bid_main/migrations/0017_user_nickname_fill.py

@@ -1,7 +1,7 @@
 """Give everybody with a NULL nickname something based on their full name."""
 from __future__ import unicode_literals
 
-from django.db import migrations, IntegrityError, transaction
+from django.db import migrations
 
 
 def set_nickname(model, user, nickname) -> bool:
@@ -9,7 +9,6 @@ def set_nickname(model, user, nickname) -> bool:
 
     count = model.objects.filter(nickname=nickname).count()
     if count > 0:
-        print(f'already {count} user(s) with nickname {nickname!r}')
         return False
 
     user.nickname = nickname
@@ -30,7 +29,6 @@ def random_nums():
 def fill_nicknames(apps, schema_editor):
     """Give users with a NULL nickname something based on their full name."""
     import re
-    import datetime
 
     # We can't import the User model directly as it may be a newer
     # version than this migration expects. We use the historical version.
@@ -42,14 +40,10 @@ def fill_nicknames(apps, schema_editor):
     users = User.objects.filter(nickname=None)
     total_users = users.count()
     last_report = 0
-    start = datetime.datetime.now()
-    print()
-    print(f'    - migrating {total_users} users.')
     for idx, user in enumerate(users):
         perc = idx / total_users
         if perc - last_report > 0.10:
             last_report = perc
-            print(f'    - {idx} ({int(perc*100)}%)')
 
         # We cannot migrate the entire database in one transaction (too many
         # queries for MySQL to handle), so do one transaction per user.
@@ -63,9 +57,6 @@ def fill_nicknames(apps, schema_editor):
             if set_nickname(User, user, f'{base}-{num}'):
                 break
 
-    end = datetime.datetime.now()  # assume the timezone hasn't changed.
-    print(f'Migration of {total_users} took {end - start}')
-
 
 def fake_reverse(apps, schema_editor):
     """Allow reversal of this migration really reversing."""

bid_main/templates/bid_main/confirm_email/sent.html

@@ -3,18 +3,18 @@
 {% block confirm_email_body %}
 <h2>Confirm your email address</h2>
 <p>
-	We have sent an email with instructions to <strong>{{ user.email_to_confirm }}</strong>.
+  We have sent an email with instructions to <strong>{{ user.email_to_confirm }}</strong>.
 </p>
 <p>
-	If the email doesn't arrive shortly, please check your spam folder.
+  If the email doesn't arrive shortly, please check your spam folder.
 </p>
-<div id="poll_ok" style="display: non">
-	<div class="alert alert-success">
-		Your email address has been confirmed.
-	</div>
-	<div class="btn-row justify-content-center mt-3">
-		<a class="btn btn-primary px-5" href="{% url 'bid_main:index' %}">Done</a>
-	</div>
+<div id="poll_ok" style="display: none">
+  <div class="alert alert-success">
+    Your email address has been confirmed.
+  </div>
+  <div class="btn-row justify-content-center mt-3">
+    <a class="btn btn-primary px-5" href="{% url 'bid_main:index' %}">Done</a>
+  </div>
 </div>
 {% endblock %}
 
@@ -24,26 +24,26 @@
   var poll_url = '{% url 'bid_main:confirm-email-poll' %}';
   var $result = $('#poll_result');
 
-  function poll() {
-  	$.get(poll_url)
-  	.done(function(data) {
-  		if (typeof(data.confirmed) === 'undefined' || data.confirmed == null) {
-  			// Not yet confirmed, wait longer
-  			window.setTimeout(poll, 2500);
-  			return;
-  		}
-  		// Confirmation has been confirmed!
-  		$('#poll_ok').show();
-  	})
-  	.fail(function(err) {
-  		// This is a frequent poll and the email address confirmation system works
-  		// fine without it, so let's not bother the user with error messages.
-  		if (console) console.log('Error: ', err);
-
-  		// Try again after a while.
-  		window.setTimeout(poll, 4000);
-  	});
+  function poll(attemptCount) {
+    if (attemptCount > 5) {
+      // Stop, don't poll forever
+      return;
+    }
+    $.get(poll_url)
+    .done(function(data) {
+      if (typeof(data.confirmed) === 'undefined' || data.confirmed == null) {
+        // Not yet confirmed, wait longer with exponential backoff
+        attemptCount += 1;
+        window.setTimeout(poll, 10000 * (2 ** attemptCount), attemptCount);
+        return;
+      }
+      // Confirmation has been confirmed!
+      $('#poll_ok').show();
+    })
+    .fail(function(err) {
+      // Stop on error
+      if (console) console.log('Error: ', err);
+    });
   }
-  // Do a quick test first, then slow down a little bit.
-  window.setTimeout(poll, 250);
+  window.setTimeout(poll, 1000, 0);
 </script>{% endblock footer_scripts %}

blenderid/settings.py

@@ -146,11 +146,9 @@ TEMPLATES = [
 WSGI_APPLICATION = "blenderid.wsgi.application"
 
