Skip to content

Run Weblate from container (sysadmin#17782)

Zen Furequested to merge
weblate-docker into master

!!! ATTENTION !!!

PLEASE DON'T MERGE WITHOUT SCHEDULING DOWNTIME FOR THE TRANSLATION PLATFORM
AND BEING PRESENT TO FIX POSSIBLE ISSUES DURING DEPLOYMENT.

!!! ATTENTION !!!

This MR uses the following Puppet Podman module: https://github.com/southalc/podman

  • Cleanup, small fixes and improve reproducibility
  • Remove config for everything which is provided by Weblate Docker image
  • Modify webserver to do reverse-proxying
  • Run Weblate from a Docker container
  • Make sure the host's weblate user/group match the container's
  • Port most of the configuration to Docker container environment variables
  • Configure e-mail sending (image bootstrap fails otherwise)
  • Use Podman instead of Docker
  • Sort bits not configurable through Docker container environment variables
    • Make sure Machine Translation is configured correctly
    • Verify configuration of writing pending commits to Git
    • Make sure auto-update from Git repository is turned off
    • Set default committer e-mail and name
    • Verify SSL/TLS settings (see sysadmin#17339 (closed) and 7edac30d)
  • Run our custom glue code using the codebase in the container.
  • Create weblate@mail.tails.boum.org as an alias to tails-weblate@boum.org for sending e-mail from Weblate
  • Fix pipeline
  • Write instructions to reproduce environment

Items to fix after 1st review:

  • Move the staging repo to /var/lib/weblate/repositories/staging.
  • Add comment about branch => "master" in integration repo.
  • Linting
  • Fix typ0s.
  • Remove libapache2-mod-wsgi-py3
  • Fix docker_pkg_ensure => 'absent'
  • Check re. HACKING documentation
  • Set DATA_DIR to /var/lib/weblate/data
  • Make secret parameters mandatory (i.e. do not provide defaults).
  • Fix mentions of MUTABLE_DATA_DIR to WEBLATE_HOME where appropriate.
  • Use local IP for connections to container and services.
  • Double check and document re. with_search => true !58 (comment 173717)
  • Move README-Weblate.md to: https://tails.boum.org/contribute/design/translation_platform/
  • Update CI env to Bullseye
  • Double check functioning of integration scripts and possible issues with permissions.

Non blocking:

  • Use RTL/non-latin language in CI → sysadmin#17859
  • Use r10k for creating CI env, and point to that in the corresponding issue: sysadmin#17854 (closed)
  • Consider alternatives for uid/gid passing around → standardized, but didn't use inheritance.

Deployment

  • Make sure to merge: tails!592 (merged)
  • Snapshot the filesystem and reinstall the VM using Bullseye.
Edited by Zen Fu

Merge request reports