PayControl Inform. Installation guide — различия между версиями

Материал из PayControl Wiki
Перейти к: навигация, поиск
 
(не показано 10 промежуточных версий этого же участника)
Строка 2: Строка 2:
 
=Installation=
 
=Installation=
 
== Install pre-requisits ==
 
== Install pre-requisits ==
 
+
=== EPEL ===
# Add '''EPEL''' repository and install another necessary '''packages''' (git needed, only if server has ability to connect to git repository with pushgate sources):
+
Add EPEL repository and install another necessary packages (git needed, only if server has ability to connect to git repository with pushgate sources):
 
 
 
<source lang="bash">sudo yum install epel-release
 
<source lang="bash">sudo yum install epel-release
 
sudo yum install wget libffi-devel openssl-devel gcc git
 
sudo yum install wget libffi-devel openssl-devel gcc git
 
</source>
 
</source>
<ol start="2">
+
=== Erlang ===
<li>Install '''Erlang''' (for RabbitMQ)</li></ol>
+
Install Erlang (needed for RabbitMQ).
 
+
==== Centos 7 ====
 
<source lang="bash">wget https://packages.erlang-solutions.com/erlang-solutions-1.0-1.noarch.rpm
 
<source lang="bash">wget https://packages.erlang-solutions.com/erlang-solutions-1.0-1.noarch.rpm
 
sudo rpm -Uvh erlang-solutions-1.0-1.noarch.rpm
 
sudo rpm -Uvh erlang-solutions-1.0-1.noarch.rpm
 
sudo yum install erlang
 
sudo yum install erlang
 
</source>
 
</source>
<ol start="3">
+
====Centos 8====
<li>Install '''RabbitMQ''', enable and start it</li></ol>
+
<source lang="bash">
 +
sudo dnf install erlang
 +
</source>
 +
=== RabbitMQ ===
 +
Install RabbitMQ, enable and start it.
  
 
<source lang="bash">curl -s https://packagecloud.io/install/repositories/rabbitmq/rabbitmq-server/script.rpm.sh | sudo bash
 
<source lang="bash">curl -s https://packagecloud.io/install/repositories/rabbitmq/rabbitmq-server/script.rpm.sh | sudo bash
Строка 36: Строка 39:
 
firewall-cmd --reload
 
firewall-cmd --reload
 
</source>
 
</source>
<ol start="4">
+
=== Redis ===
<li>Install, start and enable '''Redis''' (apt-get install redis-server)</li></ol>
+
Install, start and enable Redis (apt-get install redis-server)
  
 
<source lang="bash">sudo yum install redis
 
<source lang="bash">sudo yum install redis
Строка 43: Строка 46:
 
sudo systemctl enable redis
 
sudo systemctl enable redis
 
</source>
 
</source>
<ol start="5">
+
=== PostgreSQL ===
<li>Install '''PostgreSQL''' and set up user-login, create database, do not forget to allow remote tcp-connection for user</li></ol>
+
Install PostgreSQL and set up user-login, create database, do not forget to allow remote tcp-connection for user</li></ol>
  
 
<source lang="bash">sudo yum install postgresql postgresql-server
 
<source lang="bash">sudo yum install postgresql postgresql-server
Строка 104: Строка 107:
 
ALTER TABLE housekeeping_stat OWNER TO <DB_USER>;
 
ALTER TABLE housekeeping_stat OWNER TO <DB_USER>;
 
</source>
 
</source>
<ol start="6">
+
=== Phython ===
<li>Install '''Phython 3.6'''.</li></ol>
+
==== Centos 7 ====
 
 
 
For Centos 7 you must install pithon 3.6 from IUS repository (in packages's names added letter &quot;u&quot;):
 
For Centos 7 you must install pithon 3.6 from IUS repository (in packages's names added letter &quot;u&quot;):
  
Строка 113: Строка 115:
 
</source>
 
</source>
 
Instal virtualenv:
 
Instal virtualenv:
 
