update postgres from 12 to 13

.drone.yml

@@ -6,7 +6,7 @@ steps:
     image: git.coopcloud.tech/coop-cloud/stack-ssh-deploy:latest
     settings:
       host: swarm-test.autonomic.zone
-      stack: pretix
+      stack: {{ .Name }}
       generate_secrets: true
       purge: true
       deploy_key:
@@ -14,17 +14,11 @@ steps:
       networks:
         - proxy
     environment:
-      DOMAIN: pretix.swarm-test.autonomic.zone
-      STACK_NAME: pretix
+      DOMAIN: {{ .Name }}.swarm-test.autonomic.zone
+      STACK_NAME: {{ .Name }}
       LETS_ENCRYPT_ENV: production
-      CRON_ENTRYPOINT_VERSION: v1
-      DB_ENTRYPOINT_VERSION: v1
-      SECRET_DB_PASSWORD_VERSION: v1
-      SECRET_DJANGO_SECRET_KEY_VERSION: v1
-      SECRET_SMTP_PASSWORD_VERSION: v1
-      PRETIX_CONFIG_VERSION: v1
       PG_BACKUP_VERSION: v1
-      SECRET_ADMIN_PASS_VERSION: v1
+      PRETIX_CONFIG_VERSION: v1
 trigger:
   branch:
     - main
@@ -40,7 +34,7 @@ steps:
         from_secret: drone_abra-bot_token
       fork: true
       repositories:
-        - toolshed/auto-recipes-catalogue-json
+        - coop-cloud/auto-recipes-catalogue-json
 
 trigger:
   event: tag

.env.sample

@@ -2,16 +2,15 @@ TYPE=pretix
 
 DOMAIN=pretix.example.com
 
+ENABLE_BACKUPS=true
+
 ## Domain aliases
 #EXTRA_DOMAINS=', `www.pretix.example.com`'
 
 LETS_ENCRYPT_ENV=production
-ENABLE_BACKUPS=true
-POST_DEPLOY_CMDS="app change_admin_pass"
 
 SECRET_DB_PASSWORD_VERSION=v1
 SECRET_DJANGO_SECRET_KEY_VERSION=v1
-SECRET_ADMIN_PASS_VERSION=v1
 
 SECRET_SMTP_PASSWORD_VERSION=v1
 SMTP_FROM=hello@localhost
@@ -19,4 +18,4 @@ SMTP_HOST=127.0.0.71
 SMTP_USER=pretix
 SMTP_PORT=1025
 SMTP_TLS=on
-SMTP_SSL=off
+SMTP_SSL=off

README.md

@@ -1,17 +1,17 @@
 # pretix
 
-> Ticket shop application for conferences, festivals, concerts, tech events, shows, exhibitions, workshops, barcamps, etc.
+> One line description of the recipe
 
 <!-- metadata -->
 
 * **Category**: Apps
 * **Status**: 0
 * **Image**: [`pretix`](https://hub.docker.com/r/pretix), 4, upstream
-* **Healthcheck**: Yes
-* **Backups**: Yes
-* **Email**: Yes
+* **Healthcheck**: No
+* **Backups**: No
+* **Email**: No
 * **Tests**: No
-* **SSO**: Only supported for customer accounts, see [documentation](https://docs.pretix.eu/en/latest/user/customers/index.html)
+* **SSO**: No
 
 <!-- endmetadata -->
 
@@ -21,8 +21,6 @@
 * `abra app config <app-name>`
 * `abra app deploy <app-name>`
 * If you get an internal server error, try running `pretix migrate` inside the app container
-* Initial admin is `admin@localhost` with password `admin`
-* Change immediately via gui or `abra app cmd <DOMAIN> app change_adminpass`
 
 For more, see [`docs.coopcloud.tech`](https://docs.coopcloud.tech).
 
@@ -30,7 +28,7 @@ For more, see [`docs.coopcloud.tech`](https://docs.coopcloud.tech).
 ## TODO
 
 * [X] mail
-* [x] healthchecks
-* [x] cronjob: 15,45 * * * * /usr/bin/docker exec pretix.service pretix cron
-* [x] backups https://docs.pretix.eu/en/latest/admin/maintainance.html#maintainance
+* [ ] healthchecks
+* [ ] cronjob: 15,45 * * * * /usr/bin/docker exec pretix.service pretix cron
+* [ ] backups https://docs.pretix.eu/en/latest/admin/maintainance.html#maintainance
 * [ ] plugins

abra.sh

@@ -1,16 +1,2 @@
-export PRETIX_CONFIG_VERSION=v2
-export CRON_ENTRYPOINT_VERSION=v1
-export DB_ENTRYPOINT_VERSION=v2
+export PRETIX_CONFIG_VERSION=v1
 export PG_BACKUP_VERSION=v1
-
-change_adminpass(){
-    password=$(cat /run/secrets/admin_pass)
-    ~/src/manage.py shell -c """
-from django.contrib.auth import get_user_model
-UserModel = get_user_model()
-u = UserModel.objects.get(email='admin@localhost')
-u.set_password('$password')
-u.save()
-"""
-echo "Changed admin password"
-}