 DATABASES = {
-    'default': dj_database_url.config(
-        default='postgresql://blender_id:blender_id@127.0.0.1:5432/blender_id',
-        conn_max_age=600,
-    ),
+    'default': dj_database_url.config(default='sqlite:///{}'.format(BASE_DIR / 'db.sqlite3')),
 }
+DATABASES['default']['CONN_MAX_AGE'] = 600
 
 DEFAULT_AUTO_FIELD = 'django.db.models.AutoField'
 

playbooks/README.md

@@ -45,7 +45,7 @@ To encrypt this value, use the following command:
 
     echo -n 'https://foo@bar.example.com/1234' | ansible-vault encrypt_string --vault-id production@prompt --stdin-name 'sentry_dsn'
 
-Store the ouput of the above command in `environments/production/group_vars/all/99_vault.yaml`
+Store the output of the above command in `environments/production/group_vars/all/99_vault.yaml`
 (not tracked by this repository):
 
 ```

playbooks/environments/staging/group_vars/all/01_vars.yaml

@@ -1,8 +1,10 @@
 env: staging
-host: web-2.internal
-db_host: db-postgres-2.internal
+host: web-staging-1.hz-nbg1.blender.internal
+db_host: db-postgres-staging-1.hz-nbg1.blender.internal
 db_name: id_staging
 db_user: id_staging
 branch: main
 
 ssl_only: true
+
+backup_dir: /data/backups

playbooks/environments/staging/hosts.yaml

@@ -1,8 +1,8 @@
 ---
 ingress:
   hosts:
-    lb-2:
+    lb-staging-1.hz-nbg1.blender.internal:
 
 application:
   hosts:
-    web-2:
+    web-staging-1.hz-nbg1.blender.internal:

playbooks/shared

@@ -1 +1 @@
-Subproject commit f3e705b712980c5d2bce58dd94b51665858a2dc3
+Subproject commit 2e9a85dc8b2f9bd3cb807de5a489615355b50f70

playbooks/vars_common.yaml

@@ -36,15 +36,16 @@ rate_limit:
   burst: 50
   delay: 10
 
-mailto: cron@blender.org
 certbot:
   email: root@blender.org
 
 source_url: https://projects.blender.org/infrastructure/{{ project_slug }}.git
 branch: production
 
+backup_dir: /mnt/backup
+
 ssl_only: false
-PGSSLROOTCERT: /usr/local/share/ca-certificates/cloud-init-ca-cert-1.crt
+ca_certificate: /usr/local/share/ca-certificates/cloud-init-ca-cert-1.crt
 
 include_common_services:
   - background
@@ -52,4 +53,5 @@ include_common_services:
   - backup-service-dirs
   - clearsessions
   - delete-completed-tasks
+  - notify-email@
   - process-deletion-requests

requirements.txt

@@ -37,7 +37,6 @@ more-itertools==7.2.0 ; python_version >= "3.8" and python_version < "4"
 oauthlib==3.1.0 ; python_version >= "3.8" and python_version < "4"
 pep562==1.0 ; python_version >= "3.8" and python_version < "4"
 pillow==9.1.0 ; python_version >= "3.8" and python_version < "4"
-psycopg2==2.8.6 ; python_version >= "3.8" and python_version < "4"
 pycparser==2.19 ; python_version >= "3.8" and python_version < "4"
 pygments==2.17.2 ; python_version >= "3.8" and python_version < "4"
 pyinstrument==4.6.0 ; python_version >= "3.8" and python_version < "4"
@@ -58,6 +57,5 @@ sqlparse==0.5.0 ; python_version >= "3.8" and python_version < "4"
 tornado==6.0.3 ; python_version >= "3.8" and python_version < "4"
 urllib3==1.25.11 ; python_version >= "3.8" and python_version < "4"
 user-agents==2.2.0
-uwsgi==2.0.23
 wrapt==1.15.0 ; python_version >= "3.8" and python_version < "4"
 zipp==0.6.0 ; python_version >= "3.8" and python_version < "4"

requirements_prod.txt

@@ -1 +1,3 @@
 -r requirements.txt
+psycopg2==2.8.6
+uwsgi==2.0.23