diff --git a/bin/v-fix-website-permissions b/bin/v-fix-website-permissions index 186075a1..fca37e15 100644 --- a/bin/v-fix-website-permissions +++ b/bin/v-fix-website-permissions @@ -68,40 +68,90 @@ if [ -z "$SKIP_OWNERSHIP_CHECK" ] && [ -f "public_html/index.php" ]; then fi fi +echo "Updating permissions for /home/$USER/web/$domain/" -echo "Updating permissions for /home/$USER/web/$domain/public_html/" -# Fixing permissions -find public_html/ -type d ! -perm 755 -exec chmod 755 {} + -find public_html/ -type f ! \( -name "*.php" -o -name "*.env" \) ! -perm 644 -exec chmod 644 {} + -# Fixing ownership -find public_html/ -type d ! -user $USER -exec chown $USER:$USER {} + -find public_html/ -type f ! \( -name "*.php" -o -name "*.env" \) ! -user $USER -exec chown $USER:$USER {} + - -php_chmod="600" - -if [ "$WEB_SYSTEM" = 'nginx' ]; then - php_chmod="644" +php_chmod_allowed=1 +if [ -f "/home/php_chmod_disabled" ]; then + php_chmod_allowed=0 +fi +if [ -f "/home/$USER/php_chmod_disabled" ]; then + php_chmod_allowed=0 +fi +if [ -f "/home/$USER/web/php_chmod_disabled" ]; then + php_chmod_allowed=0 +fi +if [ -f "/home/$USER/web/$domain/php_chmod_disabled" ]; then + php_chmod_allowed=0 fi -if [ -f "/home/php_chmod" ]; then - php_chmod=$(cat /home/php_chmod) -fi -if [ -f "/home/$USER/php_chmod" ]; then - php_chmod=$(cat /home/$USER/php_chmod) -fi -if [ -f "/home/$USER/web/php_chmod" ]; then - php_chmod=$(cat /home/$USER/web/php_chmod) -fi -if [ -f "/home/$USER/web/$domain/php_chmod" ]; then - php_chmod=$(cat /home/$USER/web/$domain/php_chmod) +# === General files and directories permissions === +if [ "$php_chmod_allowed" -eq 1 ]; then + # New way of fixing permissions + # Fixing permissions + find public_html/ -type d ! -perm 755 -exec chmod 755 {} + + find public_html/ -type f ! \( -name "*.php" -o -name "*.env" \) ! -perm 644 -exec chmod 644 {} + + + # Fixing ownership + find public_html/ -type d ! -user $USER -exec chown $USER:$USER {} + + find public_html/ -type f ! \( -name "*.php" -o -name "*.env" \) ! -user $USER -exec chown $USER:$USER {} + +else + # Old way of fixing permissions + # Fixing permissions + find public_html/ -type d ! -perm 755 -exec chmod 755 {} + + find public_html/ -type f ! -perm 644 -exec chmod 644 {} + + + # Fixing ownership + find public_html/ -type d ! -user $USER -exec chown $USER:$USER {} + + find public_html/ -type f ! -user $USER -exec chown $USER:$USER {} + fi -# Setting chmod 600 for all .php and .env files -echo "= Setting chmod $php_chmod for all .php and .env files" -# Fixing permissions -find -type f \( -name "*.php" -o -name "*.env" \) ! -perm $php_chmod -exec chmod $php_chmod {} + -# Fixing ownership -find -type f \( -name "*.php" -o -name "*.env" \) ! -user $USER -exec chown $USER:$USER {} + +# === PHP and .env permissions === +if [ "$php_chmod_allowed" -eq 1 ]; then + php_chmod="600" + + if [ "$WEB_SYSTEM" = 'nginx' ]; then + php_chmod="644" + fi + + if [ -f "/home/php_chmod" ]; then + php_chmod=$(cat /home/php_chmod) + fi + if [ -f "/home/$USER/php_chmod" ]; then + php_chmod=$(cat /home/$USER/php_chmod) + fi + if [ -f "/home/$USER/web/php_chmod" ]; then + php_chmod=$(cat /home/$USER/web/php_chmod) + fi + if [ -f "/home/$USER/web/$domain/php_chmod" ]; then + php_chmod=$(cat /home/$USER/web/$domain/php_chmod) + fi + + # Setting chmod 600 for all .php and .env files + echo "= Setting chmod $php_chmod for all .php and .env files" + # Fixing permissions + find -type f \( -name "*.php" -o -name "*.env" \) ! -perm $php_chmod -exec chmod $php_chmod {} + + # Fixing ownership + find -type f \( -name "*.php" -o -name "*.env" \) ! -user $USER -exec chown $USER:$USER {} + +fi + +# === Symlinks ownership === +symlink_chown_allowed=1 +if [ -f "/home/symlink_chown_disabled" ]; then + symlink_chown_allowed=0 +fi +if [ -f "/home/$USER/symlink_chown_disabled" ]; then + symlink_chown_allowed=0 +fi +if [ -f "/home/$USER/web/symlink_chown_disabled" ]; then + symlink_chown_allowed=0 +fi +if [ -f "/home/$USER/web/$domain/symlink_chown_disabled" ]; then + symlink_chown_allowed=0 +fi + +if [ "$symlink_chown_allowed" -eq 1 ]; then + find -type l ! -user $USER -exec chown -h $USER:$USER {} + +fi #----------------------------------------------------------# # Vesta #