Upload Directory Permissions on Digital Ocean deployment

On Trellis 0.9.6, I’ve been able to successfully deploy to a Digital Ocean droplet and that’s working well. However, when uploading a file to that system I’m getting the error “The uploaded file could not be moved to uploads.” which seems to be a permissions error for the symlink to shared/uploads as far as I can tell.

I’ve tried this with a fresh db as well with the same error (in that case, couldn’t create the 2016/03 directory), just to rule out that there’s anything wrong on the DB level.

I’ve tried to figure out if there’s anything odd that would be causing this in production group_vars, but the settings are pretty default.

I haven’t seen this issue come up in the discourse - any guesses as to what might be happening?

Could you paste the permissions you’re seeing for those folders?

Also did you make any customizations like to the web_user?

No customizations to web_user.

Ah ha, interesting, on the remote I’m seeing in /shared:

drwxr-xr-x 6 web      www-data  4096 Feb 24 06:46 source
drwxr-xr-x 3 1409****   45**** 20480 Mar 11 21:40 uploads

(* 8 digit and 6 digit owner user and group)

I’m assuming that uploads should be set to web:www-data ownership? Not sure how that happened.

Yeah, for now I suggest just manually fixing those permissions:

sudo chown -R web:www-data uploads and see if it fixes the problem. Not that this isn’t a bug on Trellis’ part, I just haven’t seen it happen before.

Let us know once you do another deploy if Trellis messes up the permissions again.

Strangely I’ve had this too on Trellis 0.9.6, with permission issues with the uploads folder. I just fixed it manually as @swalkinshaw mentioned. I thought this was a bit strange but I had previously ssh’d in the machine (I know, I was just poking around) and thought maybe I had changed something that slipped my mind. But maybe that’s not the case, I’ll spin another instance up with a fresh Trellis build and see if I can repeat this…

Ok so I pulled the latest version of Trellis (ec9b11558fcb311866e89646c85ce41e8ddbfb6c), provisioned a new DO droplet and deployed a test site. No permission issues. Although this wouldn’t have been the same version of Trellis I had the issue with, (@swalkinshaw, I didn’t even have a chance to test lets encrpyt before you rolled it into master, you guys don’t hang about!) but here have been no changes to the role that create the shared directories, so I’m afraid I’m slightly at a loss to explain this?..

Thanks for testing this @Josh_Ellis

We’ll just keep an eye on it for now to see if it comes up again. The wordpress-install role is only for development, deploy hasn’t been touched in ~2 months either. which handles this.

No worries. Ah yea, of course it is, silly me. Still very strange though, wish I had a better answer or even an clue as to what caused it.

Sorry for the delay - and thanks for the additional testing!

Manual change did the trick on my end, and to rule out that Trellis is the cause on my part I redeployed the same site & version on a fresh staging DO droplet and retested uploads.

No permission error after that deployment, so I’m pretty sure the error is something on my end. For instance, we did an rsync on the uploads directory that may have adjusted the folder ownership.

Many thanks for the help!

Just a note here that I had this issue on a Multisite install and fixed it using the above, but changing the permissions to the /shared/uploads folder, not the /web/app/uploads folder.

It was affecting the primary site, but not the sub site(s)

In which directory do you run this command?

You should be able to run $ sudo chown -R web:www-data /srv/www/YOUR_SITE_KEY/shared/uploads from anywhere.

Thank you I will try that