mirror of
https://gitlab.archlinux.org/archlinux/aurweb.git
synced 2025-02-03 10:43:03 +01:00
a467b18474
Release v6.0.0 - Python
This documents UX and functional changes for the v6.0.0 aurweb release.
Following this release, we'll be working on a few very nice features
noted at the end of this article in Upcoming Work.
Preface
-------
This v6.0.0 release makes the long-awaited Python port official.
Along with the development of the python port, we have modified a
number of features. There have been some integral changes to how
package requests are dealt with, so _Trusted Users_ should read
the entirety of this document.
Legend
------
There are a few terms which I'd like to define to increase
understanding of these changes as they are listed:
- _self_
- Refers to a user viewing or doing something regarding their own account
- _/pkgbase/{name}/{action}_
- Refers to a POST action which can be triggered via the relevent package
page at `/{pkgbase,packages}/{name}`.
Grouped changes explained in multiple items will always be prefixed with
the same letter surrounded by braces. Example:
- [A] Some feature that does something
- [A] The same feature where another thing has changed
Infrastructure
--------------
- Python packaging is now done with poetry.
- SQLite support has been removed. This was done because even though
SQLAlchemy is an ORM, SQLite has quite a few SQL-server-like features
missing both out of the box and integrally which force us to account
for the different database types. We now only support mysql, and should
be able to support postgresql without much effort in the future.
Note: Users wishing to easily spin up a database quickly can use
`docker-compose up -d mariadb` for a Docker-hosted mariadb service.
- An example systemd service has been included at `examples/aurweb.service`.
- Example wrappers to `aurweb-git-(auth|serve|update)` have been included
at `examples/aurweb-git-(auth|serve|update).sh` and should be used to
call these scripts when aurweb is installed into a poetry virtualenv.
HTML
----
- Pagers have all been modified. They still serve the same purpose, but
they have slightly different display.
- Some markup and methods around the website has been changed for
post requests, and some forms have been completely reworked.
Package Requests
----------------
- Normal users can now view and close their own requests
- [A] Requests can no longer be accepted through manual closures
- [A] Requests are now closed via their relevent actions
- Deletion
- Through `/packages` bulk delete action
- Through `/pkgbase/{name}/delete`
- Merge
- Through `/pkgbase/{name}/merge`
- Orphan
- Through `/packages` bulk disown action
- Through `/pkgbase/{name}/disown`
- Deletion and merge requests (and their closures) are now autogenerated
if no pre-existing request exists. This was done to increase tracking of
package modifications performed by those with access to do so (TUs).
- Deletion, merge and orphan request actions now close all (1 or more)
requests pertaining to the action performed. This comes with the downside
of multiple notifications sent out about a closure if more than one
request (or no request) exists for them
- Merge actions now automatically reject other pre-existing merge requests
with a mismatched `MergeBaseName` column when a merge action is performed
- The last `/requests` page no longer goes nowhere
Package Bulk Actions: /packages
-------------------------------
- The `Merge into` field has been removed. Merges now require being
performed via the `/pkgbase/{name}/merge` action.
Package View
------------
- Some cached metadata is no longer cached (pkginfo). Previously,
this was defaulted to a one day cache for some package information.
If we need to bring this back, we can.
TU Proposals
------------
- A valid username is now required for any addition or removal of a TU.
RPC
---
- `type=get-comment-form` has been removed and is now located at
`/pkgbase/{name}/comments/{id}/form`.
- Support for versions 1-4 have been removed.
- JSON key ordering is different than PHP's JSON.
- `type=search` performance is overall slightly worse than PHP's. This
should not heavily affect users, as a 3,000 record query is returned
in roughly 0.20ms from a local standpoint. We will be working on this
in aim to push it over PHP.
Archives
--------
- Added metadata archive `packages-meta-v1.json.gz`.
- Added metadata archive `packages-meta-ext-v1.json.gz`.
- Enable this by passing `--extended` to `aurweb-mkpkglists`.
Performance Changes
-------------------
As is expected from a complete rewrite of the website, performance
has changed across the board. In most places, Python's implementation
now performs better than the pre-existing PHP implementation, with the
exception of a few routes. Notably:
- `/` loads much quicker as it is now persistently cached forcibly
for five minutes at a time.
- `/packages` search is much quicker.
- `/packages/{name}` view is slightly slower; we are no longer caching
various pieces of package info for `cache_pkginfo_ttl`, which is
defaulted to 86400 seconds, or one day.
- Request actions are slower due to the removal of the `via` parameter.
We now query the database for requests related to the action based on
the current state of the DB.
- `/rpc?type=info` queries are slightly quicker.
- `/rpc?type=search` queries of low result counts are quicker.
- `/rpc?type=search` queries of large result counts (> 2500) are slower.
- We are not satisfied with this. We'll be working on pushing this
over the edge along with the rest of the DB-intensive routes.
