Fixes on systemuser backend
This commit is contained in:
parent
835536eb70
commit
6531bcc4be
12
TODO.md
12
TODO.md
|
@ -427,3 +427,15 @@ mkhomedir_helper or create ssh homes with bash.rc and such
|
|||
# wordpressmu custom_url: set blog.domain
|
||||
|
||||
# validate_user on saas.wordpress to detect if username already exists before attempting to create a blog
|
||||
|
||||
|
||||
# webapps don't override owner and permissions on every save(), just on create
|
||||
# webapps php fpm allow pool config to be overriden. template + pool inheriting template?
|
||||
# get_context signal to overridaconfiguration? best practice: all context on get_context, ever use other context. template rendering as backend generator: proof of concept
|
||||
|
||||
|
||||
# DOmain show implicit records
|
||||
# if not database_ready(): schedule a retry in 60 seconds, otherwise resources and other dynamic content gets fucked, maybe attach some 'signal' when first query goes trough
|
||||
with database_ready:
|
||||
shit_happend, otherwise schedule for first query
|
||||
# Entry.objects.filter()[:1].first() (LIMIT 1)
|
||||
|
|
|
@ -127,7 +127,7 @@ class ServiceHandler(plugins.Plugin, metaclass=plugins.PluginMount):
|
|||
try:
|
||||
return eval(self.metric, safe_locals)
|
||||
except Exception as exc:
|
||||
raise type(exc)("%s on '%s'" %(exc, self.service))
|
||||
raise type(exc)("'%s' evaluating metric for '%s' service" % (exc, self.service))
|
||||
|
||||
def get_order_description(self, instance):
|
||||
safe_locals = self.get_expression_context(instance)
|
||||
|
|
|
@ -55,18 +55,12 @@ class UNIXUserBackend(ServiceController):
|
|||
fi
|
||||
mkdir -p %(base_home)s
|
||||
chmod 750 %(base_home)s
|
||||
ls -A /etc/skel/ | while read line; do
|
||||
if [[ ! -e %(home)s/${line} ]]; then
|
||||
cp -a $line %(home)s/${line} && \
|
||||
chown -R %(user)s:%(group)s %(home)s/${line}
|
||||
fi
|
||||
done
|
||||
fi""") % context
|
||||
""") % context
|
||||
)
|
||||
if context['home'] != context['base_home']:
|
||||
self.append(textwrap.dedent("""
|
||||
# Set extra permissions: %(user)s home is inside %(mainuser)s home
|
||||
if mount | grep "^$(df %(home)s|grep '^/')\s" | grep acl > /dev/null; then
|
||||
if mount | grep "^$(df %(home)s|grep '^/'|cut -d' ' -f1)\s" | grep acl > /dev/null; then
|
||||
# Account group as the owner
|
||||
chown %(mainuser)s:%(mainuser)s %(home)s
|
||||
chmod g+s %(home)s
|
||||
|
@ -78,11 +72,19 @@ class UNIXUserBackend(ServiceController):
|
|||
setfacl -m d:u:%(mainuser)s:rwx %(home)s
|
||||
else
|
||||
chmod g+rxw %(home)s
|
||||
chown %(user)s:%(user)s %(home)s
|
||||
fi""") % context
|
||||
)
|
||||
else:
|
||||
self.append("chown %(user)s:%(group)s %(home)s" % context)
|
||||
self.append(textwrap.dedent("""\
|
||||
chown %(user)s:%(group)s %(home)s
|
||||
ls -A /etc/skel/ | while read line; do
|
||||
if [[ ! -e %(home)s/${line} ]]; then
|
||||
cp -a /etc/skel/${line} %(home)s/${line} && \\
|
||||
chown -R %(user)s:%(group)s %(home)s/${line}
|
||||
fi
|
||||
done
|
||||
""") % context
|
||||
)
|
||||
for member in settings.SYSTEMUSERS_DEFAULT_GROUP_MEMBERS:
|
||||
context['member'] = member
|
||||
self.append('usermod -a -G %(user)s %(member)s || exit_code=$?' % context)
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
This is a wrapper around djcelery and celery `@task` and `@periodic_task` decorators. It provides transparent support for switching between executing a task on a plain Python thread or
|
||||
the traditional way of pushing the task on a queue (rabbitmq) and wait for a Celery worker to run it.
|
||||
|
||||
A queueless threaded execution has the advantage of 0 moving parts instead of the alternative rabbitmq and celery workers. Less dependencies, less memory footprint, less points of failure.
|
||||
A queueless threaded execution has the advantage of 0 moving parts instead of the alternative rabbitmq and celery workers. Less dependencies, less memory footprint, less points of failure, no process keeping, no independent code reloading for the workers.
|
||||
|
||||
If your application needs to run thousands or milions of tasks a day, use celery as your backend, if tens or hundreds, then probably the default thread backend will be your best choice.
|
||||
|
|
|
@ -18,10 +18,11 @@ class WebAppServiceMixin(object):
|
|||
self.append(textwrap.dedent("""
|
||||
# Create webapp dir
|
||||
CREATED=0
|
||||
[[ ! -e %(app_path)s ]] && CREATED=1
|
||||
if [[ ! -e %(app_path)s ]]; then
|
||||
CREATED=1
|
||||
mkdir -p %(app_path)s
|
||||
chown %(user)s:%(group)s %(app_path)s\
|
||||
""") % context
|
||||
chown %(user)s:%(group)s %(app_path)s
|
||||
fi""") % context
|
||||
)
|
||||
|
||||
def set_under_construction(self, context):
|
||||
|
@ -34,7 +35,7 @@ class WebAppServiceMixin(object):
|
|||
sleep 2
|
||||
if [[ ! $(ls -A %(app_path)s | head -n1) ]]; then
|
||||
cp -r %(under_construction_path)s %(app_path)s
|
||||
chown -R %(user)s:%(group)s %(app_path)s
|
||||
chown -R %(user)s:%(group)s %(app_path)s/*
|
||||
fi' &> /dev/null &
|
||||
fi""") % context
|
||||
)
|
||||
|
|
Loading…
Reference in New Issue