From c3101ca39c5ca7ff5f8ad65da59f07798f3d93c9 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Sun, 27 Jun 2021 22:57:24 +0200 Subject: [PATCH] Set rights --- scripts/change_url | 5 ----- scripts/install | 17 +++++------------ scripts/restore | 10 +++------- scripts/upgrade | 19 +++++-------------- 4 files changed, 13 insertions(+), 38 deletions(-) diff --git a/scripts/change_url b/scripts/change_url index 9afe639..8aef9cb 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -28,11 +28,6 @@ ynh_script_progression --message="Loading installation settings..." # Needed for helper "ynh_add_nginx_config" final_path=$(ynh_app_setting_get --app=$app --key=final_path) - -# Add settings here as needed by your application -#db_name=$(ynh_app_setting_get --app=$app --key=db_name) -#db_user=$db_name -#db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd) phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= diff --git a/scripts/install b/scripts/install index 021e0a6..b3a3a8a 100755 --- a/scripts/install +++ b/scripts/install @@ -86,6 +86,10 @@ ynh_app_setting_set --app=$app --key=final_path --value=$final_path git clone -b $tag --depth 1 https://github.com/firefly-iii/firefly-iii.git $final_path +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # NGINX CONFIGURATION #================================================= @@ -120,7 +124,7 @@ ynh_script_progression --message="Modifying a config file..." ynh_add_config --template="../conf/.env" --destination="$final_path/.env" chmod 400 "$final_path/.env" -chown $app:$app "$final_path/.env" +chown $app "$final_path/.env" #================================================= # DEPLOY @@ -133,17 +137,6 @@ pushd "$final_path" php$phpversion artisan passport:install popd -#================================================= -# GENERIC FINALIZATION -#================================================= -# SECURE FILES AND DIRECTORIES -#================================================= -ynh_script_progression --message="Securing files and directories..." - -# Set right permissions -chown -R $app: $final_path -chmod -R 775 $final_path/storage - #================================================= # SETUP A CRON #================================================= diff --git a/scripts/restore b/scripts/restore index 154a79b..b95f289 100755 --- a/scripts/restore +++ b/scripts/restore @@ -65,13 +65,9 @@ ynh_script_progression --message="Restoring the app main directory..." ynh_restore_file --origin_path="$final_path" -#================================================= -# RESTORE USER RIGHTS -#================================================= -ynh_script_progression --message="Restoring user rights..." - -# Restore permissions on app files -chown -R $app: $final_path +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" #================================================= # RESTORE THE PHP-FPM CONFIGURATION diff --git a/scripts/upgrade b/scripts/upgrade index d0980b9..6e7b908 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -140,6 +140,10 @@ then fi fi +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # NGINX CONFIGURATION #================================================= @@ -171,8 +175,6 @@ phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= ynh_script_progression --message="Updating PHP dependencies..." -chown -R $app: $final_path - ynh_exec_warn_less ynh_install_composer --phpversion="$phpversion" --workdir="$final_path" #================================================= @@ -183,7 +185,7 @@ ynh_script_progression --message="Modifying a config file..." ynh_add_config --template="../conf/.env" --destination="$final_path/.env" chmod 400 "$final_path/.env" -chown $app:$app "$final_path/.env" +chown $app "$final_path/.env" #================================================= # DEPLOYMENT @@ -207,17 +209,6 @@ ynh_script_progression --message="Upgrading logrotate configuration..." # Use logrotate to manage app-specific logfile(s) ynh_use_logrotate --non-append -#================================================= -# GENERIC FINALIZATION -#================================================= -# SECURE FILES AND DIRECTORIES -#================================================= -ynh_script_progression --message="Securing files and directories..." - -# Set permissions on app files -chown -R $app: $final_path -chmod -R 775 $final_path/storage - #================================================= # SETUP A CRON #=================================================