 
<source lang="bash">sudo pip3 install virtualenv
 
<source lang="bash">sudo pip3 install virtualenv
 
</source>
 
</source>
 +
==== Centos 8 ====
 +
<source lang="bash">sudo dnf install python36 python36u-devel
 +
</source>
 +
Install virtualenv:
 +
<source lang="bash">sudo pip3 install virtualenv
 +
</source>
 +
 
== Create vitual environment once for all pushgate services (use python 3.6 only) ==
 
== Create vitual environment once for all pushgate services (use python 3.6 only) ==
  
Строка 122: Строка 130:
 
</source>
 
</source>
 
== Install services ==
 
== Install services ==
 
 
<source lang="bash">cd /var/app
 
<source lang="bash">cd /var/app
 
source .env/bin/activate
 
source .env/bin/activate
 
+
</source>
 +
Next step is putting files into current directory. There are two ways:
 +
* Extract archives recieved from [[SafeTech]].
 +
* From Safe-Tech Repository (throught internal network only). Example: <source lang="bash">
 
git clone git@gitlab.paycontrol.org:pushgate/pushgate.git
 
git clone git@gitlab.paycontrol.org:pushgate/pushgate.git
 
git clone git@gitlab.paycontrol.org:pushgate/tasker.git
 
git clone git@gitlab.paycontrol.org:pushgate/tasker.git
Строка 135: Строка 145:
 
git clone git@gitlab.paycontrol.org:pushgate/status-porter.git
 
git clone git@gitlab.paycontrol.org:pushgate/status-porter.git
 
git clone git@gitlab.paycontrol.org:pushgate/housekeeper.git
 
git clone git@gitlab.paycontrol.org:pushgate/housekeeper.git
 
+
</source>
 +
When PCInform files is on the place, proceed installation:
 +
<source lang="bash">
 
pip install -e pushgate
 
pip install -e pushgate
 
pip install -e tasker
 
pip install -e tasker
Строка 146: Строка 158:
 
pip install -e housekeeper
 
pip install -e housekeeper
 
</source>
 
</source>
Errors may occours, during google-pusher installation:<br />
+
===Fix of version mismatches===
'''yarl 1.2.4 has requirement multidict&gt;=4.0, but you'll have multidict 2.1.6 which is incompatible.'''<br />
+
Because of using multiple libraries may occurs some version mismatches between of them. For example:
'''aiohttp 3.3.1 has requirement multidict&lt;5.0,&gt;=4.0, but you'll have multidict 2.1.6 which is incompatible.'''
+
 
 +
Errors may occurs, during google-pusher installation:<br />
 +
<pre>yarl 1.2.4 has requirement multidict&gt;=4.0, but you'll have multidict 2.1.6 which is incompatible.
 +
aiohttp 3.3.1 has requirement multidict&lt;5.0,&gt;=4.0, but you'll have multidict 2.1.6 which is incompatible.</pre>
  
Errors may occours, during callbacker, status-porter and housekeeper installation:<br />
+
Errors may occurs, during callbacker, status-porter and housekeeper installation:<br />
'''aioxmpp 0.9.1 has requirement multidict~=2.0, but you'll have multidict 4.3.1 which is incompatible.'''
+
<pre>aioxmpp 0.9.1 has requirement multidict~=2.0, but you'll have multidict 4.3.1 which is incompatible.</pre>
  
 
In this case, you need to:
 
In this case, you need to:
Строка 166: Строка 181:
 
<source lang="bash">cd /var/app
 
<source lang="bash">cd /var/app
 
git clone git@gitlab.paycontrol.org:pushgate/configuration.git
 
git clone git@gitlab.paycontrol.org:pushgate/configuration.git
vim configuration/pushgate.conf
+
cp configuration/pushgate.conf.DEFAULT configuration/pushgate.conf
 +
vi configuration/pushgate.conf
 +
</source>
 +
Add your APNS and Firebase credentials to <code>pushgate.conf</code>.
 +
<source lang="bash">
 
cp -R configuration/services/* /etc/systemd/system
 
cp -R configuration/services/* /etc/systemd/system
 
</source>
 
</source>
Строка 172: Строка 191:
  
