Created
June 3, 2017 23:07
-
-
Save sknutsonsf/e68310e7c6890c4bc669102af71dcdce to your computer and use it in GitHub Desktop.
SUdoers example for cherrypy and celery
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This gist assumes you have a cherrypy server configured with name "powwow-webapp" | |
# and two celery queues -- all running on the same machine | |
# In production you'd want the webserver and celery should be on different machines | |
#Allow powwow user to restart apache and cherrypy (webapp) | |
Cmnd_Alias POWWOW_WEB=/bin/systemctl restart httpd, /bin/systemctl restart powwow-webapp, /bin/systemctl stop httpd, /bin/systemctl start httpd, /bin/systemctl stop powwow-webapp, /bin/systemctl start powwow-webapp | |
Cmnd_Alias POWWOW_CELERY=/bin/systemctl start celeryd, /bin/systemctl start long-job-celeryd, /bin/systemctl stop celeryd, /bin/systemctl stop long-job-celeryd,/bin/systemctl restart celeryd,/bin/systemctl restart long-job-celeryd | |
# we allow the powwow user to execute these as root without entering passwords, so they can be called from a fab script | |
powwow ALL=(root) NOPASSWD: POWWOW_WEB, POWWOW_CELERY |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment