Commits

Vladimir Mihailenco committed 1447e65

Sudo user creation

  • Participants
  • Parent commits a658fff
  • Branches sudo_refactoring

Comments (0)

Files changed (3)

 .build/
 MANIFEST
 django_fab_deploy.egg-info/
+ve/

File fab_deploy/system.py

 from fab_deploy import utils
 
 
-__all__ = ['create_linux_account', 'ssh_add_key']
+__all__ = ['create_linux_account', 'create_sudo_linux_account', 'ssh_add_key']
 
 
 def prepare_server():
     with settings(warn_only=True):
         utils.safe_sudo('aptitude update')
 
-def create_linux_account(pub_key_file):
+def create_linux_account(pub_key_file, username=None):
     """ Creates linux account, setups ssh access and pip.conf file. """
     with open(os.path.normpath(pub_key_file), 'rt') as f:
         ssh_key = f.read()
 
-    username = env.conf.USER
+    if username is None:
+        username = env.conf.USER
 
     @utils.run_as(username)
     def setup_pip_conf():
             utils.safe_sudo('chown -R %s:%s .ssh' % (username, username))
         setup_pip_conf()
 
+@utils.run_as('root')
+def create_sudo_linux_account(pub_key_file, username=None):
+    if username is None:
+        username = env.conf.SUDO_USER
+
+    with open(os.path.normpath(pub_key_file), 'rt') as f:
+        ssh_key = f.read()
+
+    @utils.run_as(username)
+    def setup_pip_conf():
+        from fab_deploy import virtualenv
+        virtualenv.pip_setup_conf()
+
+    with (settings(warn_only=True)):
+        run('adduser %s --disabled-password --gecos ""' % username)
+        with cd(env.conf.HOME_DIR):
+            run('mkdir -p .ssh')
+            files.append('.ssh/authorized_keys', ssh_key)
+            run('chown -R %s:%s .ssh' % (username, username))
+        setup_pip_conf()
+
+    line = '%s ALL=(ALL) ALL' % username
+    files.append('/etc/sudoers', line)
 
 def ssh_add_key(pub_key_file):
     """ Adds a ssh key from passed file to user's authorized_keys on server. """

File fab_deploy/utils.py

             )
             update_env()
     """
-    assert len(env.hosts)==1, "Multiple hosts in env.hosts are not supported now. (%s)" % env.hosts
+    assert len(env.hosts) == 1, "Multiple hosts in env.hosts are not supported now. (%s)" % env.hosts
     user, host, port = network.normalize(env.hosts[0])
 
     env.conf = getattr(env, 'conf', {})
 
     defaults = state._AttributeDict(
         HG_BRANCH='default',
-        GIT_BRANCH = 'master',
+        GIT_BRANCH='master',
         DB_NAME=env.conf['INSTANCE_NAME'],
         DB_USER='root',
         SUDO_USER='root',
 
         PIP_REQUIREMENTS_PATH='reqs',
         PIP_REQUIREMENTS='all.txt',
-        PIP_REQUIREMENTS_ACTIVE = 'active.txt',
+        PIP_REQUIREMENTS_ACTIVE='active.txt',
 
         # these options shouldn't be set by user
         HOME_DIR=HOME_DIR,
         ENV_DIR=posixpath.join(HOME_DIR, 'envs', env.conf['INSTANCE_NAME']),
         SRC_DIR=SRC_DIR,
-        PROJECT_DIR = PROJECT_DIR,
+        PROJECT_DIR=PROJECT_DIR,
         USER=user,
     )
     defaults.update(env.conf)
         if os.path.exists(path):
             return path
 
-def safe_sudo(command, shell=True, pty=True, combine_stderr=True, user=None):
+def safe_sudo(command, shell=True, pty=True, combine_stderr=True):
     user = env.conf.SUDO_USER
     return sudo(command, shell=shell, pty=pty, combine_stderr=combine_stderr,
-                user=user)
+                user=user)