Merge pull request #1836 from YunoHost/sftp-on-app

SFTP on apps permissions
2024-09-03 20:06:26 +02:00 · 2022-01-25 23:14:25 +01:00 · 2022-01-25 23:14:25 +01:00 · 71c439957e
commit 71c439957e
parent d093f6a8de 8b3bf0b4de
1 changed files with 33 additions and 0 deletions
--- a/pages/01.administrate/07.specific_use_cases/13.sftp_on_apps/sftp_on_apps.md
+++ b/pages/01.administrate/07.specific_use_cases/13.sftp_on_apps/sftp_on_apps.md
@ -0,0 +1,33 @@
+---
+title: Give SFTP permission to edit an app
+template: docs
+taxonomy:
+    category: docs
+routes:
+  default: '/sftp_on_apps'
+---
+
+In YunoHost permission management web admin interface, you can specify which user can access your system through SFTP.
+
+However, those user are chrooted in their home directory for security reasons.
+
+If you want to give access to a specific apps through SFTP, here are additional steps to do after giving the SFTP permission in the web interface.
+
+In instructions below, USER is the user to whom you wish to give permission to edit wordpress files.
+
+```bash
+mkdir -p /home/USER/apps/wordpress
+touch /home/USER/.nobackup
+mount --bind /var/www/wordpress /home/USER/apps/wordpress
+echo "/var/www/wordpress /home/USER/apps/wordpress none defaults,bind 0 0" >> /etc/fstab
+find /var/www/wordpress -type d -exec chmod g+s {} \;
+
+setfacl -R -m u:wordpress:rwX /var/www/wordpress
+setfacl -R -d -m u:wordpress:rwX /var/www/wordpress
+setfacl -m u:wordpress:r-- /var/www/wordpress/wp-config.php
+
+setfacl -R -m u:USER:rwX /var/www/wordpress
+setfacl -R -d -m u:USER:rwX /var/www/wordpress
+```
+
+