From e6ed7954de14a55e06e373dd1ee211dda65cb4e6 Mon Sep 17 00:00:00 2001 From: Peter van Arkel Date: Wed, 20 May 2026 01:30:02 +0200 Subject: [PATCH] (ops) Add native update wrapper for production deploys Add scripts/update-systemd as a safer routine deploy entrypoint for native systemd installations. The wrapper keeps updates non-interactive, preserves the existing environment file, skips OS package installation, and avoids superuser creation prompts while still reusing the installer refresh flow. Document the update path in the README and capture the maintenance expectation in the development notes. --- README.md | 17 ++++++++++++++--- docs/development.md | 5 +++++ scripts/update-systemd | 41 +++++++++++++++++++++++++++++++++++++++++ 3 files changed, 60 insertions(+), 3 deletions(-) create mode 100755 scripts/update-systemd diff --git a/README.md b/README.md index 325739d..00bc560 100644 --- a/README.md +++ b/README.md @@ -177,16 +177,27 @@ From a fresh checkout or the existing app directory: ``` git pull -sudo scripts/install-systemd --non-interactive +sudo scripts/update-systemd ``` -The installer preserves an existing `/etc/pobsync/pobsync.env` unless you pass `--force-env`. It refreshes the installed -app, Python dependencies, migrations, static files, and restarts the systemd services so new Django code is loaded. +The updater is a thin wrapper around the installer for normal production deploys. It preserves the existing +`/etc/pobsync/pobsync.env`, skips OS package installation, skips superuser creation, refreshes the installed app, updates +Python dependencies, runs migrations, collects static files, and restarts the systemd services so new Django code is +loaded. + +Use the full installer again when you intentionally want to change install-time settings, install OS packages, enable +nginx, or rewrite the environment file: + +``` +sudo scripts/install-systemd --non-interactive +sudo scripts/install-systemd --force-env +``` Then check: ``` systemctl status pobsync-web pobsync-worker pobsync-scheduler +sudo -u pobsync pobsync-manage check ``` ## Development diff --git a/docs/development.md b/docs/development.md index 99e2069..5d512a6 100644 --- a/docs/development.md +++ b/docs/development.md @@ -74,12 +74,17 @@ sudo scripts/install-systemd sudo scripts/install-systemd --non-interactive sudo scripts/install-systemd --verbose sudo scripts/install-systemd --create-superuser --superuser-username admin +sudo scripts/update-systemd ``` The installer should print a short completion summary with the control panel URL, Self Check reminder, and service log commands. Keep normal output user-facing: pobsync step names with OK, FAILED, or SKIPPED. Full apt, pip, Django, and systemd output belongs behind `--verbose` or in the failed step output. +The updater is intentionally a small wrapper around the installer for routine production deploys. It should stay +non-interactive, preserve the existing environment file, skip OS package installation, skip superuser creation, and still +run the Django/runtime refresh steps needed after a code update. + ## Migration Helpers Import existing legacy YAML configs: diff --git a/scripts/update-systemd b/scripts/update-systemd new file mode 100755 index 0000000..5c4eb6e --- /dev/null +++ b/scripts/update-systemd @@ -0,0 +1,41 @@ +#!/bin/sh +set -eu + +SCRIPT_DIR=$(CDPATH= cd -- "$(dirname -- "$0")" && pwd) + +show_help() { + cat <<'EOF' +Usage: sudo scripts/update-systemd [options] + +Refresh an existing native pobsync systemd install from the current checkout. + +This is a thin, safer update wrapper around scripts/install-systemd. It keeps +the install non-interactive, preserves the existing environment file, skips +superuser creation, and skips OS package installation by default. + +Common options are forwarded to install-systemd, for example: + --source-dir PATH + --app-dir PATH + --venv-dir PATH + --env-file PATH + --service-user USER + --service-group GROUP + --install-extras mariadb + --verbose + +If OS packages need to be refreshed, run scripts/install-systemd directly. +EOF +} + +case "${1:-}" in + -h|--help) + show_help + exit 0 + ;; +esac + +exec "$SCRIPT_DIR/install-systemd" \ + --non-interactive \ + --no-install-os-packages \ + --no-create-superuser \ + "$@"