Fixes on systemuser backend
This commit is contained in:
parent
835536eb70
commit
6531bcc4be
12
TODO.md
12
TODO.md
|
@ -427,3 +427,15 @@ mkhomedir_helper or create ssh homes with bash.rc and such
|
||||||
# wordpressmu custom_url: set blog.domain
|
# wordpressmu custom_url: set blog.domain
|
||||||
|
|
||||||
# validate_user on saas.wordpress to detect if username already exists before attempting to create a blog
|
# validate_user on saas.wordpress to detect if username already exists before attempting to create a blog
|
||||||
|
|
||||||
|
|
||||||
|
# webapps don't override owner and permissions on every save(), just on create
|
||||||
|
# webapps php fpm allow pool config to be overriden. template + pool inheriting template?
|
||||||
|
# get_context signal to overridaconfiguration? best practice: all context on get_context, ever use other context. template rendering as backend generator: proof of concept
|
||||||
|
|
||||||
|
|
||||||
|
# DOmain show implicit records
|
||||||
|
# if not database_ready(): schedule a retry in 60 seconds, otherwise resources and other dynamic content gets fucked, maybe attach some 'signal' when first query goes trough
|
||||||
|
with database_ready:
|
||||||
|
shit_happend, otherwise schedule for first query
|
||||||
|
# Entry.objects.filter()[:1].first() (LIMIT 1)
|
||||||
|
|
|
@ -127,7 +127,7 @@ class ServiceHandler(plugins.Plugin, metaclass=plugins.PluginMount):
|
||||||
try:
|
try:
|
||||||
return eval(self.metric, safe_locals)
|
return eval(self.metric, safe_locals)
|
||||||
except Exception as exc:
|
except Exception as exc:
|
||||||
raise type(exc)("%s on '%s'" %(exc, self.service))
|
raise type(exc)("'%s' evaluating metric for '%s' service" % (exc, self.service))
|
||||||
|
|
||||||
def get_order_description(self, instance):
|
def get_order_description(self, instance):
|
||||||
safe_locals = self.get_expression_context(instance)
|
safe_locals = self.get_expression_context(instance)
|
||||||
|
|
|
@ -55,18 +55,12 @@ class UNIXUserBackend(ServiceController):
|
||||||
fi
|
fi
|
||||||
mkdir -p %(base_home)s
|
mkdir -p %(base_home)s
|
||||||
chmod 750 %(base_home)s
|
chmod 750 %(base_home)s
|
||||||
ls -A /etc/skel/ | while read line; do
|
""") % context
|
||||||
if [[ ! -e %(home)s/${line} ]]; then
|
|
||||||
cp -a $line %(home)s/${line} && \
|
|
||||||
chown -R %(user)s:%(group)s %(home)s/${line}
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
fi""") % context
|
|
||||||
)
|
)
|
||||||
if context['home'] != context['base_home']:
|
if context['home'] != context['base_home']:
|
||||||
self.append(textwrap.dedent("""
|
self.append(textwrap.dedent("""
|
||||||
# Set extra permissions: %(user)s home is inside %(mainuser)s home
|
# Set extra permissions: %(user)s home is inside %(mainuser)s home
|
||||||
if mount | grep "^$(df %(home)s|grep '^/')\s" | grep acl > /dev/null; then
|
if mount | grep "^$(df %(home)s|grep '^/'|cut -d' ' -f1)\s" | grep acl > /dev/null; then
|
||||||
# Account group as the owner
|
# Account group as the owner
|
||||||
chown %(mainuser)s:%(mainuser)s %(home)s
|
chown %(mainuser)s:%(mainuser)s %(home)s
|
||||||
chmod g+s %(home)s
|
chmod g+s %(home)s
|
||||||
|
@ -78,11 +72,19 @@ class UNIXUserBackend(ServiceController):
|
||||||
setfacl -m d:u:%(mainuser)s:rwx %(home)s
|
setfacl -m d:u:%(mainuser)s:rwx %(home)s
|
||||||
else
|
else
|
||||||
chmod g+rxw %(home)s
|
chmod g+rxw %(home)s
|
||||||
chown %(user)s:%(user)s %(home)s
|
|
||||||
fi""") % context
|
fi""") % context
|
||||||
)
|