 
<source lang="bash">DB_DSN=postgres://<DB_USER>:<DB_USER_S_PASSWORD>@127.0.0.1/<DB_NAME>
 
<source lang="bash">DB_DSN=postgres://<DB_USER>:<DB_USER_S_PASSWORD>@127.0.0.1/<DB_NAME>
 +
</source>
 +
== Configure SELinux ==
 +
For Centos 8 you need to configure SELinux. At first, install SELinux utils:
 +
<source lang="bash">
 +
dnf install policycoreutils-python-utils
 +
</source>
 +
Then set contexts:
 +
<source lang="bash">
 +
semanage fcontext -a -t var_run_t  /var/app/configuration/pushgate.conf
 +
semanage fcontext -a -t bin_t /var/app/.env/bin/apple-pusher
 +
semanage fcontext -a -t bin_t /var/app/.env/bin/callbacker
 +
semanage fcontext -a -t bin_t /var/app/.env/bin/google-pusher
 +
semanage fcontext -a -t bin_t /var/app/.env/bin/housekeeper
 +
semanage fcontext -a -t bin_t /var/app/.env/bin/payloader
 +
semanage fcontext -a -t bin_t /var/app/.env/bin/push-secretary
 +
semanage fcontext -a -t bin_t /var/app/.env/bin/status-porter
 +
restorecon -v /var/app/configuration/pushgate.conf
 +
restorecon -Rv /var/app/.env/bin/
 
</source>
 
</source>
 
== Start services ==
 
== Start services ==
 
 
<source lang="bash">systemctl start push_secretary
 
<source lang="bash">systemctl start push_secretary
 
systemctl start payloader
 
systemctl start payloader
Строка 186: Строка 222:
  
 
<source lang="bash">systemctl status push_secretary
 
<source lang="bash">systemctl status push_secretary
sleep 1
+
systemctl status push_secretary | grep '.service - \|Active'
systemctl status payloader
+
systemctl status payloader | grep '.service - \|Active'
sleep 1
+
systemctl status apple_pusher@{1..6} | grep '.service - \|Active'
systemctl status apple_pusher@{1..6}
+
systemctl status google_pusher@{1..8} | grep '.service - \|Active'
sleep 1
+
systemctl status callbacker@{1..2} | grep '.service - \|Active'
systemctl status google_pusher@{1..8}
+
systemctl status status_porter@{1..2} | grep '.service - \|Active'
sleep 1
+
systemctl status housekeeper | grep '.service - \|Active'
systemctl status callbacker@{1..2}
 
sleep 1
 
systemctl status status_porter@{1..2}
 
sleep 1
 
systemctl status housekeeper
 
 
</source>
 
</source>
 
While housekeeper had not started with error:<br />
 
While housekeeper had not started with error:<br />
Строка 213: Строка 244:
 
</source>
 
</source>
 
== Enable services ==
 
== Enable services ==
 
 
<source lang="bash">systemctl enable push_secretary
 
<source lang="bash">systemctl enable push_secretary
 
systemctl enable payloader
 
systemctl enable payloader
Строка 222: Строка 252:
 
systemctl enable housekeeper
 
systemctl enable housekeeper
 
</source>
 
</source>
 +
At this step you may set up number of processes. For example, if you need just one of ''apple_pusher'' process, you need to correct ''systemctl enable'' command like this:
 +
<source lang="bash">systemctl enable apple_pusher@1</source>
 +
Ajusting quantity of ''push_secretary'' and ''payloader'' serveces is in the ''configuration/pushgate.conf'' file, described [[PayControl_Inform#Настройка|here]].
 +
 
