diff options
| author | Haelwenn (lanodan) Monnier <contact@hacktivis.me> | 2023-06-22 00:58:05 +0200 |
|---|---|---|
| committer | Haelwenn (lanodan) Monnier <contact@hacktivis.me> | 2023-08-04 09:50:28 +0200 |
| commit | 69caedc591bd61029f897f37ef7ecddd470cf935 (patch) | |
| tree | 7c1273bb58f00935c4997db23d5b79c861cfd582 /lib/mix/tasks | |
| parent | 8cc8100120abdbf26cfe4cdac2c0a012d7919e05 (diff) | |
| download | pleroma-69caedc591bd61029f897f37ef7ecddd470cf935.tar.gz pleroma-69caedc591bd61029f897f37ef7ecddd470cf935.zip | |
instance gen: Reduce permissions of pleroma directories and config files
Diffstat (limited to 'lib/mix/tasks')
| -rw-r--r-- | lib/mix/tasks/pleroma/instance.ex | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/lib/mix/tasks/pleroma/instance.ex b/lib/mix/tasks/pleroma/instance.ex index 5c93f19ff..5d8b254a2 100644 --- a/lib/mix/tasks/pleroma/instance.ex +++ b/lib/mix/tasks/pleroma/instance.ex @@ -266,12 +266,20 @@ defmodule Mix.Tasks.Pleroma.Instance do config_dir = Path.dirname(config_path) psql_dir = Path.dirname(psql_path) + # Note: Distros requiring group read (0o750) on those directories should + # pre-create the directories. [config_dir, psql_dir, static_dir, uploads_dir] |> Enum.reject(&File.exists?/1) - |> Enum.map(&File.mkdir_p!/1) + |> Enum.each(fn dir -> + File.mkdir_p!(dir) + File.chmod!(dir, 0o700) + end) shell_info("Writing config to #{config_path}.") + # Sadly no fchmod(2) equivalent in Elixir… + File.touch!(config_path) + File.chmod!(config_path, 0o640) File.write(config_path, result_config) shell_info("Writing the postgres script to #{psql_path}.") File.write(psql_path, result_psql) @@ -290,8 +298,7 @@ defmodule Mix.Tasks.Pleroma.Instance do else shell_error( "The task would have overwritten the following files:\n" <> - (Enum.map(will_overwrite, &"- #{&1}\n") |> Enum.join("")) <> - "Rerun with `--force` to overwrite them." + Enum.map_join(will_overwrite, &"- #{&1}\n") <> "Rerun with `--force` to overwrite them." ) end end |