compose.yml

@@ -3,7 +3,7 @@ version: "3.8"
 
 services:
   app:
-    image: 'pretix/standalone:2025.5.0'
+    image: 'pretix/standalone:2024.1.0'
     networks:
       - proxy
       - internal
@@ -16,7 +16,6 @@ services:
       - db_password
       - smtp_password
       - django_secret_key
-      - admin_pass
     deploy:
       restart_policy:
         condition: on-failure
@@ -26,16 +25,16 @@ services:
         - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})"
         - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
         - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
-        - "coop-cloud.${STACK_NAME}.version=2.1.0+2025.5.0"
-    healthcheck:
-      test: ["CMD", "curl", "-f", "http://localhost/healthcheck"]
-      interval: 30s
-      timeout: 10s
-      retries: 10
-      start_period: 1m
+        - "coop-cloud.${STACK_NAME}.version=1.0.0+2024.1.0"
+    # healthcheck:
+    #   test: ["CMD", "curl", "-f", "http://localhost"]
+    #   interval: 30s
+    #   timeout: 10s
+    #   retries: 10
+    #   start_period: 1m
 
   db:
-    image: postgres:16
+    image: postgres:13
     volumes:
       - "postgres:/var/lib/postgresql/data"
     networks:
@@ -46,28 +45,25 @@ services:
       POSTGRES_DB: pretix
     secrets:
       - db_password
-    configs:
-      - source: pg_backup
-        target: /pg_backup.sh
-        mode: 0555
-      - source: db_entrypoint
-        target: /docker-entrypoint.sh
-        mode: 0555
-    entrypoint: /docker-entrypoint.sh
     healthcheck:
-      test: ["CMD-SHELL", "[ -f $${HEALTHCHECK_MARKER} ] || pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"]
+      test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"]
       interval: 10s
       timeout: 5s
       retries: 5
     deploy:
       labels:
         backupbot.backup: "${ENABLE_BACKUPS:-true}"
-        backupbot.backup.pre-hook: "/pg_backup.sh backup" 
+        backupbot.backup.pre-hook: "/pg_backup.sh backup"
         backupbot.backup.volumes.postgres.path: "backup.sql"
         backupbot.restore.post-hook: '/pg_backup.sh restore'
+        backupbot.backup.volumes.redis: "false"
+    configs:
+        - source: pg_backup
+          target: /pg_backup.sh
+          mode: 0555
 
   redis:
-    image: redis:8.0.2-alpine
+    image: redis:7.0.10-alpine
     volumes:
       - "redis:/data"
     healthcheck:
@@ -78,19 +74,6 @@ services:
     networks:
       - internal
 
-  cron:
-    image: alpinelinux/docker-cli:latest
-    environment:
-      - STACK_NAME=${STACK_NAME}
-    volumes:
-      - /var/run/docker.sock:/var/run/docker.sock
-    entrypoint:
-      /entrypoint.sh
-    configs:
-      - source: cron_entrypoint
-        target: /entrypoint.sh
-        mode: 0555
-
 volumes:
   app:
   postgres:
@@ -101,13 +84,6 @@ configs:
     name: ${STACK_NAME}_pretix_config_${PRETIX_CONFIG_VERSION}
     file: pretix.cfg.tmpl
     template_driver: golang
-  cron_entrypoint:
-    name: ${STACK_NAME}_cron_entrypoint_${CRON_ENTRYPOINT_VERSION}
-    file: entrypoint.cron.sh
-  db_entrypoint:
-    name: ${STACK_NAME}_db_entrypoint_${DB_ENTRYPOINT_VERSION}
-    file: entrypoint.postgres.sh.tmpl
-    template_driver: golang
   pg_backup:
     name: ${STACK_NAME}_pg_backup_${PG_BACKUP_VERSION}
     file: pg_backup.sh
@@ -128,6 +104,3 @@ secrets:
   django_secret_key:
     external: true
     name: ${STACK_NAME}_django_secret_key_${SECRET_DJANGO_SECRET_KEY_VERSION}
-  admin_pass:
-    external: true
-    name: ${STACK_NAME}_admin_pass_${SECRET_ADMIN_PASS_VERSION}

entrypoint.cron.sh

@@ -1,3 +0,0 @@
-#!/bin/sh
-
-echo '15,45 * * * * docker exec $(docker ps -qf 'name=${STACK_NAME}_app') pretix runperiodic' | crontab - && crond -f -d 8

