From ae3018cdd0d97f4f56117fdc80bacb9637e5426e Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Fri, 28 Jun 2024 18:39:12 +0200 Subject: [PATCH] Infer the necessity to use www-data as group from the presence of alias or root in nginx.conf --- helpers/helpers.v2.1.d/utils | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/helpers/helpers.v2.1.d/utils b/helpers/helpers.v2.1.d/utils index f03e67804..05a859498 100644 --- a/helpers/helpers.v2.1.d/utils +++ b/helpers/helpers.v2.1.d/utils @@ -256,14 +256,15 @@ _ynh_apply_default_permissions() { # If this is the install dir (so far this is the only way this helper is called with a directory) if [ "$target" == "${install_dir:-}" ] then - # Files inside should be owned by $app/www-data with rw-r----- (+x for folders or files that already have +x) - chmod -R u=rwX,g=r-X,o=--- "$target" local group="$app" - # We set the group to www-data because most apps do serve static assets that need to be readable by nginx ... - # The fact that the app is a webapp is infered by the fact that $domain and $path are defined - if [[ -n "${domain:-}" ]] && [[ -n "${path:-}" ]] then + # We set the group to www-data for webapps that do serve static assets, which therefore need to be readable by nginx ... + # The fact that the app needs this is infered by the existence of an nginx.conf and the presence of "alias" or "root" directive + if grep -q '^\s*alias\s\|^\s*root\s' "$YNH_APP_BASEDIR/conf/nginx.conf" 2>/dev/null then group="www-data" fi + # Files inside should be owned by $app with rw-r----- (+x for folders or files that already have +x) + # The group needs read/dirtraversal (in particular if it's www-data) + chmod -R u=rwX,g=r-X,o=--- "$target" chown -R "$app:$group" "$target" return fi