From 5db4d1592666f01628db78a5326fbb9bc6939c38 Mon Sep 17 00:00:00 2001 From: tituspijean Date: Sun, 10 Jul 2022 11:35:24 +0200 Subject: [PATCH] Fix uploads permissions --- conf/extra_php-fpm.conf | 2 ++ scripts/install | 10 +++++++--- scripts/restore | 12 ++++++++---- scripts/upgrade | 11 +++++++---- 4 files changed, 24 insertions(+), 11 deletions(-) diff --git a/conf/extra_php-fpm.conf b/conf/extra_php-fpm.conf index c93210e..bb96483 100644 --- a/conf/extra_php-fpm.conf +++ b/conf/extra_php-fpm.conf @@ -3,3 +3,5 @@ php_admin_value[upload_max_filesize] = 50M php_admin_value[memory_limit] = 64M php_admin_value[post_max_size] = 50M + +php_admin_value[upload_tmp_dir] = __FINALPATH__/wp-content/temp/ diff --git a/scripts/install b/scripts/install index 743c885..0e5f1ca 100644 --- a/scripts/install +++ b/scripts/install @@ -232,10 +232,14 @@ $wpcli_alias plugin activate wp-fail2ban-redux $plugin_network # Set file and directories ownership mkdir -p $final_path/wp-content/uploads -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" +mkdir -p $final_path/wp-content/temp chown -R $app:www-data "$final_path" -chmod g+s $final_path/wp-content/uploads +find "$final_path" -type d -exec chmod 750 {} \; +find "$final_path" -type f -exec chmod 640 {} \; +find "$final_path/wp-content/uploads" -type d -exec chmod 770 {} \; +find "$final_path/wp-content/temp" -type d -exec chmod 770 {} \; +setfacl -Rm d:g:www-data:rwX "$final_path/wp-content/uploads" +setfacl -Rm d:g:www-data:rwX "$final_path/wp-content/temp" #================================================= # STORE THE CONFIG FILE CHECKSUM diff --git a/scripts/restore b/scripts/restore index f9ee58f..8e26dde 100644 --- a/scripts/restore +++ b/scripts/restore @@ -75,11 +75,15 @@ ynh_script_progression --message="Restoring the app main directory..." ynh_restore_file --origin_path="$final_path" # Set file and directories ownership -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" +mkdir -p $final_path/wp-content/uploads +mkdir -p $final_path/wp-content/temp chown -R $app:www-data "$final_path" -chmod g+s $final_path/wp-content/uploads -chmod g+s $(find $final_path/wp-content/uploads -type d) +find "$final_path" -type d -exec chmod 750 {} \; +find "$final_path" -type f -exec chmod 640 {} \; +find "$final_path/wp-content/uploads" -type d -exec chmod 770 {} \; +find "$final_path/wp-content/temp" -type d -exec chmod 770 {} \; +setfacl -Rm d:g:www-data:rwX "$final_path/wp-content/uploads" +setfacl -Rm d:g:www-data:rwX "$final_path/wp-content/temp" chmod 400 "$final_path/wp-config.php" chown $app:$app "$final_path/wp-config.php" diff --git a/scripts/upgrade b/scripts/upgrade index 0e7a5e0..0e773d2 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -280,11 +280,14 @@ $wpcli_alias plugin is-installed http-authentication && $wpcli_alias plugin deac # Set file and directories ownership mkdir -p $final_path/wp-content/uploads -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" +mkdir -p $final_path/wp-content/temp chown -R $app:www-data "$final_path" -chmod g+s $final_path/wp-content/uploads -chmod g+s $(find $final_path/wp-content/uploads -type d) +find "$final_path" -type d -exec chmod 750 {} \; +find "$final_path" -type f -exec chmod 640 {} \; +find "$final_path/wp-content/uploads" -type d -exec chmod 770 {} \; +find "$final_path/wp-content/temp" -type d -exec chmod 770 {} \; +setfacl -Rm d:g:www-data:rwX "$final_path/wp-content/uploads" +setfacl -Rm d:g:www-data:rwX "$final_path/wp-content/temp" #================================================= # STORE THE CHECKSUM OF THE CONFIG FILE