Menu
I host a flask web app on a Raspberry Pi that has controls for my LED light strip. It all works great when I run the server with python as the root user, but I am having difficulty deploying it with Apache mod_wsgi. I want to use htttps, so deploying it seems to be necessary, but Apache doesn't seem to allow running servers with root privileges. Root is necessary to control the lights through a library that is imported in the flask server.
Is there any way to deploy a flask server with root privileges? If not, it it possible to use https (from letsencrypt.org) without deploying? Are there any other ways to get around this problem?
662
asked Oct 30 '25 18:10
I would not run the web server as root for security reasons.
Instead, I suggest to:
You mention deployment, if you are packaging this into an rpm, I would put the sudo definitions in /etc/sudoers.d/youpackage
Another option would be to split you app and use some sort of messaging system - either by having rows in a database table or use a messaging server such as rabbit mq (there are other servers but I find it very easy to setup). A separate process running as root would do the actual turning on/off the lights. Your frontend would simply send a message like "lights off" and the other process -which could be running as root- would get a message when needed. The advantage with this approach is that the web process never has any root privilege and even if it has a hole, damage is limited.
196
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
