diff --git a/TODO.md b/TODO.md
index e52c80b1..d1724296 100644
--- a/TODO.md
+++ b/TODO.md
@@ -354,15 +354,3 @@ make django admin taskstate uncollapse fucking traceback, ( if exists ?)
resorce monitoring more efficient, less mem an better queries for calc current data
# best_price rating method
-
-# paramiko arcfour cypher
-
-ciphers=['arcfour128', 'aes256']
-http://paramiko-docs.readthedocs.org/en/latest/api/transport.html
-
-
-
-* Grant and revoke permissions
-
-setfacl: /home/marcay//logs: Operation not permitted
-
diff --git a/orchestra/contrib/orchestration/backends.py b/orchestra/contrib/orchestration/backends.py
index 051ae135..6b3c5bb6 100644
--- a/orchestra/contrib/orchestration/backends.py
+++ b/orchestra/contrib/orchestration/backends.py
@@ -211,7 +211,7 @@ class ServiceBackend(plugins.Plugin, metaclass=ServiceMount):
self.append(
'set -e\n'
'set -o pipefail\n'
- 'exit_code=0;'
+ 'exit_code=0;\n'
)
def commit(self):
diff --git a/orchestra/contrib/systemusers/actions.py b/orchestra/contrib/systemusers/actions.py
index 6363bb86..29190a71 100644
--- a/orchestra/contrib/systemusers/actions.py
+++ b/orchestra/contrib/systemusers/actions.py
@@ -26,7 +26,8 @@ def set_permission(modeladmin, request, queryset):
messages.error("Users from the same account should be selected.")
user = queryset[0]
form = PermissionForm(user)
- if request.method == 'POST':
+ action_value = 'set_permission'
+ if request.POST.get('action') == action_value:
form = PermissionForm(user, request.POST)
if form.is_valid():
cleaned_data = form.cleaned_data
@@ -56,7 +57,7 @@ def set_permission(modeladmin, request, queryset):
context = {
'title': _("Set permission"),
'action_name': _("Set permission"),
- 'action_value': 'set_permission',
+ 'action_value': action_value,
'queryset': queryset,
'opts': opts,
'obj': user,
diff --git a/orchestra/contrib/systemusers/backends.py b/orchestra/contrib/systemusers/backends.py
index e0366c75..8a92ebf7 100644
--- a/orchestra/contrib/systemusers/backends.py
+++ b/orchestra/contrib/systemusers/backends.py
@@ -80,7 +80,6 @@ class UNIXUserBackend(ServiceController):
exclude_acl.append('-not -path "%(perm_home)s/%(exclude)s"' % context)
if exclude_acl:
context['exclude'] = ' \\\n -a '.join(exclude_acl)
-
if user.set_perm_perms == 'read-write':
context['perm_perms'] = 'rwx' if user.set_perm_action == 'grant' else '---'
elif user.set_perm_perms == 'read-only':
diff --git a/orchestra/contrib/systemusers/settings.py b/orchestra/contrib/systemusers/settings.py
index d435c18b..8a42463e 100644
--- a/orchestra/contrib/systemusers/settings.py
+++ b/orchestra/contrib/systemusers/settings.py
@@ -62,6 +62,6 @@ SYSTEMUSERS_MOVE_ON_DELETE_PATH = Setting('SYSTEMUSERS_MOVE_ON_DELETE_PATH',
SYSTEMUSERS_EXLUDE_ACL_PATHS = Setting('SYSTEMUSERS_EXLUDE_ACL_PATHS',
(),
- help_text=("Relative to user's home.
"
+ help_text=("Exlude ACL operations on provided globs, relative to user's home.
"
"e.g. ('logs', 'logs/apache*', 'webapps')"),
)
diff --git a/orchestra/contrib/websites/backends/apache.py b/orchestra/contrib/websites/backends/apache.py
index afd3ce52..c0da42ad 100644
--- a/orchestra/contrib/websites/backends/apache.py
+++ b/orchestra/contrib/websites/backends/apache.py
@@ -106,27 +106,27 @@ class Apache2Backend(ServiceController):
echo -e "${apache_conf}" | diff -N -I'^\s*#' %(sites_available)s -
} || {
echo -e "${apache_conf}" > %(sites_available)s
- UPDATED=1
+ UPDATED_APACHE=1
}""") % context
)
if context['server_name'] and site.active:
self.append(textwrap.dedent("""\
if [[ ! -f %(sites_enabled)s ]]; then
a2ensite %(site_unique_name)s.conf
- UPDATED=1
+ UPDATED_APACHE=1
fi""") % context
)
else:
self.append(textwrap.dedent("""\
if [[ -f %(sites_enabled)s ]]; then
a2dissite %(site_unique_name)s.conf;
- UPDATED=1
+ UPDATED_APACHE=1
fi""") % context
)
def delete(self, site):
context = self.get_context(site)
- self.append("a2dissite %(site_unique_name)s.conf && UPDATED=1" % context)
+ self.append("a2dissite %(site_unique_name)s.conf && UPDATED_APACHE=1" % context)
self.append("rm -f %(sites_available)s" % context)
def prepare(self):
diff --git a/orchestra/settings.py b/orchestra/settings.py
index dedab935..563a3498 100644
--- a/orchestra/settings.py
+++ b/orchestra/settings.py
@@ -79,3 +79,9 @@ ORCHESTRA_DEFAULT_SUPPORT_FROM_EMAIL = Setting('ORCHESTRA_DEFAULT_SUPPORT_FROM_E
ORCHESTRA_EDIT_SETTINGS = Setting('ORCHESTRA_EDIT_SETTINGS',
True
)
+
+
+ORCHESTRA_SSH_CONTROL_PATH = Setting('ORCHESTRA_SSH_CONTROL_PATH',
+ '~/.ssh/orchestra-%r-%h-%p',
+ help_text='Location for the control socket used by the multiplexed sessions, used for SSH connection reuse.'
+)
diff --git a/orchestra/utils/sys.py b/orchestra/utils/sys.py
index eb589fbd..f21e34a2 100644
--- a/orchestra/utils/sys.py
+++ b/orchestra/utils/sys.py
@@ -141,12 +141,13 @@ def run(command, display=False, valid_codes=(0,), silent=False, stdin=b'', async
def sshrun(addr, command, *args, executable='bash', persist=False, **kwargs):
+ from .. import settings
options = ['stricthostkeychecking=no']
if persist:
options.extend((
'ControlMaster=auto',
'ControlPersist=yes',
- 'ControlPath=~/.ssh/orchestra-%r-%h-%p',
+ 'ControlPath=' + settings.ORCHESTRA_SSH_CONTROL_PATH,
))
options = ' -o '.join(options)
cmd = 'ssh -o {options} -C root@{addr} {executable}'.format(options=options, addr=addr,