Skip to content

Commit

Permalink
Use single pretalx system user
Browse files Browse the repository at this point in the history
  • Loading branch information
@rixx
rixx committed Oct 23, 2023
1 parent 810808b commit 96cc4d2
Show file tree
Hide file tree
Showing 4 changed files with 6 additions and 9 deletions.
4 changes: 2 additions & 2 deletions defaults/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@
# seamless updates (sharing a database) or separate instances.
pretalx_instance_identifier: "main"

pretalx_system_user_prefix: "pretalx_"

pretalx_system_user: "pretalx"
pretalx_system_home: "/home/{{ pretalx_system_user }}"
pretalx_database_backend: postgresql
pretalx_database_name: pretalx{{ pretalx_instance_identifier }}
pretalx_database_user: pretalx{{ pretalx_instance_identifier }}
Expand Down
4 changes: 2 additions & 2 deletions templates/pretalx-worker.service.j2
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@ Description=pretalx %I background worker
After=network.target

[Service]
User={{ pretalx_system_user_prefix }}%i
Group={{ pretalx_system_user_prefix }}%i
User={{ pretalx_system_user }}
Group={{ pretalx_system_user }}
ExecStart={{ pretalx_virtualenv }}/bin/celery -A pretalx.celery_app worker -l info
WorkingDirectory={{ pretalx_virtualenv }}/lib/python{{ pretalx_system_python_version }}/site-packages/pretalx
Restart=on-failure
Expand Down
4 changes: 2 additions & 2 deletions templates/pretalx.service.j2
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,8 @@ Requires=pretalx@%i.socket
After=network.target

[Service]
User={{ pretalx_system_user_prefix }}%i
Group={{ pretalx_system_user_prefix }}%i
User={{ pretalx_system_user }}%i
Group={{ pretalx_system_user }}%i

This comment has been minimized.

Sign in to view

Copy link
@MikkCZ

MikkCZ Oct 27, 2023

Contributor

@rixx I believe you also wanted to remove %i from this service file as well, if all Pretalx instances are supposed to run under the same user, respectively it's not expected to have users following the previous convention being suffixed by the instance name.

This comment has been minimized.

Sign in to view

Copy link
@rixx

rixx Oct 30, 2023

Author Member

Hmmm, true. This kinda removes the option to have separate users, which I generally agree with, but it's a bit of a shame in terms of flexibility.

Though this does mean that the file is currently not working correctly at all, as it uses {{ pretalx_virtualenv }}, which should be the parametrised part, right? Unfortunate. I'll open an issue, as I don't have the time to look at this today, and (like I said) already use a private ansible playbook with real multi-venv support …
WorkingDirectory={{ pretalx_virtualenv }}/lib/python{{ pretalx_system_python_version }}/site-packages/pretalx
ExecStart={{ pretalx_virtualenv }}/bin/gunicorn --bind unix:/run/gunicorn/pretalx_%i --workers {{ pretalx_service_workers }} --max-requests {{ pretalx_service_workers_max_requests }} --max-requests-jitter {{ pretalx_service_workers_max_requests_jitter }} pretalx.wsgi
ExecReload=/bin/kill -s HUP $MAINPID
Expand Down
3 changes: 0 additions & 3 deletions vars/main.yml
View file

This file was deleted.

0 comments on commit 96cc4d2

Please sign in to comment.