From ed1fed8d5cef752603ee469d2a093bd9218488ea Mon Sep 17 00:00:00 2001
From: Felipe Reyes <freyes@tty.cl>
Date: Thu, 26 Dec 2013 16:57:08 -0300
Subject: Expose user/group config to configure gunicorn

gunicorn setup was forcing users to run their processes with the user www-data
which isn't available in all distributions (for instance Fedora Linux) and
it's a good practice to run each website under different users to reduce
security issues
---
 manifests/gunicorn.pp  | 4 ++++
 templates/gunicorn.erb | 4 ++--
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/manifests/gunicorn.pp b/manifests/gunicorn.pp
index 13f4872..159afa3 100644
--- a/manifests/gunicorn.pp
+++ b/manifests/gunicorn.pp
@@ -37,6 +37,8 @@
 #   dir         => '/var/www/project1/current',
 #   bind        => 'unix:/tmp/gunicorn.socket',
 #   environment => 'prod',
+#   owner       => 'www-data',
+#   group       => 'www-data',
 #   template    => 'python/gunicorn.erb',
 # }
 #
@@ -53,6 +55,8 @@ define python::gunicorn (
   $dir           = false,
   $bind          = false,
   $environment   = false,
+  $owner         = 'www-data',
+  $group         = 'www-data',
   $template      = 'python/gunicorn.erb',
 ) {
 
diff --git a/templates/gunicorn.erb b/templates/gunicorn.erb
index 99481e7..10f81fa 100644
--- a/templates/gunicorn.erb
+++ b/templates/gunicorn.erb
@@ -13,8 +13,8 @@ CONFIG = {
   },
 <% end -%>
   'working_dir': '<%= @dir %>',
-  'user': 'www-data',
-  'group': 'www-data',
+  'user': '<%= @owner %>',
+  'group': '<%= @group %>',
 <% if @virtualenv -%>
   'python': '<%= @virtualenv %>/bin/python',
 <% else -%>
-- 
cgit v1.2.3