CHANGES:

- More robust handling of clusterdb.pkl on database password changes.

BUGFIXES:
- Install: did not consider alternate config dirs for database passwords.

Author: karel26

core/data/impl/nodeimpl.py

@@ -265,6 +265,7 @@ def read_locals(self) -> dict:
             if not node:
                 raise FatalException(f'No configuration found for node {self.name} in {config_file}!')
             dirty = False
+
             # check if we need to secure the database URL
             database_url = node.get('database', {}).get('url')
             if database_url:
@@ -276,6 +277,16 @@ def read_locals(self) -> dict:
                         f"{url.scheme}://{url.username}:SECRET@{url.hostname}:{port}{url.path}?sslmode=prefer"
                     dirty = True
                     self.log.info("Database password found, removing it from config.")
+            else:
+                # if we have a cluster.pkl, rename that
+                cluserdb_pkl = os.path.join(self.config_dir, '.secret', 'clusterdb.pkl')
+                if os.path.exists(cluserdb_pkl):
+                    database_pkl = os.path.join(self.config_dir, '.secret', 'database.pkl')
+                    # remove existing target to ensure a clean move
+                    if os.path.exists(database_pkl):
+                        os.remove(database_pkl)
+                    os.replace(cluserdb_pkl, database_pkl)
+
             if 'DCS' in node:
                 password = node['DCS'].pop('dcs_password', node['DCS'].pop('password', None))
                 if password:
@@ -310,18 +321,28 @@ async def check_db(url: str) -> str | None:
 
         cpool_url = self.config.get("database", self.locals.get('database'))['url']
         lpool_url = self.locals.get("database", self.config.get('database'))['url']
+
         try:
-            password = utils.get_password('clusterdb', self.config_dir)
+            lpool_pwd = utils.get_password('database', self.config_dir)
         except ValueError:
+            self.log.critical(
+                "Please replace the SECRET keyword in your database URL with a password!"
+            )
+            exit(SHUTDOWN)
+
+        if cpool_url != lpool_url:
             try:
-                password = utils.get_password('database', self.config_dir)
-                utils.set_password('clusterdb', password, self.config_dir)
+                cpool_pwd = utils.get_password('clusterdb', self.config_dir)
             except ValueError:
-                self.log.critical("You need to replace the SECRET keyword in your database URL with a proper password!")
+                self.log.critical(
+                    "Please replace the SECRET keyword in your database URL in main.yaml with a password!"
+                )
                 exit(SHUTDOWN)
+        else:
+            cpool_pwd = lpool_pwd
 
-        cpool_url = cpool_url.replace('SECRET', quote(password) or '')
-        lpool_url = lpool_url.replace('SECRET', quote(utils.get_password('database', self.config_dir)) or '')
+        cpool_url = cpool_url.replace('SECRET', quote(cpool_pwd) or '')
+        lpool_url = lpool_url.replace('SECRET', quote(lpool_pwd) or '')
 
         version = await check_db(lpool_url)
         if lpool_url != cpool_url:
@@ -1026,6 +1047,7 @@ async def check_nodes():
                             return True
                         # The master is not alive, take over
                         elif not master or not await is_node_alive(master, config.get('heartbeat', 30)):
+                            self.log.warning("The master node is not responding, taking over ...")
                             await take_over()
                             return True
                         # Master is alive, but we are the preferred one

install.py

@@ -106,7 +106,7 @@ def get_database_host(host: str = '127.0.0.1', port: int = 5432) -> tuple[str, i
         return host, port
 
     @staticmethod
-    def get_database_url(user: str, database: str) -> str | None:
+    def get_database_url(user: str, database: str, config_dir: str | None = 'config') -> str | None:
         host, port = Install.get_database_host('127.0.0.1', 5432)
         while True:
             master_db = Prompt.ask(_('Please enter the name of your PostgreSQL master database'), default='postgres')
@@ -117,7 +117,7 @@ def get_database_url(user: str, database: str) -> str | None:
                 with psycopg.connect(url, autocommit=True) as conn:
                     with closing(conn.cursor()) as cursor:
                         try:
-                            passwd = utils.get_password('database') or ''
+                            passwd = utils.get_password('database', config_dir) or ''
                         except ValueError:
                             passwd = secrets.token_urlsafe(8)
                         try:
@@ -137,8 +137,8 @@ def get_database_url(user: str, database: str) -> str | None:
                                 print(_('[yellow]You have entered 3x a wrong password. I have reset it.[/]'))
                                 passwd = secrets.token_urlsafe(8)
                                 cursor.execute(f"ALTER USER {user} WITH ENCRYPTED PASSWORD '{passwd}'")
-                        # store the password
-                        utils.set_password('database', passwd)
+                        # store the (new) password
+                        utils.set_password('database', passwd, config_dir)
                         with suppress(psycopg.Error):
                             cursor.execute(f"CREATE DATABASE {database}")
                             cursor.execute(f"GRANT ALL PRIVILEGES ON DATABASE {database} TO {user}")
@@ -340,7 +340,7 @@ def install(self, config_dir: str, user: str, database: str):
 
         print(_("\n{}. [u]Database Setup[/]").format(i + 1))
         if master:
-            database_url = Install.get_database_url(user, database)
+            database_url = Install.get_database_url(user, database, config_dir)
             if not database_url:
                 self.log.error(_("Aborted: No valid Database URL provided."))
                 exit(-2)
@@ -357,7 +357,7 @@ def install(self, config_dir: str, user: str, database: str):
                 hostname, port = self.get_database_host(url.hostname, url.port)
                 database_url = f"{url.scheme}://{url.username}:{url.password}@{hostname}:{port}{url.path}?sslmode=prefer"
             else:
-                database_url = Install.get_database_url(user, database)
+                database_url = Install.get_database_url(user, database, config_dir)
                 if not database_url:
                     self.log.error(_("Aborted: No valid Database URL provided."))
                     exit(-2)

services/bot/dcsserverbot.py

@@ -1,4 +1,3 @@
-import aiohttp
 import asyncio
 import discord
 
@@ -257,8 +256,8 @@ async def register_guild_name():
                 self.log.warning('- Discord connection re-established.')
         except FatalException:
             raise
-        except aiohttp.ServerDisconnectedError:
-            self.log.warning("Discord connection lost.")
+        except discord.HTTPException as ex:
+            self.log.warning(f"Discord connection error: {repr(ex)}")
             pass
         except Exception as ex:
             self.log.exception(ex)