= Reinstall (update) services =
 
= Reinstall (update) services =
 +
==Backup==
 +
Backup all files, that was modified, or you want to save during update. In example it may be:
 +
* configuration file ''configuration/pushgate.conf'';
 +
* APNS certificates.
 +
==Stop services==
 +
<syntaxhighlight lang="bash">
 +
systemctl stop push_secretary
 +
systemctl stop payloader
 +
systemctl stop apple_pusher@{1..6}
 +
systemctl stop google_pusher@{1..8}
 +
systemctl stop callbacker@{1..2}
 +
systemctl stop status_porter@{1..2}
 +
systemctl stop housekeeper
 +
</syntaxhighlight>
 +
==Change environment==
 +
<syntaxhighlight lang="bash">
 +
cd /var/app
 +
source .env/bin/activate
 +
</syntaxhighlight>
 +
==Update files==
 +
Next step is putting new files into current directory. There are two ways:
 +
* Extract archives recieved from SafeTech.
 +
* From Safe-Tech Repository (throught internal network only). Example:
 +
<syntaxhighlight lang="bash">cd apple-pusher
 +
git checkout .
 +
git pull
 +
cd ../callbacker
 +
git checkout .
 +
git pull
 +
cd ../configuration
 +
git checkout .
 +
git pull
 +
cd ../google-pusher
 +
git checkout .
 +
git pull
 +
cd ../housekeeper
 +
git checkout .
 +
git pull
 +
cd ../payloader
 +
git checkout .
 +
git pull
 +
cd ../pushgate
 +
git checkout .
 +
git pull
 +
cd ../push-secretary
 +
git checkout .
 +
git pull
 +
cd ../status-porter
 +
git checkout .
 +
git pull
 +
cd ../tasker
 +
git checkout .
 +
git pull
 +
cd ../
 +
</syntaxhighlight>
 +
==Update components==
 +
Update pip:
 +
<syntaxhighlight lang="bash">
 +
pip install --upgrade pip
 +
</syntaxhighlight>
 +
Update PCInform components:
 +
<syntaxhighlight lang="bash">
 +
pip install --upgrade -e pushgate
 +
pip install --upgrade -e tasker
 +
pip install --upgrade -e push-secretary
 +
pip install --upgrade -e payloader
 +
pip install --upgrade -e apple-pusher
 +
pip install --upgrade -e google-pusher
 +
pip install --upgrade -e callbacker
 +
pip install --upgrade -e status-porter
 +
pip install --upgrade -e housekeeper
 +
</syntaxhighlight>
 +
==Start services==
 +
<syntaxhighlight lang="bash">
 +
systemctl start push_secretary
 +
sleep 3
 +
systemctl status push_secretary
 +
sleep 1
 +
systemctl start payloader
 +
sleep 3
 +
systemctl status payloader
 +
sleep 1
 +
systemctl start apple_pusher@{1..6}
 +
sleep 3
 +
systemctl status apple_pusher@{1..6}
 +
sleep 1
 +
systemctl start google_pusher@{1..8}
 +
sleep 3
 +
systemctl status google_pusher@{1..8}
 +
sleep 1
 +
systemctl start callbacker@{1..2}
 +
sleep 3
 +
systemctl status callbacker@{1..2}
 +
sleep 1
 +
systemctl start status_porter@{1..2}
 +
sleep 3
 +
systemctl status status_porter@{1..2}
 +
sleep 1
 +
systemctl start housekeeper
 +
sleep 3
 +
systemctl status housekeeper
 +
</syntaxhighlight>
  
<source lang="bash">git pull
 
pip install --upgrade -e
 
</source>
 
 
= Customization =
 
= Customization =
 
== Optimum services count for 20 CPU ==
 
== Optimum services count for 20 CPU ==

Текущая версия на 19:29, 19 февраля 2020

This is PayControl Inform Installation guide. Main article about PayControl Inform and it's API — PayControl Inform.

Installation

Install pre-requisits

EPEL

Add EPEL repository and install another necessary packages (git needed, only if server has ability to connect to git repository with pushgate sources):

sudo yum install epel-release
sudo yum install wget libffi-devel openssl-devel gcc git

Erlang

Install Erlang (needed for RabbitMQ).

