YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity

Infer the necessity to use www-data as group from the presence of alias or root in nginx.conf

Browse source
This commit is contained in:
Alexandre Aubin 2024-06-28 18:39:12 +02:00
parent 8b8768fd77
commit ae3018cdd0
1 changed files with 6 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
helpers/helpers.v2.1.d/utils
View file

@ -256,14 +256,15 @@ _ynh_apply_default_permissions() {
# If this is the install dir (so far this is the only way this helper is called with a directory) # If this is the install dir (so far this is the only way this helper is called with a directory)
if [ "$target" == "${install_dir:-}" ] if [ "$target" == "${install_dir:-}" ]
then then
# Files inside should be owned by $app/www-data with rw-r----- (+x for folders or files that already have +x)
chmod -R u=rwX,g=r-X,o=--- "$target"
local group="$app" local group="$app"
# We set the group to www-data because most apps do serve static assets that need to be readable by nginx ... # We set the group to www-data for webapps that do serve static assets, which therefore need to be readable by nginx ...
# The fact that the app is a webapp is infered by the fact that $domain and $path are defined # The fact that the app needs this is infered by the existence of an nginx.conf and the presence of "alias" or "root" directive
if [[ -n "${domain:-}" ]] && [[ -n "${path:-}" ]] then if grep -q '^\s*alias\s\|^\s*root\s' "$YNH_APP_BASEDIR/conf/nginx.conf" 2>/dev/null then
group="www-data" group="www-data"
fi fi
# Files inside should be owned by $app with rw-r----- (+x for folders or files that already have +x)
# The group needs read/dirtraversal (in particular if it's www-data)
chmod -R u=rwX,g=r-X,o=--- "$target"
chown -R "$app:$group" "$target" chown -R "$app:$group" "$target"
return return
fi fi