From 87216bdc02b5cda5f5d884d7961e1c2d380bcb73 Mon Sep 17 00:00:00 2001 From: billz Date: Fri, 8 Mar 2024 10:48:41 +0100 Subject: [PATCH] Update sudoers .env permissions, systemd service user --- installers/raspap.sudoers | 3 +++ installers/restapi.service | 3 ++- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/installers/raspap.sudoers b/installers/raspap.sudoers index ed84ad00..b87fdb80 100644 --- a/installers/raspap.sudoers +++ b/installers/raspap.sudoers @@ -28,6 +28,9 @@ www-data ALL=(ALL) NOPASSWD:/bin/systemctl stop openvpn-client@client www-data ALL=(ALL) NOPASSWD:/bin/systemctl disable openvpn-client@client www-data ALL=(ALL) NOPASSWD:/bin/systemctl start restapi.service www-data ALL=(ALL) NOPASSWD:/bin/systemctl stop restapi.service +www-data ALL=(ALL) NOPASSWD:/bin/systemctl status restapi.service +www-data ALL=(ALL) NOPASSWD:/bin/touch /etc/raspap/api/.env +www-data ALL=(ALL) NOPASSWD:/bin/mv /tmp/.env /etc/raspap/api/.env www-data ALL=(ALL) NOPASSWD:/bin/mv /tmp/ovpn/* /etc/openvpn/client/*.conf www-data ALL=(ALL) NOPASSWD:/usr/bin/ln -s /etc/openvpn/client/*.conf /etc/openvpn/client/*.conf www-data ALL=(ALL) NOPASSWD:/bin/rm /etc/openvpn/client/*.conf diff --git a/installers/restapi.service b/installers/restapi.service index 237dce79..4fccd105 100644 --- a/installers/restapi.service +++ b/installers/restapi.service @@ -3,10 +3,11 @@ Description=raspap-restapi After=network.target [Service] -User=%i +User=pi WorkingDirectory=/etc/raspap/api LimitNOFILE=4096 ExecStart=/usr/bin/python3 -m uvicorn main:app --host 0.0.0.0 --port 8081 --reload +ExecStop=/bin/kill -HUP ${MAINPID} Restart=on-failure RestartSec=5s