Centos 7

wget https://packages.erlang-solutions.com/erlang-solutions-1.0-1.noarch.rpm
sudo rpm -Uvh erlang-solutions-1.0-1.noarch.rpm
sudo yum install erlang

Centos 8

sudo dnf install erlang

RabbitMQ

Install RabbitMQ, enable and start it.

curl -s https://packagecloud.io/install/repositories/rabbitmq/rabbitmq-server/script.rpm.sh | sudo bash
sudo yum install rabbitmq-server
sudo systemctl start rabbitmq-server
sudo systemctl enable rabbitmq-server

Set up user-login for RabbitMQ. Enable Managemet plugin (it wil accessible on HTTP:15672/TCP). Grant access through firewall from Administrator's workstation to management console.

rabbitmqctl add_user <USERNAME> <PASSWORD>
rabbitmqctl set_user_tags <USERNAME> administrator
rabbitmqctl set_permissions -p / <USERNAME> ".*" ".*" ".*"
rabbitmq-plugins enable rabbitmq_management
firewall-cmd --get-active-zones
firewall-cmd --permanent --zone=<ZONE RETURNED BY PREVIOUS COMMAND> --add-rich-rule='
  rule family="ipv4"
  source address="<SOURCE IP/MASK>"
  port protocol="tcp" port="15672" accept'
firewall-cmd --reload

Redis

Install, start and enable Redis (apt-get install redis-server)

sudo yum install redis
sudo systemctl start redis
sudo systemctl enable redis

PostgreSQL

Install PostgreSQL and set up user-login, create database, do not forget to allow remote tcp-connection for user

sudo yum install postgresql postgresql-server
sudo postgresql-setup initdb
sudo systemctl start postgresql
sudo systemctl enable postgresql
sudo vi /var/lib/pgsql/data/postgresql.conf
    listen_addresses = 'localhost' ## Uncomment this string in /var/lib/pgsql/data/postgresql.conf
sudo vi /var/lib/pgsql/data/pg_hba.conf
    host    all             all             127.0.0.1/32            md5 ## Change ident to md5 in /var/lib/pgsql/data/pg_hba.conf
    host    all             all             ::1/128                 md5 ## Change ident to md5 in /var/lib/pgsql/data/pg_hba.conf
sudo -u postgres psql
create database <DB_NAME>;
create user <DB_USER> password '<DB_USER_S_PASSWORD>';
grant all privileges on database <DB_NAME> to <DB_USER>;
\q
psql -h localhost -p 5432 -U <DB_USER> -d <DB_NAME> -W

Insert and execute SQL script:

create table tasks (
	id serial,
	uuid uuid not null unique,
	device_token text,
	payload text,
	callback_url text,
	created_at timestamp without time zone not null default (now() at time zone 'utc'),
	updated_at timestamp without time zone not null default (now() at time zone 'utc')
);


create table task_statuses (
	id serial,
	uuid uuid references tasks (uuid) on delete cascade,
	status smallint not null default 0,
	dt timestamp without time zone not null default (now() at time zone 'utc')
);


create table housekeeping_stat (
	total bigint
);

insert into housekeeping_stat (total) values (0);

create index ON tasks(created_at);

create index ON task_statuses(uuid);

Periodically you must reindex DB:

REINDEX DATABASE <DB_NAME>;

Owner of new tables must be <DB_USER>. Else, while housekeeper starts, may occours the error: asyncpg.exceptions.InsufficientPrivilegeError: permission denied for relation tasks. In this case you must set ownership of all tables in <DB NAME> to <DB_USER>:

ALTER TABLE task_statuses OWNER TO <DB_USER>;
ALTER TABLE tasks OWNER TO <DB_USER>;
ALTER TABLE housekeeping_stat OWNER TO <DB_USER>;

Phython

Centos 7

For Centos 7 you must install pithon 3.6 from IUS repository (in packages's names added letter "u"):

sudo yum install https://centos7.iuscommunity.org/ius-release.rpm
sudo yum install python36u python36u-devel python36u-setuptools

Instal virtualenv:

sudo pip3 install virtualenv

Centos 8

sudo dnf install python36 python36u-devel

Install virtualenv:

sudo pip3 install virtualenv

Create vitual environment once for all pushgate services (use python 3.6 only)

mkdir -p /var/app/
virtualenv -p python3.6 /var/app/.env

Install services

cd /var/app
source .env/bin/activate

Next step is putting files into current directory. There are two ways:

