21750: Use sudo instead of fakeroot to test singularity networking.
[arvados.git] / lib / boot / passenger.go
1 // Copyright (C) The Arvados Authors. All rights reserved.
2 //
3 // SPDX-License-Identifier: AGPL-3.0
4
5 package boot
6
7 import (
8         "bytes"
9         "context"
10         "fmt"
11         "os"
12         "path/filepath"
13         "runtime"
14         "strings"
15         "sync"
16
17         "git.arvados.org/arvados.git/sdk/go/arvados"
18 )
19
20 // Don't trust "passenger-config" (or "bundle install") to handle
21 // concurrent installs.
22 var passengerInstallMutex sync.Mutex
23
24 var railsEnv = []string{
25         "ARVADOS_RAILS_LOG_TO_STDOUT=1",
26         "ARVADOS_CONFIG_NOLEGACY=1", // don't load database.yml from source tree
27 }
28
29 // Install a Rails application's dependencies, including phusion
30 // passenger.
31 type installPassenger struct {
32         src       string // path to app in source tree
33         varlibdir string // path to app (relative to /var/lib/arvados) in OS package: "railsapi" or "workbench1"
34         depends   []supervisedTask
35 }
36
37 func (runner installPassenger) String() string {
38         return "installPassenger:" + runner.src
39 }
40
41 func (runner installPassenger) Run(ctx context.Context, fail func(error), super *Supervisor) error {
42         if super.ClusterType == "production" {
43                 // passenger has already been installed via package
44                 return nil
45         }
46         err := super.wait(ctx, runner.depends...)
47         if err != nil {
48                 return err
49         }
50
51         passengerInstallMutex.Lock()
52         defer passengerInstallMutex.Unlock()
53
54         appdir := runner.src
55         if super.ClusterType == "test" {
56                 // In the multi-cluster test setup, if we run multiple
57                 // Rails instances directly from the source tree, they
58                 // step on one another's files in {source}/tmp, log,
59                 // etc. So instead we copy the source directory into a
60                 // temp dir and run the Rails app from there.
61                 appdir = filepath.Join(super.tempdir, runner.varlibdir)
62                 err = super.RunProgram(ctx, super.tempdir, runOptions{}, "mkdir", "-p", appdir)
63                 if err != nil {
64                         return err
65                 }
66                 err = super.RunProgram(ctx, filepath.Join(super.SourcePath, runner.src), runOptions{}, "rsync",
67                         "-a", "--no-owner", "--no-group", "--delete-after", "--delete-excluded",
68                         "--exclude", "/coverage",
69                         "--exclude", "/log",
70                         "--exclude", "/node_modules",
71                         "--exclude", "/tmp",
72                         "--exclude", "/public/assets",
73                         "--exclude", "/vendor",
74                         "--exclude", "/config/environments",
75                         "./",
76                         appdir+"/")
77                 if err != nil {
78                         return err
79                 }
80         }
81
82         var buf bytes.Buffer
83         err = super.RunProgram(ctx, appdir, runOptions{output: &buf}, "gem", "list", "--details", "bundler")
84         if err != nil {
85                 return err
86         }
87         err = super.RunProgram(ctx, appdir, runOptions{}, "gem", "install", "--user", "--conservative", "--no-document", "--version", "~> 2.4.0", "bundler")
88         if err != nil {
89                 return err
90         }
91         err = super.RunProgram(ctx, appdir, runOptions{}, "bundle", "config", "--set", "local", "path", filepath.Join(os.Getenv("HOME"), ".gem"))
92         if err != nil {
93                 return err
94         }
95         err = super.RunProgram(ctx, appdir, runOptions{}, "bundle", "install", "--jobs", fmt.Sprintf("%d", runtime.NumCPU()))
96         if err != nil {
97                 return err
98         }
99         err = super.RunProgram(ctx, appdir, runOptions{}, "bundle", "exec", "passenger-config", "build-native-support")
100         if err != nil {
101                 return err
102         }
103         err = super.RunProgram(ctx, appdir, runOptions{}, "bundle", "exec", "passenger-config", "install-standalone-runtime")
104         if err != nil {
105                 return err
106         }
107         err = super.RunProgram(ctx, appdir, runOptions{}, "bundle", "exec", "passenger-config", "validate-install")
108         if err != nil && !strings.Contains(err.Error(), "exit status 2") {
109                 // Exit code 2 indicates there were warnings (like
110                 // "other passenger installations have been detected",
111                 // which we can't expect to avoid) but no errors.
112                 // Other non-zero exit codes (1, 9) indicate errors.
113                 return err
114         }
115         return nil
116 }
117
118 type runPassenger struct {
119         src       string // path to app in source tree
120         varlibdir string // path to app (relative to /var/lib/arvados) in OS package: "railsapi" or "workbench1"
121         svc       arvados.Service
122         depends   []supervisedTask
123 }
124
125 func (runner runPassenger) String() string {
126         return "runPassenger:" + runner.src
127 }
128
129 func (runner runPassenger) Run(ctx context.Context, fail func(error), super *Supervisor) error {
130         err := super.wait(ctx, runner.depends...)
131         if err != nil {
132                 return err
133         }
134         host, port, err := internalPort(runner.svc)
135         if err != nil {
136                 return fmt.Errorf("bug: no internalPort for %q: %v (%#v)", runner, err, runner.svc)
137         }
138         var appdir string
139         switch super.ClusterType {
140         case "production":
141                 appdir = "/var/lib/arvados/" + runner.varlibdir
142         case "test":
143                 appdir = filepath.Join(super.tempdir, runner.varlibdir)
144         default:
145                 appdir = runner.src
146         }
147         loglevel := "4"
148         if lvl, ok := map[string]string{
149                 "debug":   "5",
150                 "info":    "4",
151                 "warn":    "2",
152                 "warning": "2",
153                 "error":   "1",
154                 "fatal":   "0",
155                 "panic":   "0",
156         }[super.cluster.SystemLogs.LogLevel]; ok {
157                 loglevel = lvl
158         }
159         super.waitShutdown.Add(1)
160         go func() {
161                 defer super.waitShutdown.Done()
162                 cmdline := []string{
163                         "bundle", "exec",
164                         "passenger", "start",
165                         "--address", host,
166                         "--port", port,
167                         "--log-level", loglevel,
168                         "--no-friendly-error-pages",
169                         "--disable-anonymous-telemetry",
170                         "--disable-security-update-check",
171                         "--no-compile-runtime",
172                         "--no-install-runtime",
173                         "--pid-file", filepath.Join(super.wwwtempdir, "passenger."+strings.Replace(appdir, "/", "_", -1)+".pid"),
174                 }
175                 opts := runOptions{
176                         env: append([]string{
177                                 "TMPDIR=" + super.wwwtempdir,
178                         }, railsEnv...),
179                 }
180                 if super.ClusterType == "production" {
181                         opts.user = "www-data"
182                         opts.env = append(opts.env, "HOME=/var/www")
183                 } else {
184                         // This would be desirable when changing uid
185                         // too, but it fails because /dev/stderr is a
186                         // symlink to a pty owned by root: "nginx:
187                         // [emerg] open() "/dev/stderr" failed (13:
188                         // Permission denied)"
189                         cmdline = append(cmdline, "--log-file", "/dev/stderr")
190                 }
191                 err = super.RunProgram(ctx, appdir, opts, cmdline[0], cmdline[1:]...)
192                 fail(err)
193         }()
194         return nil
195 }