From 8ba685cc50ee333cf764181e82096c80ece4ab28 Mon Sep 17 00:00:00 2001 From: Revant Nandgaonkar Date: Tue, 12 Sep 2023 14:27:24 +0530 Subject: [PATCH 1/7] feat: allow custom image in easy install --- easy-install.py | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/easy-install.py b/easy-install.py index f703419f3..1b188b302 100755 --- a/easy-install.py +++ b/easy-install.py @@ -114,7 +114,7 @@ def check_repo_exists() -> bool: return os.path.exists(os.path.join(os.getcwd(), "frappe_docker")) -def setup_prod(project: str, sites, email: str, version: str = None) -> None: +def setup_prod(project: str, sites, email: str, version: str = None, image = None) -> None: if check_repo_exists(): compose_file_name = os.path.join(os.path.expanduser("~"), f"{project}-compose.yml") docker_repo_path = os.path.join(os.getcwd(), "frappe_docker") @@ -125,6 +125,11 @@ def setup_prod(project: str, sites, email: str, version: str = None) -> None: admin_pass = "" db_pass = "" with open(compose_file_name, "w") as f: + if image: + filedata = f.read() + filedata = filedata.replace("image: frappe/erpnext", f"image: {image}") + f.write(filedata) + # Writing to compose file if not os.path.exists(os.path.join(docker_repo_path, ".env")): admin_pass = generate_pass() @@ -199,7 +204,7 @@ def setup_prod(project: str, sites, email: str, version: str = None) -> None: else: install_docker() clone_frappe_docker_repo() - setup_prod(project, sites, email, version) # Recursive + setup_prod(project, sites, email, version, image) # Recursive def setup_dev_instance(project: str): @@ -321,6 +326,7 @@ def create_site( dest="sites", ) parser.add_argument("-n", "--project", help="Project Name", default="frappe") + parser.add_argument("-i", "--image", help="Full Image Name") parser.add_argument( "--email", help="Add email for the SSL.", required="--prod" in sys.argv ) @@ -338,6 +344,6 @@ def create_site( if "example.com" in args.email: cprint("Emails with example.com not acceptable", level=1) sys.exit(1) - setup_prod(args.project, args.sites, args.email, args.version) + setup_prod(args.project, args.sites, args.email, args.version, args.image) else: parser.print_help() From 697939e2058f7e7ad81b1aee4848c60402d6b46f Mon Sep 17 00:00:00 2001 From: David Arnold Date: Sat, 1 Jul 2023 14:41:25 -0500 Subject: [PATCH 2/7] fix: nodejs redis v4 interprets localhost as ipv6 address But the redis only binds to 127.0.0.1, not ::1. Avoid this problem by being explicit. --- bench/config/common_site_config.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bench/config/common_site_config.py b/bench/config/common_site_config.py index 0514c24ee..2d4ef2c3e 100644 --- a/bench/config/common_site_config.py +++ b/bench/config/common_site_config.py @@ -83,7 +83,7 @@ def update_config_for_frappe(config, bench_path): for key in ("redis_cache", "redis_queue", "redis_socketio"): if key not in config: - config[key] = f"redis://localhost:{ports[key]}" + config[key] = f"redis://127.0.0.1:{ports[key]}" for key in ("webserver_port", "socketio_port", "file_watcher_port"): if key not in config: From 672eca10a7b371394adffbdd129fbd2abad3bc41 Mon Sep 17 00:00:00 2001 From: Ankush Menat Date: Sat, 15 Jul 2023 18:51:50 +0530 Subject: [PATCH 3/7] test: fix expected failing tests --- bench/tests/test_init.py | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/bench/tests/test_init.py b/bench/tests/test_init.py index 30bb15723..f72a4c357 100755 --- a/bench/tests/test_init.py +++ b/bench/tests/test_init.py @@ -54,9 +54,9 @@ def test_multiple_benches(self): "webserver_port": 8000, "socketio_port": 9000, "file_watcher_port": 6787, - "redis_queue": "redis://localhost:11000", - "redis_socketio": "redis://localhost:13000", - "redis_cache": "redis://localhost:13000", + "redis_queue": "redis://127.0.0.1:11000", + "redis_socketio": "redis://127.0.0.1:13000", + "redis_cache": "redis://127.0.0.1:13000", }, ) @@ -66,9 +66,9 @@ def test_multiple_benches(self): "webserver_port": 8001, "socketio_port": 9001, "file_watcher_port": 6788, - "redis_queue": "redis://localhost:11001", - "redis_socketio": "redis://localhost:13001", - "redis_cache": "redis://localhost:13001", + "redis_queue": "redis://127.0.0.1:11001", + "redis_socketio": "redis://127.0.0.1:13001", + "redis_cache": "redis://127.0.0.1:13001", }, ) From f93f065ba3477c3316f21422406d0f65e813c8eb Mon Sep 17 00:00:00 2001 From: Revant Nandgaonkar Date: Fri, 22 Sep 2023 13:20:30 +0530 Subject: [PATCH 4/7] fix: image replace and site creation --- easy-install.py | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/easy-install.py b/easy-install.py index 1b188b302..326021211 100755 --- a/easy-install.py +++ b/easy-install.py @@ -1,6 +1,7 @@ #!