  • Extract archives recieved from SafeTech.
  • From Safe-Tech Repository (throught internal network only). Example:
    git clone git@gitlab.paycontrol.org:pushgate/pushgate.git
    git clone git@gitlab.paycontrol.org:pushgate/tasker.git
    git clone git@gitlab.paycontrol.org:pushgate/push-secretary.git
    git clone git@gitlab.paycontrol.org:pushgate/payloader.git
    git clone git@gitlab.paycontrol.org:pushgate/apple-pusher.git
    git clone git@gitlab.paycontrol.org:pushgate/google-pusher.git
    git clone git@gitlab.paycontrol.org:pushgate/callbacker.git
    git clone git@gitlab.paycontrol.org:pushgate/status-porter.git
    git clone git@gitlab.paycontrol.org:pushgate/housekeeper.git
    

When PCInform files is on the place, proceed installation:

pip install -e pushgate
pip install -e tasker
pip install -e push-secretary
pip install -e payloader
pip install -e apple-pusher
pip install -e google-pusher
pip install -e callbacker
pip install -e status-porter
pip install -e housekeeper

Fix of version mismatches

Because of using multiple libraries may occurs some version mismatches between of them. For example:

Errors may occurs, during google-pusher installation:

yarl 1.2.4 has requirement multidict>=4.0, but you'll have multidict 2.1.6 which is incompatible.
aiohttp 3.3.1 has requirement multidict<5.0,>=4.0, but you'll have multidict 2.1.6 which is incompatible.

Errors may occurs, during callbacker, status-porter and housekeeper installation:

aioxmpp 0.9.1 has requirement multidict~=2.0, but you'll have multidict 4.3.1 which is incompatible.

In this case, you need to:

pip uninstall multidict
pip uninstall yarl
pip uninstall aiohttp
pip install multidict==2.1.6
pip install aiohttp==2.1.0

Configure services

cd /var/app
git clone git@gitlab.paycontrol.org:pushgate/configuration.git
cp configuration/pushgate.conf.DEFAULT configuration/pushgate.conf
vi configuration/pushgate.conf

Add your APNS and Firebase credentials to pushgate.conf.

cp -R configuration/services/* /etc/systemd/system

Config DB connection in /var/app/configuration/pushgate.conf

DB_DSN=postgres://<DB_USER>:<DB_USER_S_PASSWORD>@127.0.0.1/<DB_NAME>

Configure SELinux

For Centos 8 you need to configure SELinux. At first, install SELinux utils:

dnf install policycoreutils-python-utils

Then set contexts:

semanage fcontext -a -t var_run_t  /var/app/configuration/pushgate.conf
semanage fcontext -a -t bin_t /var/app/.env/bin/apple-pusher
semanage fcontext -a -t bin_t /var/app/.env/bin/callbacker
semanage fcontext -a -t bin_t /var/app/.env/bin/google-pusher
semanage fcontext -a -t bin_t /var/app/.env/bin/housekeeper
semanage fcontext -a -t bin_t /var/app/.env/bin/payloader
semanage fcontext -a -t bin_t /var/app/.env/bin/push-secretary
semanage fcontext -a -t bin_t /var/app/.env/bin/status-porter
restorecon -v /var/app/configuration/pushgate.conf
restorecon -Rv /var/app/.env/bin/

Start services

systemctl start push_secretary
systemctl start payloader
systemctl start apple_pusher@{1..6}
systemctl start google_pusher@{1..8}
systemctl start callbacker@{1..2}
systemctl start status_porter@{1..2}
systemctl start housekeeper

Check services status

systemctl status push_secretary
systemctl status push_secretary | grep '.service - \|Active'
systemctl status payloader | grep '.service - \|Active'
systemctl status apple_pusher@{1..6} | grep '.service - \|Active'
systemctl status google_pusher@{1..8} | grep '.service - \|Active'
systemctl status callbacker@{1..2} | grep '.service - \|Active'
systemctl status status_porter@{1..2} | grep '.service - \|Active'
systemctl status housekeeper | grep '.service - \|Active'

