-
Notifications
You must be signed in to change notification settings - Fork 1k
/
Copy pathMakefile
239 lines (218 loc) · 9.71 KB
/
Makefile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
SHELL := /bin/bash
CURRENT_UID := $(shell id -u)
CURRENT_GID := $(shell id -g)
newsblur := $(shell gtimeout 2s docker ps -qf "name=newsblur_web")
.PHONY: node
nb: pull bounce migrate bootstrap collectstatic
metrics:
RUNWITHMAKEBUILD=True CURRENT_UID=${CURRENT_UID} CURRENT_GID=${CURRENT_GID} docker compose -f docker-compose.yml -f docker-compose.metrics.yml up -d
collectstatic:
rm -fr static
docker pull newsblur/newsblur_deploy
docker run --rm -v $(shell pwd):/srv/newsblur newsblur/newsblur_deploy
#creates newsblur, builds new images, and creates/refreshes SSL keys
bounce:
RUNWITHMAKEBUILD=True CURRENT_UID=${CURRENT_UID} CURRENT_GID=${CURRENT_GID} docker compose down
[[ -d config/certificates ]] && echo "keys exist" || make keys
RUNWITHMAKEBUILD=True CURRENT_UID=${CURRENT_UID} CURRENT_GID=${CURRENT_GID} docker compose up -d --build --remove-orphans
bootstrap:
docker exec newsblur_web ./manage.py loaddata config/fixtures/bootstrap.json
nbup:
RUNWITHMAKEBUILD=True CURRENT_UID=${CURRENT_UID} CURRENT_GID=${CURRENT_GID} docker compose up -d --build --remove-orphans
coffee:
coffee -c -w **/*.coffee
migrations:
docker exec -it newsblur_web ./manage.py makemigrations
makemigration: migrations
makemigrations: migrations
datamigration:
docker exec -it newsblur_web ./manage.py makemigrations --empty $(app)
migration: migrations
migrate:
docker exec -it newsblur_web ./manage.py migrate
shell:
docker exec -it newsblur_web ./manage.py shell_plus
bash:
docker exec -it newsblur_web bash
# allows user to exec into newsblur_web and use pdb.
debug:
docker attach ${newsblur}
log:
RUNWITHMAKEBUILD=True docker compose logs -f --tail 20 newsblur_web newsblur_node
logweb:
RUNWITHMAKEBUILD=True docker compose logs -f --tail 20 newsblur_web newsblur_node task_celery
logcelery:
RUNWITHMAKEBUILD=True docker compose logs -f --tail 20 task_celery
logtask: logcelery
logmongo:
RUNWITHMAKEBUILD=True docker compose logs -f db_mongo
alllogs:
RUNWITHMAKEBUILD=True docker compose logs -f --tail 20
logall: alllogs
mongo:
docker exec -it db_mongo mongo --port 29019
redis:
docker exec -it db_redis redis-cli -p 6579
postgres:
docker exec -it db_postgres psql -U newsblur
stripe:
stripe listen --forward-to localhost/zebra/webhooks/v2/
down:
RUNWITHMAKEBUILD=True docker compose -f docker-compose.yml -f docker-compose.metrics.yml down
nbdown: down
jekyll:
cd blog && bundle exec jekyll serve
jekyll_drafts:
cd blog && bundle exec jekyll serve --drafts
lint:
docker exec -it newsblur_web isort --profile black .
docker exec -it newsblur_web black --line-length 110 .
