I want to allow certain trusted users the ability to take down my lemmy instance or reboot it or x, y, z actions in case things go wrong or there is a security incident.
Ideally I would want to have some sort of admin interface that’s secure and tested and allow these users to have some sort of login and from there have the ability to execute certain actions that could correspond to a “break glass in case of emergency” scenario.
I’ve been pointed at https://www.portainer.io/ but they seem to have a steep price for the limited use-case that I would be giving it.
I know about some admin interfaces like webmin, but I don’t know which one allow you to create very restricted users or just give users the ability to execute some limited pre-defined commands.
Thank you <3
Can you use SSH?
Possibly, but it would have to be so severely locked down that it makes more sense to have a web interface with a few buttons that do some very basic actions, including making my phone ring or stuff like that.
That seems almost exactly what the sudoers file is meant for.
If several actions have to happen at once (call the phone first), or need parameters, or need a kill switch, that is what a script with the SETUID bit does.
I mean… don’t you just make them a user and just give them 777 permissions to the directories you’d allow?