/usr/bin/env python3 import argparse +import fileinput import logging import os import platform @@ -115,6 +116,9 @@ def check_repo_exists() -> bool: def setup_prod(project: str, sites, email: str, version: str = None, image = None) -> None: + if len(sites) == 0: + sites = ["site.localhost"] + if check_repo_exists(): compose_file_name = os.path.join(os.path.expanduser("~"), f"{project}-compose.yml") docker_repo_path = os.path.join(os.getcwd(), "frappe_docker") @@ -125,11 +129,6 @@ def setup_prod(project: str, sites, email: str, version: str = None, image = Non admin_pass = "" db_pass = "" with open(compose_file_name, "w") as f: - if image: - filedata = f.read() - filedata = filedata.replace("image: frappe/erpnext", f"image: {image}") - f.write(filedata) - # Writing to compose file if not os.path.exists(os.path.join(docker_repo_path, ".env")): admin_pass = generate_pass() @@ -176,6 +175,14 @@ def setup_prod(project: str, sites, email: str, version: str = None, image = Non logging.error("Docker Compose generation failed", exc_info=True) cprint("\nGenerating Compose File failed\n") sys.exit(1) + + # Use custom image + if image: + for line in fileinput.input(compose_file_name, inplace=True): + if "image: frappe/erpnext" in line: + line = line.replace("image: frappe/erpnext", f"image: {image}") + sys.stdout.write(line) + try: # Starting with generated compose file subprocess.run( @@ -321,7 +328,7 @@ def create_site( "-s", "--sitename", help="Site Name(s) for your production bench", - default=["site1.localhost"], + default=[], action="append", dest="sites", ) From fde7a8209dbdbb8b50b413fe1174ae62bb06b395 Mon Sep 17 00:00:00 2001 From: Revant Nandgaonkar Date: Fri, 22 Sep 2023 13:27:15 +0530 Subject: [PATCH 5/7] fix(easy-install): set default site to site1.localhost --- easy-install.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/easy-install.py b/easy-install.py index 326021211..e1890380e 100755 --- a/easy-install.py +++ b/easy-install.py @@ -117,7 +117,7 @@ def check_repo_exists() -> bool: def setup_prod(project: str, sites, email: str, version: str = None, image = None) -> None: if len(sites) == 0: - sites = ["site.localhost"] + sites = ["site1.localhost"] if check_repo_exists(): compose_file_name = os.path.join(os.path.expanduser("~"), f"{project}-compose.yml") From 8f3f1a48a651aa72c9072a7035410e1bc07539ec Mon Sep 17 00:00:00 2001 From: Akhil Narang Date: Wed, 4 Oct 2023 18:18:16 +0530 Subject: [PATCH 6/7] refactor(treewide): use `mariadb` commands and service instead of `mysql` Signed-off-by: Akhil Narang --- bench/commands/install.py | 7 ++++--- bench/commands/setup.py | 2 +- bench/playbooks/roles/mariadb/README.md | 4 ++-- bench/playbooks/roles/mariadb/handlers/main.yml | 4 ++-- bench/playbooks/roles/mariadb/tasks/main.yml | 6 +++--- .../roles/mariadb/tasks/mysql_secure_installation.yml | 10 +++++----- 6 files changed, 17 insertions(+), 16 deletions(-) diff --git a/bench/commands/install.py b/bench/commands/install.py index e86e94296..31ad59b66 100644 --- a/bench/commands/install.py +++ b/bench/commands/install.py @@ -25,9 +25,10 @@ def install_prerequisites(): @click.command( "mariadb", help="Install and setup MariaDB of specified version and root password" ) -@click.option("--mysql_root_password", "--mysql-root-password", default="") +@click.option("--mysql_root_password", "--mysql-root-password", + "--mariadb_root_password", "--mariadb-root-password", default="") @click.option("--version", default="10.3") -def install_maridb(mysql_root_password, version): +def install_mariadb(mysql_root_password, version): if mysql_root_password: extra_vars.update( { @@ -111,7 +112,7 @@ def install_failtoban(**kwargs): install.add_command(install_prerequisites) -install.add_command(install_maridb) +install.add_command(install_mariadb) install.add_command(install_wkhtmltopdf) install.add_command(install_nodejs) install.add_command(install_psutil) diff --git a/bench/commands/setup.py b/bench/commands/setup.py index 999f8dbd3..9b13c269a 100755 --- a/bench/commands/setup.py +++ b/bench/commands/setup.py @@ -358,7 +358,7 @@ def sync_domains(domain=None, site=None): @click.command("role", help="Install