I'm setting up a backend service using nginx + gunicorn and I want to run the gunicorn part as a service automatically using
systemd but I want to create a separate user and group for that so it's not running with root privilege.
Anyway when I run the command
sudo adduser backend it didn't present me with any prompts, it just created the user with defaults. It also didn't ask me to specify a password. These are the defaults
Code:
GROUP=100
HOME=/home
INACTIVE=-1
EXPIRE=
SHELL=/bin/bash
SKEL=/etc/skel
CREATE_MAIL_SPOOL=yes
I found that group 100 is the 'users' group. But I will change that and create a new group with the same name 'backend'.
My systemd service file looks similar to this
Code:
[Unit]
Description=Gunicorn instance to serve application
After=network.target
[Service]
User=backend
Group=backend
WorkingDirectory=/path/to/your/app
Environment="PATH=/path/to/venv/bin"
ExecStart=/path/to/venv/bin/gunicorn --workers 3 --bind 0.0.0.0:5003 web_dynamic.2-hbnb:app
ExecReload=/bin/kill -s HUP $MAINPID
KillMode=mixed
TimeoutStopSec=5
PrivateTmp=true
[Install]
WantedBy=multi-user.target
I noticed there is no password specified in all the examples I looked at for the systemd service file. What do I do about the password, do I give the new user a password, or create it without one? And how does the service work without entering a password?