config_scan_variables + config_check_missing operate on the manager-owned configs_dir -> runInstallOp (test/cat/cmp/cp/mkdir). Container-path chmods in before_start (traefik) + config.sh -> runFileOp. Fix the 'sudo sudo chown' double in root_file.sh -> runSystem chown (ownership establishment). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> Signed-off-by: librelad <librelad@digitalangels.vip>
35 lines
1.4 KiB
Bash
Executable File
35 lines
1.4 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
fixPermissionsBeforeStart()
|
|
{
|
|
local app_name="$1"
|
|
local flag="$2"
|
|
|
|
if [[ $flag == "update" ]]; then
|
|
isHeader "Updating File/Folder Permissions"
|
|
fi
|
|
|
|
fixAppFolderPermissions;
|
|
changeRootOwnedFile $docker_dir/$db_file $sudo_user_name
|
|
|
|
# The regenerable WebUI dir is reconciled to the mode's container owner via
|
|
# the shared helper (same code path as install + switch). Third-party app
|
|
# data ownership is established at install/restore time, not blanket-chowned
|
|
# here — a wrong-owner chown would break permission-strict apps.
|
|
if [[ "$app_name" == "libreportal" ]]; then
|
|
reconcileWebuiDirOwnership
|
|
fi
|
|
|
|
# Traefik
|
|
if [ -f "${containers_dir}traefik/etc/certs/acme.json" ]; then
|
|
updateFileOwnership "${containers_dir}traefik/etc/certs/acme.json" $docker_install_user $docker_install_user
|
|
local result=$(runFileOp chmod 600 "${containers_dir}traefik/etc/certs/acme.json")
|
|
checkSuccess "Set permissions to acme.json file for traefik"
|
|
fi
|
|
if [ -f "${containers_dir}traefik/etc/traefik.yml" ]; then
|
|
updateFileOwnership "${containers_dir}traefik/etc/traefik.yml" $docker_install_user $docker_install_user
|
|
local result=$(runFileOp chmod 600 "${containers_dir}traefik/etc/traefik.yml")
|
|
checkSuccess "Set permissions to traefik.yml file for traefik"
|
|
fi
|
|
}
|