Is root realy needed to use celery?

[tabacha]

In the Install.md there is documented, to run celery as root user:

C_FORCE_ROOT=1 celery -b redis://127.0.0.1:6379/0 -A patchman worker -l INFO -E

From a security perspertive it is not a good idea to run such a process as root.

We have created a user and a group and used the follwoing systemd file.

[Unit]
Description=Celery Service
After=network.target

[Service]
Type=simple
User=patchman_celery
Group=patchman_celery

#EnvironmentFile=/etc/default/celeryd
#WorkingDirectory=/home/user/django-project
ExecStart=celery -b redis://127.0.0.1:6379/0 -A patchman worker -l INFO -E

[Install]
WantedBy=multi-user.target

We do not see any issue until now. Permissions:

ls -la  /etc/patchman/local_settings.py
-rw-r----- 1 root www-data 2027 Nov 22 12:14 /etc/patchman/local_settings.py
id patchman_celery
uid=998(patchman_celery) gid=999(patchman_celery) groups=999(patchman_celery),33(www-data)

Here is an other example, how to start celery by systemd: https://ahmadalsajid.medium.com/daemonizing-celery-beat-with-systemd-97f1203e7b32