2021-09-05 17:10:14 +00:00
|
|
|
#!/bin/bash
|
|
|
|
# startup script inside the container for tubearchivist
|
|
|
|
|
2021-10-28 08:49:58 +00:00
|
|
|
if [[ -z "$ELASTIC_USER" ]]; then
|
|
|
|
export ELASTIC_USER=elastic
|
|
|
|
fi
|
|
|
|
|
Fix repeated superuser creations after rename/removal (#263)
* Avoid creating superuser if variables are removed
Enables the removal of `TA_USERNAME` and/or `TA_PASSWORD` as a way of
preventing an additional superuser being created when another exists.
In the old code, `ELASTIC_USER` would never error due to the default, so
this replaces the loop with one requirement on `ELASTIC_PASSWORD`.
* Use .superuser_created to prevent re-creation
Creates an empty `.superuser_created` file after successful creation,
and uses this to skip the command on future runs. If the file doesn't
exist, then `TA_USERNAME` and `TA_PASSWORD` will also be required.
* The superuser password can't be empty
...well—it *can*—but the password input of the login form requires a
value so even though the account is created, you can't actually login.
* Parse createsuperuser output for 'exists' error
If a user already exists with the same name as the superuser being
created, the command fails with "Error: That name is already taken".
It's probably safe to assume that user is the one we expect. This parses
the output, treating it as successful so it can be skipped next time.
If it hits the catch-all, something probably failed so we exit.
* Use the cache for persistence
Updates the .superuser_created file to be placed in /cache so that it
gets persisted in a volume between config tweaks and container rebuilds.
Also makes `TA_PASSWORD` required always, because it seems to be needed
by tubearchivist/config/settings.py to generate a secret key.
* Let it work outside Docker
If /cache doesn't exist (i.e. when it's not running in Docker), this
falls back to a `cache` dir in the current working directory instead.
Also renames the file to 'initsu.lock' rather than having it hidden.
* Use flexible fallback path for `celery` command
2022-06-22 11:29:46 +00:00
|
|
|
cachedir=/cache
|
|
|
|
[[ -d $cachedir ]] || cachedir=.
|
|
|
|
lockfile=${cachedir}/initsu.lock
|
|
|
|
|
|
|
|
required="Missing required environment variable"
|
|
|
|
[[ -f $lockfile ]] || : "${TA_USERNAME:?$required}"
|
|
|
|
: "${TA_PASSWORD:?$required}"
|
|
|
|
: "${ELASTIC_PASSWORD:?$required}"
|
2022-07-14 10:26:10 +00:00
|
|
|
: "${TA_HOST:?$required}"
|
2021-10-28 09:17:47 +00:00
|
|
|
|
2021-12-16 10:42:59 +00:00
|
|
|
# ugly nginx and uwsgi port overwrite with env vars
|
|
|
|
if [[ -n "$TA_PORT" ]]; then
|
2022-04-01 04:43:24 +00:00
|
|
|
sed -i "s/8000/$TA_PORT/g" /etc/nginx/sites-available/default
|
2021-12-16 10:42:59 +00:00
|
|
|
fi
|
|
|
|
|
|
|
|
if [[ -n "$TA_UWSGI_PORT" ]]; then
|
2022-04-01 04:43:24 +00:00
|
|
|
sed -i "s/8080/$TA_UWSGI_PORT/g" /etc/nginx/sites-available/default
|
2021-12-16 10:42:59 +00:00
|
|
|
sed -i "s/8080/$TA_UWSGI_PORT/g" /app/uwsgi.ini
|
|
|
|
fi
|
|
|
|
|
2021-10-28 09:17:47 +00:00
|
|
|
# wait for elasticsearch
|
2021-09-05 17:10:14 +00:00
|
|
|
counter=0
|
2021-10-28 08:49:58 +00:00
|
|
|
until curl -u "$ELASTIC_USER":"$ELASTIC_PASSWORD" "$ES_URL" -fs; do
|
2021-09-05 17:10:14 +00:00
|
|
|
echo "waiting for elastic search to start"
|
|
|
|
counter=$((counter+1))
|
|
|
|
if [[ $counter -eq 12 ]]; then
|
2021-10-25 06:23:54 +00:00
|
|
|
# fail after 2 min
|
2021-09-05 17:10:14 +00:00
|
|
|
echo "failed to connect to elastic search, exiting..."
|
2022-08-19 11:51:16 +00:00
|
|
|
curl -v -u "$ELASTIC_USER":"$ELASTIC_PASSWORD" "$ES_URL"?pretty
|
2021-09-05 17:10:14 +00:00
|
|
|
exit 1
|
|
|
|
fi
|
2021-10-25 06:23:54 +00:00
|
|
|
sleep 10
|
2021-09-05 17:10:14 +00:00
|
|
|
done
|
|
|
|
|
2021-10-28 09:17:47 +00:00
|
|
|
# start python application
|
2021-10-21 12:33:27 +00:00
|
|
|
python manage.py makemigrations
|
2021-09-05 17:10:14 +00:00
|
|
|
python manage.py migrate
|
Fix repeated superuser creations after rename/removal (#263)
* Avoid creating superuser if variables are removed
Enables the removal of `TA_USERNAME` and/or `TA_PASSWORD` as a way of
preventing an additional superuser being created when another exists.
