From ecd9a3060bdcc4309e4fad6c046b72b880618774 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Isma=C3=ABl=20Bouya?= Date: Sat, 26 Jun 2021 10:07:40 +0200 Subject: [PATCH] Make wwwrun run the python application --- .../private/buildbot/projects/denise/__init__.py | 9 ++++++++- modules/private/websites/denise/oms.nix | 14 ++++++++++++-- 2 files changed, 20 insertions(+), 3 deletions(-) diff --git a/modules/private/buildbot/projects/denise/__init__.py b/modules/private/buildbot/projects/denise/__init__.py index 20ba913..2a19ef5 100644 --- a/modules/private/buildbot/projects/denise/__init__.py +++ b/modules/private/buildbot/projects/denise/__init__.py @@ -71,6 +71,13 @@ def denise_oms_factory(): else: return "/run/denise_oms_beta/gunicorn.pid" + @util.renderer + def oms_systemd_service(props): + if props.hasProperty("branch") and len(props["branch"]) > 0 and props["branch"] == "master": + return "denise-oms" + else: + return "denise-oms-beta" + @util.renderer def oms_url(props): if props.hasProperty("branch") and len(props["branch"]) > 0 and props["branch"] == "master": @@ -94,7 +101,7 @@ def denise_oms_factory(): masterdest=oms_path, url=oms_url)) factory.addStep(steps.MasterShellCommand(command=util.Interpolate("chmod -R a+rX %(kw:oms_path)s", oms_path=oms_path))) - factory.addStep(steps.MasterShellCommand(command=util.Interpolate("kill $(cat %(kw:oms_run_path)s)", oms_run_path=oms_run_path))) + factory.addStep(steps.MasterShellCommand(command=util.Interpolate("/run/wrappers/bin/sudo systemctl restart %(kw:oms_service)s.service", oms_service=oms_systemd_service))) return util.BuilderConfig(name="DeniseOMS_build", workernames=["generic-worker-denise"], factory=factory) diff --git a/modules/private/websites/denise/oms.nix b/modules/private/websites/denise/oms.nix index 18773ae..2f18037 100644 --- a/modules/private/websites/denise/oms.nix +++ b/modules/private/websites/denise/oms.nix @@ -38,7 +38,7 @@ in { python = pkgs.python3.withPackages (p: [ p.gunicorn p.flask p.matplotlib p.unidecode ]); in "${python}/bin/gunicorn -w4 -p /run/denise_oms/gunicorn.pid --bind unix:${socket} app:app"; - User = "buildbot"; + User = "wwwrun"; Restart = "always"; RestartSec = "5s"; PIDFile = "/run/denise_oms/gunicorn.pid"; @@ -48,6 +48,16 @@ in { }; }; + security.sudo.extraRules = [ + { + commands = [ + { options = [ "NOPASSWD" ]; command = "${pkgs.systemd}/bin/systemctl restart denise-oms-beta.service"; } + { options = [ "NOPASSWD" ]; command = "${pkgs.systemd}/bin/systemctl restart denise-oms.service"; } + ]; + users = ["buildbot"]; + runAs = "root"; + } + ]; services.websites.env.integration.vhostConfs.denise_oms_beta = { certName = "denise"; addToCerts = true; @@ -77,7 +87,7 @@ in { python = pkgs.python3.withPackages (p: [ p.gunicorn p.flask p.matplotlib p.unidecode ]); in "${python}/bin/gunicorn -w4 -p /run/denise_oms_beta/gunicorn.pid --bind unix:${socket_beta} app:app"; - User = "buildbot"; + User = "wwwrun"; Restart = "always"; RestartSec = "5s"; PIDFile = "/run/denise_oms_beta/gunicorn.pid"; -- 2.41.0