fix: update to CentOS 8

2020-12-26 12:50:38 +01:00 · 2020-12-26 12:50:38 +01:00 · 194682d89c
commit 194682d89c
parent 6c4b1b5e71
7 changed files with 71 additions and 43 deletions
--- a/installer/vagrant/centos.sh
+++ b/installer/vagrant/centos.sh
@ -3,16 +3,21 @@
 # Additional Repos
 yum install -y epel-release

-# Nux Dextop
-yum install -y http://li.nux.ro/download/nux/dextop/el7/x86_64/nux-dextop-release-0-5.el7.nux.noarch.rpm
+# RPMfusion (for ffmpeg) - needs PowerTools
+dnf install -y https://mirrors.rpmfusion.org/free/el/rpmfusion-free-release-8.noarch.rpm
+dnf config-manager --enable powertools
+
+# xiph multimedia (for icecast)
+curl -o /etc/yum.repos.d/multimedia:xiph.repo \
+    https://download.opensuse.org/repositories/multimedia:/xiph/CentOS_8/multimedia:xiph.repo

 # RaBe Liquidsoap Distribution (RaBe LSD)
 curl -o /etc/yum.repos.d/home:radiorabe:liquidsoap.repo \
-    http://download.opensuse.org/repositories/home:/radiorabe:/liquidsoap/CentOS_7/home:radiorabe:liquidsoap.repo
+    https://download.opensuse.org/repositories/home:/radiorabe:/liquidsoap/CentOS_8/home:radiorabe:liquidsoap.repo

 # RaBe Audio Packages for Enterprise Linux (RaBe APEL)
 curl -o /etc/yum.repos.d/home:radiorabe:audio.repo \
-    http://download.opensuse.org/repositories/home:/radiorabe:/audio/CentOS_7/home:radiorabe:audio.repo
+    https://download.opensuse.org/repositories/home:/radiorabe:/audio/CentOS_8/home:radiorabe:audio.repo

 # Update all the things (just to be sure we are on latest)
 yum update -y
@ -20,13 +25,13 @@ yum update -y
 # Database
 yum install -y postgresql-server patch

-postgresql-setup initdb
+postgresql-setup --initdb

 patch -f /var/lib/pgsql/data/pg_hba.conf << EOD
--- /var/lib/pgsql/data/pg_hba.conf.orig2016-09-01 20:45:11.364000000 -0400
-+++ /var/lib/pgsql/data/pg_hba.conf2016-09-01 20:46:17.939000000 -0400
+--- pg_hba.conf.orig	2020-12-19 13:10:46.828960307 +0000
+++ pg_hba.conf	2020-12-19 13:11:37.356290128 +0000
@@ -78,10 +78,11 @@
-
+ 
 # "local" is for Unix domain socket connections only
 local   all             all                                     peer
 +local   all             all                                     md5
@ -38,7 +43,7 @@ patch -f /var/lib/pgsql/data/pg_hba.conf << EOD
 +host    all             all             ::1/128                 md5
 # Allow replication connections from localhost, by a user with the
 # replication privilege.
- #local   replication     postgres                                peer
+ local   replication     all                                     peer
 EOD

 systemctl enable postgresql
@ -55,6 +60,7 @@ echo "GRANT ALL PRIVILEGES ON DATABASE airtime TO airtime;" | su -l postgres bas


 # RabbitMQ
+curl -s https://packagecloud.io/install/repositories/rabbitmq/rabbitmq-server/script.rpm.sh | sudo bash
 yum install -y rabbitmq-server

 systemctl enable rabbitmq-server
@ -65,44 +71,56 @@ rabbitmqctl add_vhost /airtime
 rabbitmqctl set_permissions -p /airtime airtime ".*" ".*" ".*"

 # LibreTime deps
-# TODO: move me to requirements-file ala debian e.a.
+# some of these are needed to build pip deps and as such should no be installed
+# on production grade systems (mostly the -devel packages)
 yum install -y \
+  cairo-gobject-devel \
+  gcc \
  git \
+  glib2-devel \
+  gobject-introspection-devel \
+  openssl-devel \
  php \
  php-xml \
  php-pdo \
  php-pgsql \
  php-bcmath \
  php-mbstring \
+  php-json \
+  php-process \
+  python36-devel \
  httpd \
-  fdk-aac \
-  liquidsoap \
-  silan \
-  ecasound \
-  alsa-utils \
  icecast \
-  python-pip \
+  liquidsoap \
+  alsa-utils \
  selinux-policy \
-  policycoreutils-python \
-  python-celery \
-  python2-pika \
+  policycoreutils-python-utils \
  lsof \
  xmlstarlet

-# for pip ssl install
-yum install -y \
-  gcc \
-  python-devel \
-  python-lxml \
-  openssl-devel
+# replace icecast init system with proper systemd unit ("ported" from CentOS 7)
+cat > /etc/systemd/system/icecast.service << 'EOD'
+[Unit]
+Description=Icecast Network Audio Streeaming Server
+After=network.target

+[Service]
+ExecStart=/usr/bin/icecast -c /etc/icecast.xml
+ExecReload=/bin/kill -HUP $MAINPID

+[Install]
+WantedBy=multi-user.target
+EOD
+
+# install manually since it isn't required somewhere later
+python3 -mpip install pycairo

 # SELinux Setup
 setsebool -P httpd_can_network_connect 1
 setsebool -P httpd_can_network_connect_db 1
 setsebool -P httpd_execmem on # needed by liquidsoap to do stuff when called by php
 setsebool -P httpd_use_nfs 1 # to get nfs mounted /vagrant
+setsebool -P httpd_graceful_shutdown 1 # to allow prefork to shutdown gracefully
 setsebool -P git_system_use_nfs 1 # same for git

 semanage port -a -t http_port_t -p tcp 9080 # default vagrant web port
@ -117,10 +135,17 @@ restorecon -Rv /vagrant /etc/airtime /srv/airtime
 # Disable default apache page
 sed -i -e 's/^/#/' /etc/httpd/conf.d/welcome.conf

+# Switch to prefork since CentOS will disable mod_php if we use mpm_event
+sed -i \
+  -e 's/#LoadModule mpm_prefork_module/LoadModule mpm_prefork_module/' \
+  -e 's/LoadModule mpm_event_module/#LoadModule mpm_event_module/' \
+  /etc/httpd/conf.modules.d/00-mpm.conf
+
+
 # celery will not run unless we install a specific version (https://github.com/pypa/setuptools/issues/942)
 # this will need to be figured out later on and will get overriden by the docs installer anyhow :(
-pip install setuptools==33.1.1
-pip freeze setuptools==33.1.1
+pip3 install setuptools==33.1.1
+pip3 freeze setuptools==33.1.1

 # the web will fail badly if this is not set, using my personal default just because
 echo 'date.timezone=Europe/Zurich' >> /etc/php.d/timezone.ini