docker exec -it newsblur_web flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics --exclude=venv
jekyll_build:
cd blog && bundle exec jekyll build
# runs tests
test:
RUNWITHMAKEBUILD=True CURRENT_UID=${CURRENT_UID} CURRENT_GID=${CURRENT_GID} TEST=True docker compose -f docker-compose.yml up -d newsblur_web
RUNWITHMAKEBUILD=True CURRENT_UID=${CURRENT_UID} CURRENT_GID=${CURRENT_GID} docker compose exec newsblur_web bash -c "NOSE_EXCLUDE_DIRS=./vendor DJANGO_SETTINGS_MODULE=newsblur_web.test_settings python3 manage.py test -v 3 --failfast"
keys:
mkdir config/certificates
openssl dhparam -out config/certificates/dhparam-2048.pem 2048
openssl req -x509 -nodes -new -sha256 -days 1024 -newkey rsa:2048 -keyout config/certificates/RootCA.key -out config/certificates/RootCA.pem -subj "/C=US/CN=Example-Root-CA"
openssl x509 -outform pem -in config/certificates/RootCA.pem -out config/certificates/RootCA.crt
openssl req -new -nodes -newkey rsa:2048 -keyout config/certificates/localhost.key -out config/certificates/localhost.csr -subj "/C=US/ST=YourState/L=YourCity/O=Example-Certificates/CN=localhost"
openssl x509 -req -sha256 -days 1024 -in config/certificates/localhost.csr -CA config/certificates/RootCA.pem -CAkey config/certificates/RootCA.key -CAcreateserial -out config/certificates/localhost.crt
cat config/certificates/localhost.crt config/certificates/localhost.key > config/certificates/localhost.pem
sudo /usr/bin/security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain ./config/certificates/RootCA.crt
# Doesn't work yet
mkcert:
mkdir config/mkcert
docker run -v $(shell pwd)/config/mkcert:/root/.local/share/mkcert brunopadz/mkcert-docker:latest \
/bin/sh -c "mkcert -install && \
mkcert -cert-file /root/.local/share/mkcert/mkcert.pem \
-key-file /root/.local/share/mkcert/mkcert.key localhost"
cat config/mkcert/rootCA.pem config/mkcert/rootCA-key.pem > config/certificates/localhost.pem
sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain ./config/mkcert/rootCA.pem
# Digital Ocean / Terraform
list:
doctl -t `cat /srv/secrets-newsblur/keys/digital_ocean.token` compute droplet list
sizes:
doctl -t `cat /srv/secrets-newsblur/keys/digital_ocean.token` compute size list
size: sizes
ratelimit:
doctl -t `cat /srv/secrets-newsblur/keys/digital_ocean.token` account ratelimit
ansible-deps:
ansible-galaxy install -p roles -r ansible/roles/requirements.yml --roles-path ansible/roles
tfrefresh:
terraform -chdir=terraform refresh
plan:
terraform -chdir=terraform plan -refresh=false
apply:
terraform -chdir=terraform apply -refresh=false -parallelism=15
inventory:
./ansible/utils/generate_inventory.py
oldinventory:
OLD=1 ./ansible/utils/generate_inventory.py
hinventory:
./ansible/utils/generate_hetzner_inventory.py
# Docker
pull:
docker pull newsblur/newsblur_python3
docker pull newsblur/newsblur_node
docker pull newsblur/newsblur_monitor
local_build_web:
# docker buildx build --load . --file=docker/newsblur_base_image.Dockerfile --tag=newsblur/newsblur_python3
docker build . --file=docker/newsblur_base_image.Dockerfile --tag=newsblur/newsblur_python3
build_web:
docker buildx build . --platform linux/amd64,linux/arm64 --file=docker/newsblur_base_image.Dockerfile --tag=newsblur/newsblur_python3
build_node:
docker buildx build . --platform linux/amd64,linux/arm64 --file=docker/node/Dockerfile --tag=newsblur/newsblur_node
build_monitor:
docker buildx build . --platform linux/amd64,linux/arm64 --file=docker/monitor/Dockerfile --tag=newsblur/newsblur_monitor
build_deploy:
docker buildx build . --platform linux/amd64,linux/arm64 --file=docker/newsblur_deploy.Dockerfile --tag=newsblur/newsblur_deploy
