsgi" + # www-data group is needed since it is this nginx who will start the service + usermod --append --groups www-data "$app" || ynh_die "It wasn't possible to add user $app to group www-data" finaluwsgiini="/etc/uwsgi/apps-available/$app.ini" ynh_backup_if_checksum_is_different "$finaluwsgiini" - sudo cp ../conf/uwsgi.ini "$finaluwsgiini" + cp ../conf/uwsgi.ini "$finaluwsgiini" # To avoid a break by set -u, use a void substitution ${var:-}. If the variable is not set, it's simply set with an empty variable. # Substitute in a nginx config file only if the variable is not empty @@ -57,22 +57,23 @@ ynh_add_uwsgi_config () { ynh_store_file_checksum "$finaluwsgiini" chown root: "$finaluwsgiini" - systemctl enable "uwsgi-app@$app.service" + systemctl enable "uwsgi-app@$app.socket" + systemctl start "uwsgi-app@$app.socket" systemctl daemon-reload # Add as a service - yunohost service add "uwsgi-app@$app.service" --log "/var/run/uwsgi/$app.socket" + yunohost service add "uwsgi-app@$app.socket" --log "/var/log/uwsgi/app/$app" } # Remove the dedicated uwsgi ini file # # usage: ynh_remove_systemd_config -ynh_remove_uwsgi_config () { +ynh_remove_uwsgi_service () { finaluwsgiini="/etc/uwsgi/apps-available/$app.ini" if [ -e "$finaluwsgiini" ]; then - systemctl stop "uwsgi-app@$app.service" - systemctl disable "uwsgi-app@$app.service" - yunohost service remove "uwsgi-app@$app.service" + systemctl stop "uwsgi-app@$app.socket" + systemctl disable "uwsgi-app@$app.socket" + yunohost service remove "uwsgi-app@$app.socket" ynh_secure_remove "$finaluwsgiini" fi @@ -107,7 +108,7 @@ ynh_check_if_checksum_is_different() { local checksum_value=$(ynh_app_setting_get $app $checksum_setting_name) local check=0 - if ! echo "$checksum_value $file" | sudo md5sum -c --status + if ! echo "$checksum_value $file" | md5sum -c --status then # If the checksum is now different check=1 fi diff --git a/scripts/backup b/scripts/backup index e86859f..66ecde5 100755 --- a/scripts/backup +++ b/scripts/backup @@ -55,9 +55,3 @@ ynh_backup "db.sql" #================================================= ynh_backup "/etc/cron.d/$app" - -#================================================= -# BACKUP THE UWSGI SERVICE -#================================================= - -ynh_backup "/etc/uwsgi/apps-available/$app.ini" diff --git a/scripts/install b/scripts/install index 3746de2..d8a2f09 100755 --- a/scripts/install +++ b/scripts/install @@ -177,7 +177,7 @@ EOF # SPECIFIC SETUP uwsgi #================================================= -ynh_add_uwsgi_config +ynh_add_uwsgi_service #================================================= # PIP INSTALLATION diff --git a/scripts/remove b/scripts/remove index 1b123ad..a8452b3 100755 --- a/scripts/remove +++ b/scripts/remove @@ -58,7 +58,7 @@ ynh_secure_remove "/etc/cron.d/$app" # REMOVE uwsgi and systemd files #================================================= -ynh_remove_uwsgi_config +ynh_remove_uwsgi_service #================================================= # GENERIC FINALIZATION diff --git a/scripts/restore b/scripts/restore index 67a3b1b..89c02a6 100755 --- a/scripts/restore +++ b/scripts/restore @@ -90,17 +90,7 @@ ynh_psql_execute_file_as_root ./db.sql "$db_name" # RESTORE THE SERVICE #================================================= -ynh_restore_file "/etc/uwsgi/apps-available/$app.ini" - -ynh_check_global_uwsgi_config - -systemctl enable "uwsgi-app@$app.service" - -#================================================= -# ADVERTISE SERVICE IN ADMIN PANEL -#================================================= - -yunohost service add "uwsgi-app@$app.service" +ynh_add_uwsgi_service #================================================= # RESTORE THE CRON FILE diff --git a/scripts/upgrade b/scripts/upgrade index 763c349..2151195 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -117,10 +117,7 @@ chsh --shell /bin/bash "$app" # SPECIFIC SETUP uwsgi #================================================= -ynh_add_uwsgi_config - -# Add weblate as a service -yunohost service add "uwsgi-app@$app.service" +ynh_add_uwsgi_service #================================================= # PIP INSTALLATION