WIP: trigger nixops from panel #246

kiara · 2025-03-12T16:33:22+01:00

kiara commented

2025-03-12 16:33:22 +01:00

closes #76.

As a workaround to pass info (from our user form) into nixops4 uses environment variable DEPLOYMENT thru nix's --extra-experimental-features configurable-impure-env.

Things to be tested:

manual deployment (make sure to use nix over lix):

DEPLOYMENT='{"domain": "fediversity.net", "mastodon": {"enable": false}, "pixelfed": {"enable": true}, "peertube": {"enable": false}, "initialUser": {"displayName": "Testy McTestface", "username": "test", "password": "testtest", "email": "test@test.com"}}' nix develop --extra-experimental-features "configurable-impure-env" --command nixops4 apply test

deploy button works in development (cd panel; nix-shell; manage runserver -> trigger deploy button in form at 127.0.0.1:8000)
deploy button works in production (nix develop; nixops4 apply -> trigger deploy button in form at https://demo.fediversity.eu/)
- status: despite seemingly successful deploy to demo causes HTTP 502 (before being able to load the panel to press buttons)
make automated test

closes #76. As a workaround to pass info (from our user form) into nixops4 uses environment variable `DEPLOYMENT` thru nix's `--extra-experimental-features configurable-impure-env`. Things to be tested: - [x] manual deployment (make sure to use nix over lix): ```sh DEPLOYMENT='{"domain": "fediversity.net", "mastodon": {"enable": false}, "pixelfed": {"enable": true}, "peertube": {"enable": false}, "initialUser": {"displayName": "Testy McTestface", "username": "test", "password": "testtest", "email": "test@test.com"}}' nix develop --extra-experimental-features "configurable-impure-env" --command nixops4 apply test ``` - [x] deploy button works in development (`cd panel; nix-shell; manage runserver` -> trigger deploy button in form at 127.0.0.1:8000) - [ ] deploy button works in production (`nix develop; nixops4 apply` -> trigger deploy button in form at https://demo.fediversity.eu/) - status: despite seemingly successful deploy to demo causes HTTP 502 (before being able to load the panel to press buttons) - [ ] make automated test

kiara added 8 commits 2025-03-12 16:33:24 +01:00

add basic service configuration f39ec4bfb5

- test the form interaction for a fixed schema version
- also add a database migration missed in the last commit

WIP: trigger nixops from panel 001deaea96

Closes #76.

Note I had not yet manage to successfully test this.

Manually trying the parameterized NixOps4 I tried using the following
command, tho I had yet to get this to work as well:

```sh
DEPLOYMENT='{"domain": "fediversity.net", "mastodon": {"enable": false},
"pixelfed": {"enable": true}, "peertube": {"enable": false}}' nix
develop --extra-experimental-features "configurable-impure-env"
--command nixops4 apply test
```

(or rather, I used a hardcoded Nix here so as to make it not use Lix.)

So far this had failed for me with:

```
the following units failed:
acme-mastodon.web.garage.fediversity.net.service
...
nixops4 error: Failed to create resource garage-configuration
```

Convert configuration form to json 00a8664706

WIP: Get nix in scope

add NIX_DIR 6fe196027d

Pass REPO_DIR implicitly ba17f6d393

Remove addding nixpkgs (did not fix the issue) 5033a757b5

pass self thru in flake 1995850663

use imputs over self 69433b3596

kiara added 1 commit 2025-03-13 13:29:32 +01:00

pass flake path as inputs.self.outPath? 49e1799d70

kiara added 1 commit 2025-03-13 13:50:55 +01:00

move from documenting to automating configurable-impure-env 481dcf3223

kiara referenced this pull request

2025-03-13 15:30:38 +01:00

add basic service configuration #236

kiara force-pushed stitching from 481dcf3223 to 40060f19b6

2025-03-13 15:34:02 +01:00

Compare

kiara added 1 commit 2025-03-13 16:30:44 +01:00

add openssh to devshell, as seemingly needed to trigger nixops4 by flake in django 425f236805

kiara referenced this pull request

2025-03-17 09:01:36 +01:00

WIP: trigger nixops from panel #211

kiara added 1 commit 2025-03-17 13:24:29 +01:00

default form to .net as .eu subdomains are used for live services 821cc89a13

kiara added 1 commit 2025-03-17 13:51:03 +01:00

pass in dummy initialUser to trigger orchestration from the panel 647c50f5ee

kiara added 1 commit 2025-03-17 14:10:32 +01:00

comment fediversity.eu option as its subdomains named after our services are used for production instances 2ad7629d44