build: build_web build_node build_monitor build_deploy
push_web:
docker buildx build . --push --platform linux/amd64,linux/arm64 --file=docker/newsblur_base_image.Dockerfile --tag=newsblur/newsblur_python3
push_node:
docker buildx build . --push --platform linux/amd64,linux/arm64 --file=docker/node/Dockerfile --tag=newsblur/newsblur_node
push_monitor:
docker buildx build . --push --platform linux/amd64,linux/arm64 --file=docker/monitor/Dockerfile --tag=newsblur/newsblur_monitor
push_deploy:
docker buildx build . --push --platform linux/amd64,linux/arm64 --file=docker/newsblur_deploy.Dockerfile --tag=newsblur/newsblur_deploy
push_images: push_web push_node push_monitor push_deploy
push: push_images
# Tasks
deploy_web:
ansible-playbook ansible/deploy.yml -l app
deploy: deploy_web
app: deploy_web
web: deploy_web
deploy_static:
ansible-playbook ansible/deploy.yml -l app --tags static
static: deploy_static
deploy_node:
ansible-playbook ansible/deploy.yml -l node
node: deploy_node
deploy_task:
ansible-playbook ansible/deploy.yml -l task
task: deploy_task
celery: deploy_task
deploy_www:
ansible-playbook ansible/deploy.yml -l haproxy
www: deploy_www
deploy_work:
ansible-playbook ansible/deploy.yml -l work
work: deploy_work
deploy_monitor:
ansible-playbook ansible/deploy.yml -l db
monitor: deploy_monitor
deploy_staging:
ansible-playbook ansible/deploy.yml -l staging
staging: deploy_staging
deploy_staging_static: staging_static
staging_static:
ansible-playbook ansible/deploy.yml -l staging --tags static
celery_stop:
ansible-playbook ansible/deploy.yml -l task --tags stop
sentry:
ansible-playbook ansible/setup.yml -l sentry -t sentry
maintenance_on:
ansible-playbook ansible/deploy.yml -l web --tags maintenance_on
maintenance_off:
ansible-playbook ansible/deploy.yml -l web --tags maintenance_off
# Provision
firewall:
ansible-playbook ansible/all.yml -l db --tags ufw
oldfirewall:
ANSIBLE_CONFIG=/srv/newsblur/ansible.old.cfg ansible-playbook ansible/all.yml -l db --tags firewall
repairmongo:
sudo docker run -v "/srv/newsblur/docker/volumes/db_mongo:/data/db" mongo:4.0 mongod --repair --dbpath /data/db
mongodump:
docker exec -it db_mongo mongodump --port 29019 -d newsblur -o /data/mongodump
cp -fr docker/volumes/db_mongo/mongodump docker/volumes/mongodump
# docker exec -it db_mongo cp -fr /data/db/mongodump /data/mongodump
# docker exec -it db_mongo rm -fr /data/db/
mongorestore:
cp -fr docker/volumes/mongodump docker/volumes/db_mongo/
docker exec -it db_mongo mongorestore --port 29019 -d newsblur /data/db/mongodump/newsblur
pgrestore:
docker exec -it db_postgres bash -c "psql -U newsblur -c 'CREATE DATABASE newsblur_prod;'; pg_restore -U newsblur --role=newsblur --dbname=newsblur_prod /var/lib/postgresql/data/backup_postgresql_2023-10-10-04-00.sql.sql"
redisrestore:
docker exec -it db_redis bash -c "redis-cli -p 6579 --pipe < /data/backup_db_redis_user_2023-10-21-04-00.rdb.gz"
docker exec -it db_redis bash -c "redis-cli -p 6579 --pipe < /data/backup_db_redis_story2_2023-10-21-04-00.rdb.gz"
index_feeds:
docker exec -it newsblur_web ./manage.py index_feeds
index_stories:
docker exec -it newsblur_web ./manage.py index_stories -R
# performance tests
perf-cli:
locust -f perf/locust.py --headless -u $(users) -r $(rate) --run-time 5m --host=$(host)
perf-ui:
locust -f perf/locust.py
perf-docker:
docker build . --file=./perf/Dockerfile --tag=perf-docker
docker run -it -p 8089:8089 perf-docker locust -f locust.py
clean:
find . -name \*.pyc -delete
grafana-dashboards:
python3 utils/grafana_backup.py