fix(worker): ensure state folder is rwx for non-root users
This commit is contained in:
Nicolas Meienberger
parent
230ae0a412
commit
197f6e3998
1 changed files with 24 additions and 0 deletions
24
packages/worker/src/lib/fs/fs.helpers.ts
Normal file
24
packages/worker/src/lib/fs/fs.helpers.ts
Normal file
|
|
@ -0,0 +1,24 @@
|
|||
/* eslint-disable no-await-in-loop */
|
||||
/* eslint-disable no-restricted-syntax */
|
||||
import { execAsync, pathExists } from '@runtipi/shared';
|
||||
import path from 'path';
|
||||
import { ROOT_FOLDER } from '@/config/constants';
|
||||
|
||||
export const ensureFilePermissions = async () => {
|
||||
const filesAndFolders = [path.join(ROOT_FOLDER, 'state'), path.join(ROOT_FOLDER, 'traefik')];
|
||||
|
||||
const files600 = [path.join(ROOT_FOLDER, 'traefik', 'shared', 'acme.json')];
|
||||
|
||||
// Give permission to read and write to all files and folders for the current user
|
||||
for (const fileOrFolder of filesAndFolders) {
|
||||
if (await pathExists(fileOrFolder)) {
|
||||
await execAsync(`chmod -R a+rwx ${fileOrFolder}`).catch(() => {});
|
||||
}
|
||||
}
|
||||
|
||||
for (const fileOrFolder of files600) {
|
||||
if (await pathExists(fileOrFolder)) {
|
||||
await execAsync(`chmod 600 ${fileOrFolder}`).catch(() => {});
|
||||
}
|
||||
}
|
||||
};
|
||||
Loading…
Reference in a new issue