Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Webservice shouldn't run as root #2

Open
jsievertde opened this issue Jan 3, 2021 · 0 comments
Open

Webservice shouldn't run as root #2

jsievertde opened this issue Jan 3, 2021 · 0 comments

Comments

@jsievertde
Copy link

In our deployment of Mailman3 we aren't running the webservice as root because it doesn't need to run as that.

I would say that for debian the webservice should run as www-data and for redhat as apache or nginx.

If there is a reason why you decided to run the webservice as root let me know.
msaunders-huit added a commit to msaunders-huit/ansible-mailman3 that referenced this issue Mar 5, 2024
@msaunders-huit
Squash commits to consolidate major updates (galaxyproject#2)
4a76086 
* Clone of work published to github.com/galaxyproject/ansible-mailman3
WIP. Tasks completed so far:

- Installation via pip or packages
- User management
- etc/var dir management
- Main config file templating

Template Django app config

Add:

- uWSGI config
- Systemd configs
- Bug fixes to actually get the Django app running

Fixes for Django config and running with systemd

Support Django sites module, run multiple sites if multiple domains are
configured.

Fix HyperKitty configuration

Move group discovery tasks to an import.

Add support for distributing Mailman's Postfix transport maps to MXs

Support installing arbitrary packages with pip

Drop paintstore which was dropped from HyperKitty

Adjust paths to be writable

Support per-domain postorius from addresses when using multiple domains

Support setting the HyperKitty attachment storage directory (instead of
storing in the DB as is the default).

Correct type of DEBUG

Restart Django on config changes

Allow selection of haystack engine

Allow control over Postorius and Hyperkitty mount points

Fix HyperKitty base_url supplied to Core

Check local postfix map, not remote

Disable mail_admins, fedora auth

* Various touchups to deploy to EL 8;

Fix typo

Install rcssmin hack

Try to keep Django<3.0 to avoid missing 'six'

Add uwsgi-logger-file dependency for EL8

Strip %i from mailman3-web.service

Set chmod on uswgi socket

Support setting Django email_backend in local settings file

Add EL 8  to galaxy_info

Adjust folder permissions

Fix for bug #1
 https://github.huit.harvard.edu/mas2714/ansible-mailman3/issues/1

Let others see base_dir & group touch ./etc

Explicitly set base_dir
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@jsievertde