entrypoint.postgres.sh.tmpl

@@ -1,80 +0,0 @@
-#!/bin/bash
-
-set -e
-
-HEALTHCHECK_MARKER=/tmp/skip_healthcheck
-touch $HEALTHCHECK_MARKER
-MIGRATION_MARKER=$PGDATA/migration_in_progress
-OLDDATA=$PGDATA/old_data
-NEWDATA=$PGDATA/new_data
-
-install_old_postgres_debian() {
-  ## TODO: Replace with script from outline entrypoint
-  apt-get update
-  apt-get install -y git
-  git clone https://github.com/theory/pgenv.git /tmp/pgenv
-  cd /tmp/pgenv
-  export PATH="/tmp/pgenv/bin:/tmp/pgenv/pgsql/bin:$PATH"
-
-  # Install missing packages
-  apt-get install -y make curl patch gcc sudo libreadline-dev zlib1g-dev build-essential
-  pgenv check
-  LATEST_OLD_VERSION=$(pgenv available $DATA_VERSION | grep -oE "$DATA_VERSION\.[0-9]+" | tail -n 1)
-  pgenv build $LATEST_OLD_VERSION
-}
-
-install_old_postgres_alpine() {
-  apk add git
-  git clone https://github.com/theory/pgenv.git /tmp/pgenv
-  cd /tmp/pgenv
-  export PATH="/tmp/pgenv/bin:/tmp/pgenv/pgsql/bin:$PATH"
-
-  #Install Missing pagckages:
-  apk add make curl make patch gcc alpine-sdk sudo readline-dev build-base zlib-dev linux-headers
-  pgenv check
-  LATEST_OLD_VERSION=$(pgenv available $DATA_VERSION | grep -oE "$DATA_VERSION\.[0-9]+" | tail -n 1)
-  pgenv build $LATEST_OLD_VERSION
-}
-
-if [ -e $MIGRATION_MARKER ]; then
-  echo "FATAL: migration was started but did not complete in a previous run. manual recovery necessary"
-  exit 1
-fi
-
-if [ -f $PGDATA/PG_VERSION ]; then
-  DATA_VERSION=$(cat $PGDATA/PG_VERSION)
-
-  if [ -n "$DATA_VERSION" -a "$PG_MAJOR" != "$DATA_VERSION" ]; then
-    echo "postgres data version $DATA_VERSION found, but need $PG_MAJOR. Starting migration"
-    echo "Installing postgres $DATA_VERSION"
-    if [ -f /etc/alpine-release ]; then
-      install_old_postgres_alpine
-    else
-      install_old_postgres_debian
-    fi
-    echo "shuffling around"
-    gosu postgres mkdir $OLDDATA
-    chmod 700 $OLDDATA
-    mv $PGDATA/* $OLDDATA/ || true
-    gosu postgres mkdir $NEWDATA
-    chmod 700 $NEWDATA
-    touch $MIGRATION_MARKER
-    echo "running initdb"
-    # abuse entrypoint script for initdb by making server error out
-    gosu postgres bash -c "export PGDATA=$NEWDATA ; /usr/local/bin/docker-entrypoint.sh --invalid-arg || true"
-    echo "running pg_upgrade"
-    cd /tmp
-    sleep 5
-    gosu postgres pg_upgrade --link -b /tmp/pgenv/pgsql-$LATEST_OLD_VERSION/bin -d $OLDDATA -D $NEWDATA -U $POSTGRES_USER
-    cp $OLDDATA/pg_hba.conf $NEWDATA/
-    mv $NEWDATA/* $PGDATA
-    rm -rf $OLDDATA
-    rmdir $NEWDATA
-    rm $MIGRATION_MARKER
-    echo "migration complete"
-  fi
-fi
-
-rm $HEALTHCHECK_MARKER
-
-/usr/local/bin/docker-entrypoint.sh postgres

pg_backup.sh

@@ -5,7 +5,7 @@ set -e
 BACKUP_FILE='/var/lib/postgresql/data/backup.sql'
 
 function backup {
-  export PGPASSWORD=$(cat /run/secrets/db_password)
+  export PGPASSWORD=$(cat $POSTGRES_PASSWORD_FILE)
   pg_dump -U ${POSTGRES_USER} ${POSTGRES_DB} > $BACKUP_FILE
 }
 

pretix.cfg.tmpl

@@ -42,6 +42,9 @@ debug=off
 location=redis://redis:6379/1
 sessions=true
 
+[languages]
+enabled=en,de
+
 [celery]
 backend=redis://redis:6379/1
 broker=redis://redis:6379/2

release/1.5.0+2024.11.0

@@ -1 +0,0 @@
-New major postgres version with automated update script! Make sure to backup your database before.

release/2.0.0+2025.1.0

@@ -1 +0,0 @@
-New secret ADMIN_PASS which will be used to automatically replace the insecure default password

release/next

@@ -0,0 +1 @@
+Postgres update: please do a backup before the upgrade, remove the postgres volume and restore it after the upgrade