08d109cc82/services/fediversity/sharedOptions.nix (L44)

kiara added 1 commit 2025-03-17 14:23:37 +01:00

import the regular way, fixing error: attribute 'age' missing 561d50cf50

kiara force-pushed stitching from 561d50cf50 to f50ee049f2

2025-03-17 15:13:31 +01:00

Compare

kevin commented

2025-03-18 09:06:33 +01:00

the reason why there is a 502 seems to be the following

The nginx log seems to get a connection refused from the panel

Mar 18 08:40:15 fedi201 nginx[32351]: 2025/03/18 08:40:15 [error] 32351#32351: *2983 connect() failed (111: Connection refused) while connecting to upstream, client: 185.206.232.76, server: demo.fediversity.eu, request: "GET / HTTP/2.0>
Mar 18 08:40:15 fedi201 nginx[32351]: 2025/03/18 08:40:15 [error] 32351#32351: *2983 connect() failed (111: Connection refused) while connecting to upstream, client: 185.206.232.76, server: demo.fediversity.eu, request: "GET / HTTP/2.0>
Mar 18 08:48:02 fedi201 nginx[32351]: 2025/03/18 08:48:02 [error] 32351#32351: *2986 connect() failed (111: Connection refused) while connecting to upstream, client: 95.214.53.106, server: demo.fediversity.eu, request: "GET / HTTP/1.1">

which make sense since de the panel service is failed

[root@fedi201:~]# systemctl status panel
× panel.service - panel ASGI server
     Loaded: loaded (/etc/systemd/system/panel.service; enabled; preset: ignored)
     Active: failed (Result: exit-code) since Tue 2025-03-18 08:56:27 CET; 8min ago
   Duration: 382ms
 Invocation: d59a00cf7d1242e9a34db686336214ab
    Process: 38838 ExecStartPre=/nix/store/c9rsxyyg5mvjnp4qyq2k016qfw8r6iac-unit-script-panel-pre-start/bin/panel-pre-start (code=exited, status=0/SUCCESS)
    Process: 38843 ExecStart=/nix/store/89cms2c53lzccbdczdn574icbkaa9vvw-unit-script-panel-start/bin/panel-start (code=exited, status=1/FAILURE)
   Main PID: 38843 (code=exited, status=1/FAILURE)

Mar 18 08:56:27 fedi201 systemd[1]: panel.service: Scheduled restart job, restart counter is at 5.
Mar 18 08:56:27 fedi201 systemd[1]: panel.service: Start request repeated too quickly.
Mar 18 08:56:27 fedi201 systemd[1]: panel.service: Failed with result 'exit-code'.
Mar 18 08:56:27 fedi201 systemd[1]: Failed to start panel ASGI server.

and the cause of that seems to be the following

Mar 18 08:56:26 fedi201 systemd[1]: panel.service: Scheduled restart job, restart counter is at 4.
Mar 18 08:56:26 fedi201 systemd[1]: Starting panel ASGI server...
Mar 18 08:56:26 fedi201 systemd[1]: Started panel ASGI server.
Mar 18 08:56:26 fedi201 panel-start[38845]: Traceback (most recent call last):
Mar 18 08:56:26 fedi201 panel-start[38845]:   File "/nix/store/29nryh37jmmy4n91za8fyj2iri18x2fs-python3.12-panel-0.0.0/lib/python3.12/site-packages/panel/settings.py", line 35, in get_secret
Mar 18 08:56:26 fedi201 panel-start[38845]:     with open(f"{credentials_dir}/{name}", encoding=encoding) as f:
Mar 18 08:56:26 fedi201 panel-start[38845]:          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Mar 18 08:56:26 fedi201 panel-start[38845]: FileNotFoundError: [Errno 2] No such file or directory: '/var/lib/panel/.credentials/SECRET_KEY'
Mar 18 08:56:26 fedi201 panel-start[38845]: During handling of the above exception, another exception occurred:
Mar 18 08:56:26 fedi201 panel-start[38845]: Traceback (most recent call last):