While housekeeper had not started with error:
"ConnectionRefusedError: [Errno 111] Connection refused",
other services had started, but in status of services contains errors, like:
"ERROR amqp:073 Couldn't connect to RabbitMQ server to consume ([Errno 111] Connection refused)"
add to /etc/systemd/system/*.service file, in [Unit] section, (where * is apple_pusher@, google_pusher@, callbacker, status_porter, housekeeper):

After=rabbitmq-server.service

While after request to localhost:80/8080 payloader/push_secretary get errors, you need to change current version uvloop to 0.8.1

pip uninstall uvloop
pip install uvloop==0.8.1

Enable services

systemctl enable push_secretary
systemctl enable payloader
systemctl enable apple_pusher@{1..6}
systemctl enable google_pusher@{1..8}
systemctl enable callbacker@{1..2}
systemctl enable status_porter@{1..2}
systemctl enable housekeeper

At this step you may set up number of processes. For example, if you need just one of apple_pusher process, you need to correct systemctl enable command like this:

systemctl enable apple_pusher@1

Ajusting quantity of push_secretary and payloader serveces is in the configuration/pushgate.conf file, described here.

Reinstall (update) services

Backup

Backup all files, that was modified, or you want to save during update. In example it may be:

  • configuration file configuration/pushgate.conf;
  • APNS certificates.

Stop services

systemctl stop push_secretary
systemctl stop payloader
systemctl stop apple_pusher@{1..6}
systemctl stop google_pusher@{1..8}
systemctl stop callbacker@{1..2}
systemctl stop status_porter@{1..2}
systemctl stop housekeeper

Change environment

cd /var/app
source .env/bin/activate

Update files

Next step is putting new files into current directory. There are two ways:

  • Extract archives recieved from SafeTech.
  • From Safe-Tech Repository (throught internal network only). Example:
cd apple-pusher
git checkout .
git pull
cd ../callbacker
git checkout .
git pull
cd ../configuration
git checkout .
git pull
cd ../google-pusher
git checkout .
git pull
cd ../housekeeper
git checkout .
git pull
cd ../payloader
git checkout .
git pull
cd ../pushgate
git checkout .
git pull
cd ../push-secretary
git checkout .
git pull
cd ../status-porter
git checkout .
git pull
cd ../tasker
git checkout .
git pull
cd ../

Update components

Update pip:

pip install --upgrade pip

Update PCInform components:

pip install --upgrade -e pushgate
pip install --upgrade -e tasker
pip install --upgrade -e push-secretary
pip install --upgrade -e payloader
pip install --upgrade -e apple-pusher
pip install --upgrade -e google-pusher
pip install --upgrade -e callbacker
pip install --upgrade -e status-porter
pip install --upgrade -e housekeeper

Start services

systemctl start push_secretary
sleep 3
systemctl status push_secretary
sleep 1
systemctl start payloader
sleep 3
systemctl status payloader
sleep 1
systemctl start apple_pusher@{1..6}
sleep 3
systemctl status apple_pusher@{1..6}
sleep 1
systemctl start google_pusher@{1..8}
sleep 3
systemctl status google_pusher@{1..8}
sleep 1
systemctl start callbacker@{1..2}
sleep 3
systemctl status callbacker@{1..2}
sleep 1
systemctl start status_porter@{1..2}
sleep 3
systemctl status status_porter@{1..2}
sleep 1
systemctl start housekeeper
sleep 3
systemctl status housekeeper

Customization

Optimum services count for 20 CPU

push_secretary workers count = 3
payloader workers count = 3
apple_pusher@{1..6}
google_pusher@{1..8}
status_porter@{1..2}
callbacker@{1..2}```

Set up NGINX for SSL/TLS-Offload for payloader

Use Google, something like this https://www.digitalocean.com/community/tutorials/how-to-set-up-nginx-load-balancing-with-ssl-termination