)
|
||||||
else:
|
else:
|
||||||
self.append("chown %(user)s:%(group)s %(home)s" % context)
|
self.append(textwrap.dedent("""\
|
||||||
|
chown %(user)s:%(group)s %(home)s
|
||||||
|
ls -A /etc/skel/ | while read line; do
|
||||||
|
if [[ ! -e %(home)s/${line} ]]; then
|
||||||
|
cp -a /etc/skel/${line} %(home)s/${line} && \\
|
||||||
|
chown -R %(user)s:%(group)s %(home)s/${line}
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
""") % context
|
||||||
|
)
|
||||||
for member in settings.SYSTEMUSERS_DEFAULT_GROUP_MEMBERS:
|
for member in settings.SYSTEMUSERS_DEFAULT_GROUP_MEMBERS:
|
||||||
context['member'] = member
|
context['member'] = member
|
||||||
self.append('usermod -a -G %(user)s %(member)s || exit_code=$?' % context)
|
self.append('usermod -a -G %(user)s %(member)s || exit_code=$?' % context)
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
This is a wrapper around djcelery and celery `@task` and `@periodic_task` decorators. It provides transparent support for switching between executing a task on a plain Python thread or
|
This is a wrapper around djcelery and celery `@task` and `@periodic_task` decorators. It provides transparent support for switching between executing a task on a plain Python thread or
|
||||||
the traditional way of pushing the task on a queue (rabbitmq) and wait for a Celery worker to run it.
|
the traditional way of pushing the task on a queue (rabbitmq) and wait for a Celery worker to run it.
|
||||||
|
|
||||||
A queueless threaded execution has the advantage of 0 moving parts instead of the alternative rabbitmq and celery workers. Less dependencies, less memory footprint, less points of failure.
|
A queueless threaded execution has the advantage of 0 moving parts instead of the alternative rabbitmq and celery workers. Less dependencies, less memory footprint, less points of failure, no process keeping, no independent code reloading for the workers.
|
||||||
|
|
||||||
If your application needs to run thousands or milions of tasks a day, use celery as your backend, if tens or hundreds, then probably the default thread backend will be your best choice.
|
If your application needs to run thousands or milions of tasks a day, use celery as your backend, if tens or hundreds, then probably the default thread backend will be your best choice.
|
||||||
|
|
|
@ -18,10 +18,11 @@ class WebAppServiceMixin(object):
|
||||||
self.append(textwrap.dedent("""
|
self.append(textwrap.dedent("""
|
||||||
# Create webapp dir
|
# Create webapp dir
|
||||||
CREATED=0
|
CREATED=0
|
||||||
[[ ! -e %(app_path)s ]] && CREATED=1
|
if [[ ! -e %(app_path)s ]]; then
|
||||||
|
CREATED=1
|
||||||
mkdir -p %(app_path)s
|
mkdir -p %(app_path)s
|
||||||
chown %(user)s:%(group)s %(app_path)s\
|
chown %(user)s:%(group)s %(app_path)s
|
||||||
""") % context
|
fi""") % context
|
||||||
)
|
)
|
||||||
|
|
||||||
def set_under_construction(self, context):
|
def set_under_construction(self, context):
|
||||||
|
@ -34,7 +35,7 @@ class WebAppServiceMixin(object):
|
||||||
sleep 2
|
sleep 2
|
||||||
if [[ ! $(ls -A %(app_path)s | head -n1) ]]; then
|
if [[ ! $(ls -A %(app_path)s | head -n1) ]]; then
|
||||||
cp -r %(under_construction_path)s %(app_path)s
|
cp -r %(under_construction_path)s %(app_path)s
|
||||||
chown -R %(user)s:%(group)s %(app_path)s
|
chown -R %(user)s:%(group)s %(app_path)s/*
|
||||||
fi' &> /dev/null &
|
fi' &> /dev/null &
|
||||||
fi""") % context
|
fi""") % context
|
||||||
)
|
)
|
||||||
|
|
Loading…
Reference in a new issue