Fix DATA_ROOT permissions

author: EuAndreh <eu@euandre.org> 2020-08-22 21:53:23 -0300
committer: EuAndreh <eu@euandre.org> 2020-08-22 21:53:23 -0300
commit: 066d230a2eee05fa9489e33c6a9af385bc0068ba (patch)
tree: 4bc45f73b7c3830cbd66360d5a864c6f850d6f67
parent: Remove old matterbridge configuration (diff)
download: toph-066d230a2eee05fa9489e33c6a9af385bc0068ba.tar.gz
toph-066d230a2eee05fa9489e33c6a9af385bc0068ba.tar.xz
2 files changed, 14 insertions, 5 deletions
diff --git a/secrets/secret-envrc.sh b/secrets/secret-envrc.sh
index 27332b9..b14f20a 100644
--- a/secrets/secret-envrc.sh
+++ b/secrets/secret-envrc.sh
diff --git a/vps-configuration.env.nix b/vps-configuration.env.nix
index d66bd38..6967845 100644
--- a/vps-configuration.env.nix
+++ b/vps-configuration.env.nix
@@ -13,12 +13,13 @@ let
     authorizedKey = "$AUTHORIZED_KEY";
     userPassword = "$USER_PASSWORD";
     userName = "$USER_NAME";
+    staticRoot = "$STATIC_ROOT";
+    dataRoot = "$DATA_ROOT";
     nextcloudDatabaseUser = "$NEXTCLOUD_DATABASE_USER";
     nextcloudDatabasePassword = "$NEXTCLOUD_DATABASE_PASSWORD";
     nextcloudAdminUser = "$NEXTCLOUD_ADMIN_USER";
     nextcloudAdminPassword = "$NEXTCLOUD_ADMIN_PASSWORD";
     nextcloudTablePrefix = "$NEXTCLOUD_TABLE_PREFIX";
-    gitRoot = "$GIT_ROOT";
     gitPort = "$GIT_PORT";
     systemStateVersion = "$SYSTEM_STATE_VERSION";
     prosodyAdminUser = "$PROSODY_ADMIN_USER";
@@ -123,7 +124,7 @@ in {
         "${envsubstConfiguration.songbooksDocumentationTLD}" = {
           forceSSL = true;
           enableACME = true;
-          root = "/home/${envsubstConfiguration.userName}/songbooks/";
+          root = "${envsubstConfiguration.staticRoot}/songbooks/";
         };
         "${envsubstConfiguration.prosodyTLD}" = {
           forceSSL = true;
@@ -249,12 +250,20 @@ in {
     };
     "lighttpd-cgit-install" = {
       enable = true;
-      description = "Setup folders and permissions for lighttpd and cgit";
+      description = "Setup data folders and permissions";
       wantedBy = [ "multi-user.target" ];
       script = ''
+        mkdir -p ${envsubstConfiguration.dataRoot}
+        chown -R ${envsubstConfiguration.userName}:users ${envsubstConfiguration.dataRoot}
+        chmod -R 755 ${envsubstConfiguration.dataRoot}
+
+        mkdir -p ${envsubstConfiguration.staticRoot}
+        chown -R ${envsubstConfiguration.userName}:users ${envsubstConfiguration.staticRoot}
+        chmod -R 755 ${envsubstConfiguration.staticRoot}
+
         mkdir -p ${envsubstConfiguration.gitRoot}
-        chown -R ${envsubstConfiguration.userName}:lighttpd ${envsubstConfiguration.gitRoot}
-        chmod -R 770 ${envsubstConfiguration.gitRoot}
+        chown -R ${envsubstConfiguration.userName}:users ${envsubstConfiguration.gitRoot}
+        chmod -R 755 ${envsubstConfiguration.gitRoot}
       '';
       serviceConfig = { Type = "oneshot"; };
     };
author	EuAndreh <eu@euandre.org>	2020-08-22 21:53:23 -0300
committer	EuAndreh <eu@euandre.org>	2020-08-22 21:53:23 -0300
commit	066d230a2eee05fa9489e33c6a9af385bc0068ba (patch)
tree	4bc45f73b7c3830cbd66360d5a864c6f850d6f67
parent	Remove old matterbridge configuration (diff)
download	toph-066d230a2eee05fa9489e33c6a9af385bc0068ba.tar.gz toph-066d230a2eee05fa9489e33c6a9af385bc0068ba.tar.xz