From 5c5d2b57dfaf0e43b56b7140717649e356e2cad6 Mon Sep 17 00:00:00 2001 From: Nicolas Streng Date: Tue, 16 Feb 2021 16:45:07 +0100 Subject: [PATCH 1/2] fix: create bench folder in user directory --- bench/playbooks/create_user.yml | 2 +- bench/playbooks/roles/bench/tasks/main.yml | 4 ++-- bench/playbooks/roles/bench/tasks/setup_inputrc.yml | 4 ++-- bench/playbooks/site.yml | 4 ++-- install.py | 8 +++++++- 5 files changed, 14 insertions(+), 8 deletions(-) diff --git a/bench/playbooks/create_user.yml b/bench/playbooks/create_user.yml index 2991afb3..10695833 100644 --- a/bench/playbooks/create_user.yml +++ b/bench/playbooks/create_user.yml @@ -11,7 +11,7 @@ - name: Set home folder perms file: - path: '/home/{{ frappe_user }}' + path: '{{ user_directory }}' mode: 'o+rx' owner: '{{ frappe_user }}' group: '{{ frappe_user }}' diff --git a/bench/playbooks/roles/bench/tasks/main.yml b/bench/playbooks/roles/bench/tasks/main.yml index e01d18b7..164a216e 100644 --- a/bench/playbooks/roles/bench/tasks/main.yml +++ b/bench/playbooks/roles/bench/tasks/main.yml @@ -33,7 +33,7 @@ - name: Fix permissions become_user: root - command: chown {{ frappe_user }} -R /home/{{ frappe_user }} + command: chown {{ frappe_user }} -R {{ user_directory }} - name: python3 bench init for develop command: bench init {{ bench_path }} --frappe-path {{ frappe_repo_url }} --frappe-branch {{ frappe_branch }} --python {{ python }} @@ -77,6 +77,6 @@ # Setup Bench for production environment - include_tasks: setup_bench_production.yml vars: - bench_path: "/home/{{ frappe_user }}/{{ bench_name }}" + bench_path: "{{ user_directory }}/{{ bench_name }}" when: not run_travis and production ... diff --git a/bench/playbooks/roles/bench/tasks/setup_inputrc.yml b/bench/playbooks/roles/bench/tasks/setup_inputrc.yml index 9c88b933..14b47a34 100644 --- a/bench/playbooks/roles/bench/tasks/setup_inputrc.yml +++ b/bench/playbooks/roles/bench/tasks/setup_inputrc.yml @@ -1,11 +1,11 @@ --- - name: insert/update inputrc for history blockinfile: - dest: "/home/{{ frappe_user }}/.inputrc" + dest: "{{ user_directory }}/.inputrc" create: yes block: | ## arrow up "\e[A":history-search-backward ## arrow down "\e[B":history-search-forward -... \ No newline at end of file +... diff --git a/bench/playbooks/site.yml b/bench/playbooks/site.yml index 328cfcba..7a3e106c 100644 --- a/bench/playbooks/site.yml +++ b/bench/playbooks/site.yml @@ -40,8 +40,8 @@ - name: setup bench and dev environment hosts: localhost vars: - bench_repo_path: "/home/{{ frappe_user }}/.bench" - bench_path: "/home/{{ frappe_user }}/{{ bench_name }}" + bench_repo_path: "{{ user_directory }}/.bench" + bench_path: "{{ user_directory }}/{{ bench_name }}" roles: # setup frappe-bench - { role: bench, tags: "bench", when: not run_travis and not without_bench_setup } diff --git a/install.py b/install.py index 71647824..0b154093 100644 --- a/install.py +++ b/install.py @@ -231,10 +231,11 @@ def install_bench(args): # create user if not exists extra_vars = vars(args) extra_vars.update(frappe_user=args.user) + + extra_vars.update(user_directory=get_user_home_directory(args.user)) if os.path.exists(tmp_bench_repo): repo_path = tmp_bench_repo - else: repo_path = os.path.join(os.path.expanduser('~'), 'bench') @@ -383,6 +384,11 @@ def get_extra_vars_json(extra_args): return ('@' + json_path) +def get_user_home_directory(user): + # Return home directory /home/USERNAME or anything else defined as home directory in + # passwd for user. + return os.path.expanduser('~'+user) + def run_playbook(playbook_name, sudo=False, extra_vars=None): args = ['ansible-playbook', '-c', 'local', playbook_name , '-vvvv'] From 294b399942e3b143fdb235efe9176460f12ad9d7 Mon Sep 17 00:00:00 2001 From: Nicolas Streng Date: Wed, 17 Feb 2021 08:18:37 +0100 Subject: [PATCH 2/2] fix: Update documentation for user directory --- docs/easy_install.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/easy_install.md b/docs/easy_install.md index 3c59f308..91ee5566 100644 --- a/docs/easy_install.md +++ b/docs/easy_install.md @@ -34,6 +34,8 @@ If you are on a fresh server and logged in as root, at first create a dedicated *(it is very common to use "frappe" as frappe-username, but this comes with the security flaw of ["frappe" ranking very high](https://www.reddit.com/r/dataisbeautiful/comments/b3sirt/i_deployed_over_a_dozen_cyber_honeypots_all_over/?st=JTJ0SC0Q&sh=76e05240) in as a username challenged in hacking attempts. So, for production sites it is highly recommended to use a custom username harder to guess)* +*(you can specify the flag --home to specify a directory for your [frappe-user]. Bench will follow the home directory specified by the user's home directory e.g. /data/[frappe-user]/frappe-bench)* + Switch to `[frappe-user]` (using `su [frappe-user]`) and start the setup wget https://raw.githubusercontent.com/frappe/bench/develop/install.py @@ -71,7 +73,7 @@ use --python flag to specify virtual environments python version, by default scr ## How do I start ERPNext -1. For development: Go to your bench folder (`frappe-bench` by default) and start the bench with `bench start` +1. For development: Go to your bench folder (`~[frappe-user]/frappe-bench` by default) and start the bench with `bench start` 2. For production: Your process will be setup and managed by `nginx` and `supervisor`. Checkout [Setup Production](https://frappe.io/docs/user/en/bench/guides/setup-production.html) for more information. ---