diff --git a/scripts/install b/scripts/install index db02e8b..dcd4254 100755 --- a/scripts/install +++ b/scripts/install @@ -182,22 +182,10 @@ ynh_store_file_checksum --file="$final_path/menu.php" #================================================= # Set permissions to app files -chown -R root: $final_path - -# Wiki needs to write inside these folders. Make "Wiki" owner -chown -R $app:root $final_path/var -chown -R $app:root $final_path/templates - -# write everything, even config files, for pheditor: -chown -R $app:root $final_path/ - -# Allow access to public assets like style sheets -find $final_path/templates -type f -print0 | xargs -0 chmod 0644 -find $final_path/templates -type d -print0 | xargs -0 chmod 0755 -find $final_path/templates/minimaxing/minimaxing.css -type f -print0 | xargs -0 chmod 0755 -# Using "find" instead of "chmod -R 755" so files does not become executable too -# chmod : -rwxr-xr-x 1 root root 241 May 3 08:36 index.html => BAD -# find : -rw-r--r-- 1 1001 1002 241 May 3 08:36 index.html => GOOD +chown -R $app:www-data $final_path +chmod -R o-rwx $final_path +find $final_path -type d -exec chmod g=rx {} + +find $final_path -type f -exec chmod g=r {} + #================================================= # SETUP SSOWAT diff --git a/scripts/restore b/scripts/restore index a05d5b0..5ce6cce 100755 --- a/scripts/restore +++ b/scripts/restore @@ -68,7 +68,10 @@ ynh_system_user_create --username=$app #================================================= # Restore permissions on app files -chown -R root: $final_path +chown -R $app:www-data $final_path +chmod -R o-rwx $final_path +find $final_path -type d -exec chmod g=rx {} + +find $final_path -type f -exec chmod g=r {} + #================================================= # RESTORE THE PHP-FPM CONFIGURATION diff --git a/scripts/upgrade b/scripts/upgrade index ff04018..1fd32ac 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -29,6 +29,20 @@ phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) upgrade_type=$(ynh_check_app_version_changed) +#================================================= +# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +#================================================= +ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=4 + +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + # restore it if the upgrade fails + ynh_restore_upgradebackup +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= @@ -47,20 +61,6 @@ if ynh_legacy_permissions_exists; then ynh_app_setting_delete --app=$app --key=is_public fi -#================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP -#================================================= -ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=4 - -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - # restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -126,7 +126,10 @@ ynh_store_file_checksum --file="$final_path/menu.php" #================================================= # Set permissions on app files -chown -R root: $final_path +chown -R $app:www-data $final_path +chmod -R o-rwx $final_path +find $final_path -type d -exec chmod g=rx {} + +find $final_path -type f -exec chmod g=r {} + #================================================= # RELOAD NGINX