Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support adding alloy user to extra groups #212

Merged
merged 2 commits into from
Jun 3, 2024
Merged

Support adding alloy user to extra groups #212

merged 2 commits into from
Jun 3, 2024

Conversation

v-zhuravlev
Copy link
Collaborator

No description provided.

gardar
gardar reviewed May 31, 2024
View reviewed changes
Copy link
Collaborator

@gardar gardar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you have any examples of groups that the user should be in? Wondering if there should be any groups set by default.

@v-zhuravlev
Copy link
Collaborator Author

v-zhuravlev commented May 31, 2024
edited
Loading

Do you have any examples of groups that the user should be in? Wondering if there should be any groups set by default.

adm - could be used to read logs in /var/logs
docker group could be used to read docker container logs.

Plus, sometimes apps write logs to custom location, limiting access to some custom user and group. (i.e. postgres:postgres)

@v-zhuravlev v-zhuravlev requested a review from gardar May 31, 2024 17:28
@ishanjainn ishanjainn merged commit 8dbd124 into main Jun 3, 2024
7 of 19 checks passed
@ishanjainn ishanjainn deleted the user_groups branch June 3, 2024 06:21
@pjezek
Copy link
Contributor

pjezek commented Oct 2, 2024
edited
Loading

Hello
I just found this MR wich was merged. Exactly what I need [adm, docker], but it looks like it was removed again partially: roles/alloy/tasks/install.yml#L16

I still see it as diff:
git diff 1e161d775b2e16e2a9eaa42aa988fcb6a1a51089 8dbd124a04d2d68689fa7fa3be91db3b077b7589 install.yml

But it was removed in latest change:

git diff 8dbd124a04d2d68689fa7fa3be91db3b077b7589 install.yml
index b78a953..d39c97b 100644
--- a/roles/alloy/tasks/install.yml
+++ b/roles/alloy/tasks/install.yml
@@ -6,37 +6,55 @@

 - name: Create alloy group
   ansible.builtin.group:
-    name: "{{ service_group }}"
+    name: "{{ alloy_service_group }}"
     system: true
   become: true

 - name: Create alloy user
   ansible.builtin.user:
-    name: "{{ service_user }}"
-    groups: "{{ [ service_group ] + alloy_user_groups }}"
+    name: "{{ alloy_service_user }}"
+    group: "{{ alloy_service_group }}"
     system: true
     create_home: false  # Appropriate for a system user, usually doesn't need a home directory
   become: true
...

I added MR 276.

Thanks in advance

@pjezek pjezek mentioned this pull request Oct 2, 2024
Merged
pjezek added a commit to pjezek/grafana-ansible-collection that referenced this pull request Oct 2, 2024
@pjezek
Update install.yml
ca4ebba 
Commit 8dbd124 broke grafana#212, see comments: 
- grafana#212 (comment)
- grafana#209 (comment)
This was referenced Oct 2, 2024
Merged
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ishanjainn ishanjainn ishanjainn approved these changes

@gardar gardar Awaiting requested review from gardar gardar is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@v-zhuravlev @pjezek @gardar @ishanjainn