deploy-weblate.sh 2.57 KB
Newer Older
1
#!/bin/bash
Zen Fu's avatar
Zen Fu committed
2
#
Zen Fu's avatar
Zen Fu committed
3
# Deploy Weblate using our Puppet code.
Zen Fu's avatar
Zen Fu committed
4
5
6

set -ex

7
8
9
10
11
12
13
DIRNAME=$( dirname ${0} )
WORKDIR=/tmp
MODULEPATH=${WORKDIR}/modules
PUPPET_APPLY="puppet apply --modulepath=${MODULEPATH}"

install_dependencies() {
	apt-get update
14
	apt-get -y install puppet git r10k curl python3-yaml
15
	mkdir -p ${MODULEPATH}
16
	r10k puppetfile install --puppetfile=${DIRNAME}/Puppetfile
17
18
19
20
21
22
23

	# We also want to have the code from this repository as a module.
	ln -sf $( git -C ${DIRNAME} rev-parse --show-toplevel ) ${MODULEPATH}/tails

	# On startup, the Weblate container checks if port 25 is open and
	# only return HTTP 400's if it's not.
	DEBIAN_FRONTEND=noninteractive apt-get -q -y install postfix
Zen Fu's avatar
Zen Fu committed
24
25
}

26
27
deploy_application() {

28
29
	# Puppet fails when it can't find mandatory class parameters, so we set
	# them here.
30
	for param in postgres_password weblate_admin_password weblate_secret_key redis_password; do
31
		if ! cat ${MODULEPATH}/tails/data/common.yaml | python3 -c "import yaml, sys; sys.exit(int('tails::weblate::${param}' not in yaml.safe_load(sys.stdin)))"; then
32
33
34
			echo "tails::weblate::${param}: insecure" >> ${MODULEPATH}/tails/data/common.yaml
		fi
	done
35

36
	# In order for the scripts to be available inside the container, their
Zen Fu's avatar
Zen Fu committed
37
	# directory needs to be passed on container creation.
38
39
40
41
	SCRIPTS_DIR="$( git -C ${DIRNAME} rev-parse --show-toplevel )/files/weblate/scripts"

	# The first run below fails because of how the Puppet Podman module is
	# written: a container service reload is attempted before systemd is
Zen Fu's avatar
Zen Fu committed
42
	# actually aware of the newly created `podman-weblate.service` unit
43
	# file.
44
45
	${PUPPET_APPLY} -e "include apt; class { 'tails::weblate': podman_extra_volumes => ['${SCRIPTS_DIR}:/scripts:Z'] }"
	${PUPPET_APPLY} -e "include apt; class { 'tails::weblate': podman_extra_volumes => ['${SCRIPTS_DIR}:/scripts:Z'] }"
Zen Fu's avatar
Zen Fu committed
46
47
}

48
49
wait_for_application() {

50
	DOMAIN="translate.tails.boum.org"  # Otherwise app returns HTTP 400
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
	WAITED=0
	TIMEOUT=300
	SLEEP=10

	# Weblate takes a while to come up, so we want to proceed only after it
	# returns success on HTTP. We use port 80 because that's where Nginx is
	# listening, so the reverse proxy must also be working.
	while ! curl -f -s -I --resolve ${DOMAIN}:80:127.0.0.1 http://${DOMAIN}:80; do
		[ ${WAITED} -eq ${TIMEOUT} ] && break
		#sudo -u weblate podman logs weblate | tail
		echo "Waiting for application... (${WAITED}/${TIMEOUT})"
		WAITED=$(( ${WAITED} + ${SLEEP} ))
		sleep ${SLEEP};
	done

	[ ${WAITED} -lt ${TIMEOUT} ] || exit 1
	echo "Application is up!"
Zen Fu's avatar
Zen Fu committed
68
69
}

Zen Fu's avatar
Zen Fu committed
70
deploy_weblate() {
Zen Fu's avatar
Zen Fu committed
71
	install_dependencies
72
73
	deploy_application
	wait_for_application
Zen Fu's avatar
Zen Fu committed
74
75
76
}

main() {
Zen Fu's avatar
Zen Fu committed
77
	deploy_weblate
Zen Fu's avatar
Zen Fu committed
78
79
80
}

main