In the old code, `ELASTIC_USER` would never error due to the default, so
this replaces the loop with one requirement on `ELASTIC_PASSWORD`.
* Use .superuser_created to prevent re-creation
Creates an empty `.superuser_created` file after successful creation,
and uses this to skip the command on future runs. If the file doesn't
exist, then `TA_USERNAME` and `TA_PASSWORD` will also be required.
* The superuser password can't be empty
...well—it *can*—but the password input of the login form requires a
value so even though the account is created, you can't actually login.
* Parse createsuperuser output for 'exists' error
If a user already exists with the same name as the superuser being
created, the command fails with "Error: That name is already taken".
It's probably safe to assume that user is the one we expect. This parses
the output, treating it as successful so it can be skipped next time.
If it hits the catch-all, something probably failed so we exit.
* Use the cache for persistence
Updates the .superuser_created file to be placed in /cache so that it
gets persisted in a volume between config tweaks and container rebuilds.
Also makes `TA_PASSWORD` required always, because it seems to be needed
by tubearchivist/config/settings.py to generate a secret key.
* Let it work outside Docker
If /cache doesn't exist (i.e. when it's not running in Docker), this
falls back to a `cache` dir in the current working directory instead.
Also renames the file to 'initsu.lock' rather than having it hidden.
* Use flexible fallback path for `celery` command
2022-06-22 11:29:46 +00:00
|
|
|
|
|
|
|
if [[ -f $lockfile ]]; then
|
|
|
|
echo -e "\e[33;1m[WARNING]\e[0m This is not the first run! Skipping" \
|
|
|
|
"superuser creation.\nTo force it, remove $lockfile"
|
|
|
|
else
|
|
|
|
export DJANGO_SUPERUSER_PASSWORD=$TA_PASSWORD
|
|
|
|
output="$(python manage.py createsuperuser --noinput --name "$TA_USERNAME" 2>&1)"
|
|
|
|
|
|
|
|
case "$output" in
|
|
|
|
*"Superuser created successfully"*)
|
|
|
|
echo "$output" && touch $lockfile ;;
|
|
|
|
*"That name is already taken."*)
|
|
|
|
echo "Superuser already exists. Creation will be skipped on next start."
|
|
|
|
touch $lockfile ;;
|
|
|
|
*) echo "$output" && exit 1
|
|
|
|
esac
|
|
|
|
fi
|
2021-10-25 12:28:05 +00:00
|
|
|
|
2021-09-16 14:59:36 +00:00
|
|
|
python manage.py collectstatic --noinput -c
|
2021-09-05 17:10:14 +00:00
|
|
|
nginx &
|
2021-09-13 15:18:03 +00:00
|
|
|
celery -A home.tasks worker --loglevel=INFO &
|
2021-12-08 09:15:25 +00:00
|
|
|
celery -A home beat --loglevel=INFO \
|
Fix repeated superuser creations after rename/removal (#263)
* Avoid creating superuser if variables are removed
Enables the removal of `TA_USERNAME` and/or `TA_PASSWORD` as a way of
preventing an additional superuser being created when another exists.
In the old code, `ELASTIC_USER` would never error due to the default, so
this replaces the loop with one requirement on `ELASTIC_PASSWORD`.
* Use .superuser_created to prevent re-creation
Creates an empty `.superuser_created` file after successful creation,
and uses this to skip the command on future runs. If the file doesn't
exist, then `TA_USERNAME` and `TA_PASSWORD` will also be required.
* The superuser password can't be empty
...well—it *can*—but the password input of the login form requires a
value so even though the account is created, you can't actually login.
* Parse createsuperuser output for 'exists' error
If a user already exists with the same name as the superuser being
created, the command fails with "Error: That name is already taken".
It's probably safe to assume that user is the one we expect. This parses
the output, treating it as successful so it can be skipped next time.
If it hits the catch-all, something probably failed so we exit.
* Use the cache for persistence
Updates the .superuser_created file to be placed in /cache so that it
gets persisted in a volume between config tweaks and container rebuilds.
Also makes `TA_PASSWORD` required always, because it seems to be needed
by tubearchivist/config/settings.py to generate a secret key.
* Let it work outside Docker
If /cache doesn't exist (i.e. when it's not running in Docker), this
falls back to a `cache` dir in the current working directory instead.
Also renames the file to 'initsu.lock' rather than having it hidden.
* Use flexible fallback path for `celery` command
2022-06-22 11:29:46 +00:00
|
|
|
-s "${BEAT_SCHEDULE_PATH:-${cachedir}/celerybeat-schedule}" &
|
2021-09-05 17:10:14 +00:00
|
|
|
uwsgi --ini uwsgi.ini
|