However, the speed degredation is quite negligible for users'
experience: 0.12ms PHP vs 0.15ms Python on a 3,000 record query
on my local 4-core 8-thread system.
Upcoming Work
-------------
This release is the first major release of the Python implementation.
We have multiple tasks up for work immediately, which will bring us
a few more minor versions forward as they are completed.
- Update request and tu vote pagers
- Archive differentials
- Archive mimetypes
- (a) Git scripts to ORM conversion
- (a) Sharness removal
- Restriction of number of requests users can submit
194 lines
6.9 KiB
Text
194 lines
6.9 KiB
Text
Setup on Arch Linux
|
|
===================
|
|
|
|
For testing aurweb patches before submission, you can use the instructions in
|
|
TESTING for testing the web interface only.
|
|
|
|
For a detailed description on how to setup a full aurweb server,
|
|
read the instructions below.
|
|
|
|
1) Clone the aurweb project and install it (via `python-poetry`):
|
|
|
|
$ cd /srv/http/
|
|
$ git clone git://git.archlinux.org/aurweb.git
|
|
$ cd aurweb
|
|
$ poetry install
|
|
|
|
2) Setup a web server with PHP and MySQL. Configure the web server to redirect
|
|
all URLs to /index.php/foo/bar/. The following block can be used with nginx:
|
|
|
|
server {
|
|
# https is preferred and can be done easily with LetsEncrypt
|
|
# or self-CA signing. Users can still listen over 80 for plain
|
|
# http, for which the [options] disable_http_login used to toggle
|
|
# the authentication feature.
|
|
listen 443 ssl http2;
|
|
server_name aur.local aur;
|
|
|
|
# To enable SSL proxy properly, make sure gunicorn and friends
|
|
# are supporting forwarded headers over 127.0.0.1 or any if
|
|
# the asgi server is contacted by non-localhost hosts.
|
|
ssl_certificate /etc/ssl/certs/aur.cert.pem;
|
|
ssl_certificate_key /etc/ssl/private/aur.key.pem;
|
|
|
|
# Asset root. This is used to match against gzip archives.
|
|
root /srv/http/aurweb/web/html;
|
|
|
|
# TU Bylaws redirect.
|
|
location = /trusted-user/TUbylaws.html {
|
|
return 301 https://tu-bylaws.aur.archlinux.org;
|
|
}
|
|
|
|
# smartgit location.
|
|
location ~ "^/([a-z0-9][a-z0-9.+_-]*?)(\.git)?/(git-(receive|upload)-pack|HEAD|info/refs|objects/(info/(http-)?alternates|packs)|[0-9a-f]{2}/[0-9a-f]{38}|pack/pack-[0-9a-f]{40}\.(pack|idx))$" {
|
|
include uwsgi_params;
|
|
uwsgi_pass smartgit;
|
|
uwsgi_modifier1 9;
|
|
uwsgi_param SCRIPT_FILENAME /usr/lib/git-core/git-http-backend;
|
|
uwsgi_param PATH_INFO /aur.git/$3;
|
|
uwsgi_param GIT_HTTP_EXPORT_ALL "";
|
|
uwsgi_param GIT_NAMESPACE $1;
|
|
uwsgi_param GIT_PROJECT_ROOT /srv/http/aurweb;
|
|
}
|
|
|
|
# cgitrc.proto should be configured and located somewhere
|
|
# of your choosing.
|
|
location ~ ^/cgit {
|
|
include uwsgi_params;
|
|
rewrite ^/cgit/([^?/]+/[^?]*)?(?:\?(.*))?$ /cgit.cgi?url=$1&$2 last;
|
|
uwsgi_modifier1 9;
|
|
uwsgi_param CGIT_CONFIG /srv/http/aurweb/conf/cgitrc.proto;
|
|
uwsgi_pass cgit;
|
|
}
|
|
|
|
# Static archive assets.
|
|
location ~ \.gz$ {
|
|
types { application/gzip text/plain }
|
|
default_type text/plain;
|
|
add_header Content-Encoding gzip;
|
|
expires 5m;
|
|
}
|
|
|
|
# For everything else, proxy the http request to (guni|uvi|hyper)corn.
|
|
# The ASGI server application should allow this request's IP to be
|
|
# forwarded via the headers used below.
|
|
# https://docs.gunicorn.org/en/stable/settings.html#forwarded-allow-ips
|
|
location / {
|
|
proxy_pass http://127.0.0.1:8000;
|
|
proxy_set_header Host $http_host;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Protocol ssl;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header X-Forwarded-Ssl on;
|
|
}
|
|
}
|
|
|
|
3) Optionally copy conf/config.defaults to /etc/aurweb/. Create or copy
|
|
/etc/aurweb/config (this is expected to contain all configuration settings
|
|
if the defaults file does not exist) and adjust the configuration (pay
|
|
attention to disable_http_login, enable_maintenance and aur_location).