dependencies via ansible roles") @click.argument("role") @click.option("--admin_emails", default="") -@click.option("--mysql_root_password") +@click.option("--mysql_root_password", "--mariadb_root_password") @click.option("--container", is_flag=True, default=False) def setup_roles(role, **kwargs): extra_vars = {"production": True} diff --git a/bench/playbooks/roles/mariadb/README.md b/bench/playbooks/roles/mariadb/README.md index 72e423821..ad869194d 100644 --- a/bench/playbooks/roles/mariadb/README.md +++ b/bench/playbooks/roles/mariadb/README.md @@ -13,7 +13,7 @@ Debain 9 ## Post install -Run `mysql_secure_installation` +Run `mariadb-secure-installation` ## Requirements @@ -39,7 +39,7 @@ Configuration filename: mysql_conf_file: settings.cnf ``` -### Experimental unattended mysql_secure_installation +### Experimental unattended mariadb-secure-installation ``` ansible-playbook release.yml --extra-vars "mysql_secure_installation=true mysql_root_password=your_very_secret_password" diff --git a/bench/playbooks/roles/mariadb/handlers/main.yml b/bench/playbooks/roles/mariadb/handlers/main.yml index 3755d8ceb..6f737d913 100644 --- a/bench/playbooks/roles/mariadb/handlers/main.yml +++ b/bench/playbooks/roles/mariadb/handlers/main.yml @@ -1,3 +1,3 @@ --- -- name: restart mysql - service: name=mysql state=restarted +- name: restart mariadb + service: name=mariadb state=restarted diff --git a/bench/playbooks/roles/mariadb/tasks/main.yml b/bench/playbooks/roles/mariadb/tasks/main.yml index 8079583df..b4e145ad1 100644 --- a/bench/playbooks/roles/mariadb/tasks/main.yml +++ b/bench/playbooks/roles/mariadb/tasks/main.yml @@ -16,7 +16,7 @@ group: root mode: 0644 when: mysql_conf_tpl != 'change_me' and ansible_distribution != 'Debian' - notify: restart mysql + notify: restart mariadb - include_tasks: debian.yml when: ansible_distribution == 'Debian' @@ -29,7 +29,7 @@ group: root mode: 0644 when: mysql_conf_tpl != 'change_me' and ansible_distribution == 'Debian' - notify: restart mysql + notify: restart mariadb - name: Add additional conf for MariaDB 10.2 in mariadb.conf.d blockinfile: @@ -59,7 +59,7 @@ - name: Start and enable service service: - name: mysql + name: mariadb state: started enabled: yes diff --git a/bench/playbooks/roles/mariadb/tasks/mysql_secure_installation.yml b/bench/playbooks/roles/mariadb/tasks/mysql_secure_installation.yml index 4265375e0..032918740 100644 --- a/bench/playbooks/roles/mariadb/tasks/mysql_secure_installation.yml +++ b/bench/playbooks/roles/mariadb/tasks/mysql_secure_installation.yml @@ -19,28 +19,28 @@ - ::1 - name: Reload privilege tables - command: 'mysql -ne "{{ item }}"' + command: 'mariadb -ne "{{ item }}"' with_items: - FLUSH PRIVILEGES changed_when: False when: run_travis is not defined - name: Remove anonymous users - command: 'mysql -ne "{{ item }}"' + command: 'mariadb -ne "{{ item }}"' with_items: - DELETE FROM mysql.user WHERE User='' changed_when: False when: run_travis is not defined - name: Disallow root login remotely - command: 'mysql -ne "{{ item }}"' + command: 'mariadb -ne "{{ item }}"' with_items: - DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1') changed_when: False when: run_travis is not defined - name: Remove test database and access to it - command: 'mysql -ne "{{ item }}"' + command: 'mariadb -ne "{{ item }}"' with_items: - DROP DATABASE IF EXISTS test - DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%' @@ -48,7 +48,7 @@ when: run_travis is not defined - name: Reload privilege tables - command: 'mysql -ne "{{ item }}"' + command: 'mariadb -ne "{{ item }}"' with_items: - FLUSH PRIVILEGES changed_when: False From 53a8fedadc266a4ea9c02edc33480547857fc53b Mon Sep 17 00:00:00 2001 From: Ankush Menat Date: Thu, 19 Oct 2023 17:05:39 +0530 Subject: [PATCH 7/7] fix: override X-Forwarded-For address in bench manager --- bench/config/templates/bench_manager_nginx.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bench/config/templates/bench_manager_nginx.conf b/bench/config/templates/bench_manager_nginx.conf index 4f8426c9f..bab26e880 100644 --- a/bench/config/templates/bench_manager_nginx.conf +++ b/bench/config/templates/bench_manager_nginx.conf @@ -39,7 +39,7 @@ server { } location @webserver { - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Frappe-Site-Name {{ bench_manager_site_name }}; proxy_set_header Host {{ bench_manager_site_name }};