diff --git a/doc/admin/config.rst b/doc/admin/config.rst index 7da1046ce..d8ef73b49 100644 --- a/doc/admin/config.rst +++ b/doc/admin/config.rst @@ -155,6 +155,8 @@ Example:: ``admins`` Comma-separated list of email addresses that should receive a report about every error code 500 thrown by pretix. +.. _`django-settings`: + Django settings --------------- @@ -179,6 +181,11 @@ Example:: .. WARNING:: Never set this to ``True`` in production! +``profile`` + Enable code profiling for a random subset of requests. Disabled by default, see + :ref:`perf-monitoring` for details. + +.. _`metrics-settings`: Metrics ------- diff --git a/doc/admin/index.rst b/doc/admin/index.rst index 3cb750df2..af8e2e4ad 100644 --- a/doc/admin/index.rst +++ b/doc/admin/index.rst @@ -10,3 +10,4 @@ Contents: installation/index config + maintainance diff --git a/doc/admin/installation/docker_smallscale.rst b/doc/admin/installation/docker_smallscale.rst index 751968b70..62807e8b5 100644 --- a/doc/admin/installation/docker_smallscale.rst +++ b/doc/admin/installation/docker_smallscale.rst @@ -222,6 +222,8 @@ Yay, you are done! You should now be able to reach pretix at https://pretix.your *admin@localhost* with a password of *admin*. Don't forget to change that password! Create an organizer first, then create an event and start selling tickets! +You should probably read :ref:`maintainance` next. + Updates ------- diff --git a/doc/admin/installation/manual_smallscale.rst b/doc/admin/installation/manual_smallscale.rst index 1af92ea13..1361963c2 100644 --- a/doc/admin/installation/manual_smallscale.rst +++ b/doc/admin/installation/manual_smallscale.rst @@ -255,6 +255,8 @@ Yay, you are done! You should now be able to reach pretix at https://pretix.your *admin@localhost* with a password of *admin*. Don't forget to change that password! Create an organizer first, then create an event and start selling tickets! +You should probably read :ref:`maintainance` next. + Updates ------- diff --git a/doc/admin/maintainance.rst b/doc/admin/maintainance.rst new file mode 100644 index 000000000..27d132d1c --- /dev/null +++ b/doc/admin/maintainance.rst @@ -0,0 +1,72 @@ +.. highlight:: ini + +.. _`maintainance`: + +Backups and Monitoring +====================== + +If you host your own pretix instance, you also need to care about the availability +of your service and the safety of your data yourself. This page gives you some +information that you might need to do so properly. + +Backups +------- + +There are essentially two things which you should create backups of: + +Database + Your SQL database (MySQL or PostgreSQL). This is critical and you should **absolutely + always create automatic backups of your database**. There are tons of tutorials on the + internet on how to do this, and the exact process depends on the choice of your database. + For MySQL, see ``mysqldump`` and for PostgreSQL, see the ``pg_dump`` tool. You probably + want to create a cronjob that does the backups for you on a regular schedule. + +Data directory + The data directory of your pretix configuration might contain some things that you should + back up. If you did not specify a secret in your config file, back up the ``.secret`` text + file in the data directory. If you lose your secret, all currently active user sessions, + password reset links and similar things will be rendered invalid. Also, you probably want + to backup the ``media`` subdirectory of the data directory which contains all user-uploaded + and generated files. This includes files you could in theory regenerate (ticket downloads) + but also files that you might be legally required to keep (invoice PDFs) or files that you + would need to re-upload (event logos, product pictures, etc.). It is up to you if you + create regular backups of this data, but we strongly advise you to do so. You can create + backups e.g. using ``rsync``. There is a lot of information on the internet on how to create + backups of folders on a Linux machine. + +There is no need to create backups of the redis database, if you use it. We only use it for +non-critical, temporary or cached data. + +Uptime monitoring +----------------- + +To monitor whether your pretix instance is running, you can issue a GET request to +``https://pretix.mydomain.com/healthcheck/``. This endpoint tests if the connection to the +database, to the configured cache and to redis (if used) is working correctly. If everything +appears to work fine, an empty response with status code ``200`` is returned. +If there is a problem, a status code in the ``5xx`` range will be returned. + +.. _`perf-monitoring`: + +Performance monitoring +---------------------- + +If you to generate detailled performance statistics of your pretix installation, there is an +endpoint at ``https://pretix.mydomain.com/metrics`` (no slash at the end) which returns a +number of values in the text format understood by monitoring tools like Prometheus_. This data +is only collected and exposed if you enable it in the :ref:`metrics-settings` section of your +pretix configuration. You can also configure basic auth credentials there to protect your +statistics against unauthorized access. The data is temporarily collected in redis, so the +performance impact of this feature depends on the connection to your redis database. + +Currently, mostly response times of HTTP requests and background tasks are exposed. + +If you want to go even further, you can set the ``profile`` option in the :ref:`django-settings` +section to a value between 0 and 1. If you set it for example to 0.1, then 10% of your requests +(randomly selected) will be run with cProfile_ activated. The profiling results will be saved +to your data directory. As this might impact performance significantly and writes a lot of data +to disk, we recommend to only enable it for a small number of requests -- and only if you are +really interested in the results. + +.. _Prometheus: https://prometheus.io/ +.. _cProfile: https://docs.python.org/3/library/profile.html