|
|
|
|
4) Install system-wide dependencies:
|
|
|
|
# pacman -S git gpgme cgit curl openssh uwsgi uwsgi-plugin-cgi \
|
|
python-poetry
|
|
|
|
5) Create a new user:
|
|
|
|
# useradd -U -d /srv/http/aurweb -c 'AUR user' aur
|
|
# su - aur
|
|
|
|
6a) Install Python dependencies via poetry:
|
|
|
|
# Install the package and scripts as the aur user.
|
|
$ poetry install
|
|
|
|
6b) Setup Services
|
|
|
|
aurweb utilizes the following systemd services:
|
|
- mariadb
|
|
- redis (optional, requires [options] cache 'redis')
|
|
- `examples/aurweb.service`
|
|
|
|
6c) Setup Cron
|
|
|
|
Using [cronie](https://archlinux.org/packages/core/x86_64/cronie/):
|
|
|
|
# su - aur
|
|
$ crontab -e
|
|
|
|
The following crontab file uses every script meant to be run on an
|
|
interval:
|
|
|
|
AUR_CONFIG='/etc/aurweb/config'
|
|
*/5 * * * * bash -c 'poetry run aurweb-mkpkglists --extended'
|
|
*/2 * * * * bash -c 'poetry run aurweb-aurblup'
|
|
*/2 * * * * bash -c 'poetry run aurweb-pkgmaint'
|
|
*/2 * * * * bash -c 'poetry run aurweb-usermaint'
|
|
*/2 * * * * bash -c 'poetry run aurweb-popupdate'
|
|
*/12 * * * * bash -c 'poetry run aurweb-tuvotereminder'
|
|
|
|
7) Create a new database and a user and import the aurweb SQL schema:
|
|
|
|
$ poetry run python -m aurweb.initdb
|
|
|
|
8) Initialize the Git repository:
|
|
|
|
# mkdir /srv/http/aurweb/aur.git/
|
|
# cd /srv/http/aurweb/aur.git/
|
|
# git init --bare
|
|
# git config --local transfer.hideRefs '^refs/'
|
|
# git config --local --add transfer.hideRefs '!refs/'
|
|
# git config --local --add transfer.hideRefs '!HEAD'
|
|
# chown -R aur .
|
|
|
|
Link to `aurweb-git-update` poetry wrapper provided at
|
|
`examples/aurweb-git-update.sh` which should be installed
|
|
somewhere as executable.
|
|
|
|
# ln -s /path/to/aurweb-git-update.sh hooks/update
|
|
|
|
It is recommended to read doc/git-interface.txt for more information on the
|
|
administration of the package Git repository.
|
|
|
|
9) Configure sshd(8) for the AUR. Add the following lines at the end of your
|
|
sshd_config(5) and restart the sshd.
|
|
|
|
If using a virtualenv, copy `examples/aurweb-git-auth.sh` to a location
|
|
and call it below:
|
|
|
|
Match User aur
|
|
PasswordAuthentication no
|
|
AuthorizedKeysCommand /path/to/aurweb-git-auth.sh "%t" "%k"
|
|
AuthorizedKeysCommandUser aur
|
|
AcceptEnv AUR_OVERWRITE
|
|
|
|
9) If you want to enable smart HTTP support with nginx and fcgiwrap, you can
|
|
use the following directives:
|
|
|
|
location ~ "^/([a-z0-9][a-z0-9.+_-]*?)(\.git)?/(git-(receive|upload)-pack|HEAD|info/refs|objects/(info/(http-)?alternates|packs)|[0-9a-f]{2}/[0-9a-f]{38}|pack/pack-[0-9a-f]{40}\.(pack|idx))$" {
|
|
fastcgi_pass unix:/run/fcgiwrap.sock;
|
|
include fastcgi_params;
|
|
fastcgi_param SCRIPT_FILENAME /usr/lib/git-core/git-http-backend;
|
|
fastcgi_param PATH_INFO /aur.git/$3;
|
|
fastcgi_param GIT_HTTP_EXPORT_ALL "";
|
|
fastcgi_param GIT_NAMESPACE $1;
|
|
fastcgi_param GIT_PROJECT_ROOT /srv/http/aurweb/;
|
|
}
|
|
|
|
Sample systemd unit files for fcgiwrap can be found under conf/.
|
|
|
|
10) If you want Redis to cache data.
|
|
|
|
# pacman -S redis
|
|
# systemctl enable --now redis
|
|
|
|
And edit the configuration file to enabled redis caching
|
|
(`[options] cache = redis`).
|
|
|
|
11) Start `aurweb.service`.
|
|
|
|
An example systemd unit has been included at `examples/aurweb.service`.
|
|
This unit can be used to manage the aurweb asgi backend. By default,
|
|
it is configured to use `poetry` as the `aur` user; this should be
|
|
configured as needed.
|