Skip to content
Snippets Groups Projects

aurweb: update rollout for >= v6.0.0

Merged aurweb: update rollout for >= v6.0.0
kevr/infrastructure:aurweb-v6.0.0 into master
All threads resolved!
Merged Kevin Morris requested to merge kevr/infrastructure:aurweb-v6.0.0 into master
All threads resolved!

The long-awaited Python port of aurweb has been released (v6.0.0). There have been some patches since the initial release, bumping us up to v6.0.2 currently, and there will be more.

See https://gitlab.archlinux.org/archlinux/aurweb/-/tags for changelogs on each release version. These have been simplified to show what has changed from a user's perspective and not code-specific changes.

There are a few new ansible variables that must be defined:

  • aurweb_secret
    • A secret key dedicated to the aurweb instance used for SSO sessions
  • aurweb_asgi_bind
    • Address to bind gunicorn to ('127.0.0.1:8000')
  • aurweb_workers
    • Number of workers to use for gunicorn (5)
  • aurweb_postmaster
    • Email used for server error notifications. It is quite important to set this to an email who also has access to aur.archlinux.org's server logs, as server errors are notified given a hashed ID that can be used to locate the error in the logs.

New configuration options

  • [options] max_search_results
  • [options] salt_rounds
  • [options] redis_address
  • [options] traceback
  • [ratelimit] cache
  • [notifications] postmaster
  • [fastapi] session_secret
  • [devel] commit_url
  • [devel] commit_hash

Configuration changes

  • [options] cache
    • Added support for redis
    • Removed support for memcached
    • Removed support for apc

I highly suggest testing this on a deployment using the same playbook configuration on aur-dev.archlinux.org before deploying to aur.archlinux.org and checking to see that everything works as expected:

  • aurweb website
  • git repository
  • cgit
  • smartgit
  • maintenance timers

The following branches are now equivalent: master, live, pu. We'll be using the pu branch as a bugfix staging tree and attempting to keep master and live as close as possible; live should still be used for aur.archlinux.org deployments.

We'll be releasing patches and bumping a few minor releases soon, stay tuned for new features and fixes.

Immediate Plans (new features)

  • SSO support
  • Reduction of number of requests a single user can file against a package
  • Multi-section /{packages,pkgbase}/{name} side-panels
  • Archive differentials
    • Maybe library/toolkit to make this easier for end-users
  • Archive mimetypes
    • Support mime types based on the extension requested (.txt, .gz)
  • Archive signatures
    • We should provide a .sig file for each archive we maintain, containing a hash of the current archive
    • Along with this, we should be producing archives elsewhere, then mving them into the archive location; currently, archives can be corrupted on download due to time taken to produce the archive
  • Archives
    • Only update when needed
  • dir="rtl" HTML markup based on the selected language (for languages which support rtl)
  • Improve RPC's type=search performance

Suggestions

As I do not have access to the vault or other services in the Arch infrastructure, I would highly suggest testing this deployment on another machine, like aur-dev.archlinux.org. I made many modifications locally to test this out on a LAN ansible pair to test this personally.

It should be quite simple, as you can locally copy aur.archlinux.org.yml to aur-dev.archlinux.org.yml and try running aur-dev's playbook. If you do decide to do this (which would be quite nice), please let me know, as I can help QA the rollout.

Best, Kevin

Edited by Kevin Morris

Merge request reports

Loading
Loading

Activity

Filter activity
  • Approvals
  • Assignees & reviewers
  • Comments (from bots)
  • Comments (from users)
  • Commits & branches
  • Edits
  • Labels
  • Lock status
  • Mentions
  • Merge request status
  • Tracking
  • Kevin Morris added 2 commits

    added 2 commits

    • f3e20728 - change(aurweb): rework ansible config for 6.0.0
    • 97aae391 - update playbooks/aur.archlinux.org.yml

    Compare with previous version

  • Kevin Morris resolved all threads

    resolved all threads

  • Kevin Morris added 2 commits

    added 2 commits

    • 71bd402d - change(aurweb): rework ansible config for 6.0.0
    • 83ec2321 - update playbooks/aur.archlinux.org.yml

    Compare with previous version

  • Kristian Klausen added 45 commits

    added 45 commits

    • 83ec2321...0ebc955f - 40 commits from branch archlinux:master
    • e903f731 - change: run systemd services with poetry
    • 080cc1f7 - feat: add aurweb script wrappers
    • c25a8703 - change(aurweb): rework ansible config for 6.0.0
    • f48e5c45 - update playbooks/aur{,-dev}.archlinux.org.yml
    • 0305608f - aurweb: Add secrets for aurweb v6.0.0

    Compare with previous version

    Toggle commit list
  • Kevin Morris marked this merge request as ready

    marked this merge request as ready

  • Kristian Klausen added 1 commit

    added 1 commit

    • f31c673d - aurweb: Verify the commit is signed with Kevin's PGP key

    Compare with previous version

  • Kristian Klausen added 15 commits

    added 15 commits

    • f31c673d...4034c581 - 9 commits from branch archlinux:master
    • d4e421d3 - change: run systemd services with poetry
    • 36690639 - feat: add aurweb script wrappers
    • 92586d5b - change(aurweb): rework ansible config for 6.0.0
    • 521446dc - update playbooks/aur{,-dev}.archlinux.org.yml
    • 0eb112c6 - aurweb: Add secrets for aurweb v6.0.0
    • c2b1d1f4 - aurweb: Verify the commit is signed with Kevin's PGP key

    Compare with previous version

    Toggle commit list
  • Kristian Klausen mentioned in commit 66f56fe4

    mentioned in commit 66f56fe4

  • Kristian Klausen merged

    merged

  • Kristian Klausen mentioned in commit af5d4b84

    mentioned in commit af5d4b84

    • Please register or sign in to reply