From a0b4b80ca9d65c0860cc6a1fcde313eb3ab4edfd Mon Sep 17 00:00:00 2001
From: Damien De Paoli <ddp@depaoli.id.au>
Date: Sat, 7 Dec 2024 19:40:29 +1100
Subject: [PATCH] clean up and use pauser

---
 wrapper.sh | 12 +++++-------
 1 file changed, 5 insertions(+), 7 deletions(-)

diff --git a/wrapper.sh b/wrapper.sh
index a9f9d83..924c997 100755
--- a/wrapper.sh
+++ b/wrapper.sh
@@ -1,16 +1,14 @@
 #!/bin/bash
 
-echo "ENV is set to: $ENV" &> /var/log/pa_job_manager.out &
-
+sudo -u pauser ENV=${ENV} python3 -u pa_job_manager.py &> /var/log/pa_job_manager.out &
 if [ "$ENV" == "production" ]; then
-    su mythtv -g mythtv -c 'ENV="production" python3 -u /code/pa_job_manager.py' &> /var/log/pa_job_manager.out &
-    gunicorn --bind=0.0.0.0:80 --workers=4 --threads=16 main:app --env ENV="production" --error-logfile gunicorn.error.log --access-logfile gunicorn.log --capture-output
+#    su pauser -g pauser -c 'ENV="production" python3 -u /code/pa_job_manager.py' &> /var/log/pa_job_manager.out &
+    sudo -u pauser gunicorn --bind=0.0.0.0:80 --workers=4 --threads=16 main:app --env ENV="production" --error-logfile gunicorn.error.log --access-logfile gunicorn.log --capture-output
 elif [ "$ENV" == "container" ]; then
-    ENV="container" sudo -u mythtv python3 -u pa_job_manager.py &
-    gunicorn --bind=0.0.0.0:80 --workers=1 --threads=1 main:app --env ENV="container" --reload --capture-output
+    sudo -u pauser gunicorn --bind=0.0.0.0:80 --workers=1 --threads=1 main:app --env ENV="container" --reload --capture-output
 else
     echo "Not sure which ENV ($ENV) we are running, set up for DEV and dont run job manager (jic)"
-    gunicorn --bind=0.0.0.0:80 --workers=1 --threads=1 main:app --env ENV="development" --error-logfile gunicorn.error.log --access-logfile gunicorn.log --capture-output --enable-stdio-inheritance --reload
+    sudo -u pauser gunicorn --bind=0.0.0.0:80 --workers=1 --threads=1 main:app --env ENV="development" --error-logfile gunicorn.error.log --access-logfile gunicorn.log --capture-output --enable-stdio-inheritance --reload
 fi
 
 # this should never be invoked unless gunicorn fails -- in that case, at least