and the .CREDENTIALS indeed doesnt exist

[root@fedi201:~]# ls -a /var/lib/panel/
.  ..  db.sqlite3  package-version  static

the reason why there is a 502 seems to be the following The nginx log seems to get a connection refused from the panel ``` Mar 18 08:40:15 fedi201 nginx[32351]: 2025/03/18 08:40:15 [error] 32351#32351: *2983 connect() failed (111: Connection refused) while connecting to upstream, client: 185.206.232.76, server: demo.fediversity.eu, request: "GET / HTTP/2.0> Mar 18 08:40:15 fedi201 nginx[32351]: 2025/03/18 08:40:15 [error] 32351#32351: *2983 connect() failed (111: Connection refused) while connecting to upstream, client: 185.206.232.76, server: demo.fediversity.eu, request: "GET / HTTP/2.0> Mar 18 08:48:02 fedi201 nginx[32351]: 2025/03/18 08:48:02 [error] 32351#32351: *2986 connect() failed (111: Connection refused) while connecting to upstream, client: 95.214.53.106, server: demo.fediversity.eu, request: "GET / HTTP/1.1"> ``` which make sense since de the panel service is failed ``` [root@fedi201:~]# systemctl status panel × panel.service - panel ASGI server Loaded: loaded (/etc/systemd/system/panel.service; enabled; preset: ignored) Active: failed (Result: exit-code) since Tue 2025-03-18 08:56:27 CET; 8min ago Duration: 382ms Invocation: d59a00cf7d1242e9a34db686336214ab Process: 38838 ExecStartPre=/nix/store/c9rsxyyg5mvjnp4qyq2k016qfw8r6iac-unit-script-panel-pre-start/bin/panel-pre-start (code=exited, status=0/SUCCESS) Process: 38843 ExecStart=/nix/store/89cms2c53lzccbdczdn574icbkaa9vvw-unit-script-panel-start/bin/panel-start (code=exited, status=1/FAILURE) Main PID: 38843 (code=exited, status=1/FAILURE) Mar 18 08:56:27 fedi201 systemd[1]: panel.service: Scheduled restart job, restart counter is at 5. Mar 18 08:56:27 fedi201 systemd[1]: panel.service: Start request repeated too quickly. Mar 18 08:56:27 fedi201 systemd[1]: panel.service: Failed with result 'exit-code'. Mar 18 08:56:27 fedi201 systemd[1]: Failed to start panel ASGI server. ``` and the cause of that seems to be the following ``` Mar 18 08:56:26 fedi201 systemd[1]: panel.service: Scheduled restart job, restart counter is at 4. Mar 18 08:56:26 fedi201 systemd[1]: Starting panel ASGI server... Mar 18 08:56:26 fedi201 systemd[1]: Started panel ASGI server. Mar 18 08:56:26 fedi201 panel-start[38845]: Traceback (most recent call last): Mar 18 08:56:26 fedi201 panel-start[38845]: File "/nix/store/29nryh37jmmy4n91za8fyj2iri18x2fs-python3.12-panel-0.0.0/lib/python3.12/site-packages/panel/settings.py", line 35, in get_secret Mar 18 08:56:26 fedi201 panel-start[38845]: with open(f"{credentials_dir}/{name}", encoding=encoding) as f: Mar 18 08:56:26 fedi201 panel-start[38845]: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Mar 18 08:56:26 fedi201 panel-start[38845]: FileNotFoundError: [Errno 2] No such file or directory: '/var/lib/panel/.credentials/SECRET_KEY' Mar 18 08:56:26 fedi201 panel-start[38845]: During handling of the above exception, another exception occurred: Mar 18 08:56:26 fedi201 panel-start[38845]: Traceback (most recent call last): ``` and the .CREDENTIALS indeed doesnt exist ``` [root@fedi201:~]# ls -a /var/lib/panel/ . .. db.sqlite3 package-version static ```

