Roots Discourse

Deploy places web and app folder 777

Hi,

I’m using Trellis just to deploy to an already provisioned server (as doing with Kinsta but a custom server). When I deploy, folders web and web/app get 0777 mode so every file inside gets exposed :sweat_smile:

I’ve found out that the share.yml file does that, but I don’t know why as I have other projects with the same configuration and I’ve never had that problem:

If I change that mode line to 0755 everything works as expected.

This is my project_shared_children variable content:

project_shared_children:
  - path: web/app/uploads
    src: uploads
  - path: web/.htaccess
    src: .htaccess
    type: file
  - path: web/robots.txt
    src: robots.txt
    type: file
  - path: web/google214b4b12484d912b.html
    src: google214b4b12484d912b.html
    type: file
  - path: web/app/wp-cache-config.php
    src: wp-cache-config.php
    type: file
  - path: web/app/advanced-cache.php
    src: advanced-cache.php
    type: file

Has anyone had this behaviour using trellis just to deploy? I just want to know why is this happening…

Thank you!!

well, from I understand is from that part is that it does chmod the parent directory to 0777.
So when you list a directory that would be inside web/app, e.g. web/app/uploads,
the parent directory will be web/app, hence the whole app/ folder gets 0777.
The | dirname part does this as dirname returns the directory the passed directory/file is in (hence the parent directory).

And indeed, the app/ folder for Trellis sites I checked out, got permission 777 (drwxrwxrwx).
However, the web/ folder above it doesn’t have 777 but 755 (drwxr-xr-x) instead.,

Yes, I understand that, but isn’t it dangerous? I mean, making the app folder chmod 777 is full permissive… I don’t know why is that needed…

Good point! Maybe create a new issue for Trellis?