kiara force-pushed stitching from f50ee049f2 to 3e2c83435d

2025-03-18 09:56:17 +01:00

Compare

kiara added 1 commit 2025-03-18 11:38:32 +01:00

remove inputs parameter from fedipanel.nix 77cbc752a8

makes `nixops4 apply` go thru, tho the service still fails on `No module
named 'django_pydantic_field'`

kiara added 1 commit 2025-03-18 14:46:28 +01:00

move STATIC_ROOT, solves error ModuleNotFoundError on missing django_pydantic_field b409fd7719

lois added 17 commits 2025-03-18 15:45:51 +01:00

WIP: trigger nixops from panel 1411136f75

Closes #76.

Note I had not yet manage to successfully test this.

Manually trying the parameterized NixOps4 I tried using the following
command, tho I had yet to get this to work as well:

```sh
DEPLOYMENT='{"domain": "fediversity.net", "mastodon": {"enable": false},
"pixelfed": {"enable": true}, "peertube": {"enable": false}}' nix
develop --extra-experimental-features "configurable-impure-env"
--command nixops4 apply test
```

(or rather, I used a hardcoded Nix here so as to make it not use Lix.)

So far this had failed for me with:

```
the following units failed:
acme-mastodon.web.garage.fediversity.net.service
...
nixops4 error: Failed to create resource garage-configuration
```

Convert configuration form to json fcbbce0405

WIP: Get nix in scope

add NIX_DIR 6bc3016585

Pass REPO_DIR implicitly cc5101063b

Remove addding nixpkgs (did not fix the issue) e86712beec

pass self thru in flake ae08673c1b

use imputs over self 76ff180ca7

WIP: change env to environment 5355e57378

pass flake path as inputs.self.outPath? 2a8ae9d320

move from documenting to automating configurable-impure-env 782bbc4d8e

add openssh to devshell, as seemingly needed to trigger nixops4 by flake in django 7c5259181f

default form to .net as .eu subdomains are used for live services 98b3947a8e

pass in dummy initialUser to trigger orchestration from the panel 42a0a798e7

comment fediversity.eu option as its subdomains named after our services are used for production instances e872b3fde0

08d109cc82/services/fediversity/sharedOptions.nix (L44)

import the regular way, fixing error: attribute 'age' missing f50ee049f2

Add infinite spinner 1164518a48

Merge branch 'stitching' of git.fediversity.eu:kiara/Fediversity into stitching bb9eef9078

kevin added 1 commit 2025-03-18 16:25:39 +01:00

sepperate deploy proccess from page loading 523f438876

lois added 1 commit 2025-03-18 16:58:27 +01:00

Spinner shows when deploy is clicked 8eb87c1cfc

kiara reviewed 2025-03-18 17:31:51 +01:00

panel/src/panel/views.py

					
				@ -44,0 +54,4 @@

				        return obj

				    def run_deployment(self, obj):

				        if "deploy" in self.request.POST.keys():

kiara commented

2025-03-18 17:31:51 +01:00

@kevin is there a reason we perform this check twice now?

kiara reviewed 2025-03-18 17:32:59 +01:00

panel/src/panel/views.py

					
				@ -42,2 +49,4 @@

				        )

				        if "deploy" in self.request.POST.keys():

				            threading.Thread(target=self.run_deployment, args=(obj,)).start()

kiara commented

2025-03-18 17:32:59 +01:00

@kevin do we have a way to return info back to the client this way? or would the client know what it needs to know for now?

kiara commented

2025-03-18 18:25:40 +01:00

given this pr got convoluted with commits for #74, i'll close this to split things up.
a distilled pr covering a local PR button is now up in reviewable state at #253.

given this pr got convoluted with commits for #74, i'll close this to split things up. a distilled pr covering a local PR button is now up in reviewable state at #253.

kiara closed this pull request

2025-03-18 18:25:41 +01:00