wenil/amneziavpnphp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: configure writable backup and log directories with appropriate permissions in Docker and PHP

Browse Source
This commit is contained in:
infosave2007
2026-04-23 16:21:36 +03:00
parent ebcf09df08
commit e2767b3af2
2 changed files with 26 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Dockerfile
+9 -3
View File
@@ -37,9 +37,11 @@ RUN git config --global --add safe.directory /var/www/html \
# Configure Apache # Configure Apache
COPY apache.conf /etc/apache2/sites-available/000-default.conf COPY apache.conf /etc/apache2/sites-available/000-default.conf
# Set permissions # Set permissions and create writable directories
RUN chown -R www-data:www-data /var/www/html \ RUN mkdir -p /var/www/html/backups /var/www/html/logs \
&& chmod -R 755 /var/www/html/public && chown -R www-data:www-data /var/www/html \
&& chmod -R 755 /var/www/html/public \
&& chmod 775 /var/www/html/backups /var/www/html/logs
# Setup cron jobs # Setup cron jobs
RUN echo "0 * * * * www-data cd /var/www/html && /usr/local/bin/php bin/check_expired_clients.php >> /var/log/cron.log 2>&1" > /etc/cron.d/amnezia-cron \ RUN echo "0 * * * * www-data cd /var/www/html && /usr/local/bin/php bin/check_expired_clients.php >> /var/log/cron.log 2>&1" > /etc/cron.d/amnezia-cron \
@@ -59,6 +61,10 @@ RUN chmod +x /var/www/html/bin/monitor_metrics.sh
# Create startup script # Create startup script
RUN echo '#!/bin/bash\n\ RUN echo '#!/bin/bash\n\
service cron start\n\ service cron start\n\
# Ensure writable directories exist with correct ownership\n\
mkdir -p /var/www/html/backups /var/www/html/logs\n\
chown www-data:www-data /var/www/html/backups /var/www/html/logs\n\
chmod 775 /var/www/html/backups /var/www/html/logs\n\
# Ensure www-data can talk to host docker socket if mounted\n\ # Ensure www-data can talk to host docker socket if mounted\n\
if [ -S /var/run/docker.sock ]; then\n\ if [ -S /var/run/docker.sock ]; then\n\
SOCK_GID=$(stat -c %g /var/run/docker.sock)\n\ SOCK_GID=$(stat -c %g /var/run/docker.sock)\n\
inc/VpnServer.php
+17 -2
View File
@@ -811,9 +811,24 @@ BASH;
$backupDir = '/var/www/html/backups'; $backupDir = '/var/www/html/backups';
$backupPath = $backupDir . '/' . $backupName; $backupPath = $backupDir . '/' . $backupName;
// Create backups directory if not exists // Create backups directory if not exists and ensure www-data can write
if (!is_dir($backupDir)) { if (!is_dir($backupDir)) {
mkdir($backupDir, 0755, true); if (!@mkdir($backupDir, 0775, true)) {
throw new Exception('Cannot create backups directory: ' . $backupDir);
}
}
// Fix permissions if directory is not writable (e.g. created by root during install)
if (!is_writable($backupDir)) {
@chmod($backupDir, 0775);
// If still not writable, try shell chown (may work if running as root or via sudo)
if (!is_writable($backupDir)) {
@shell_exec('chown www-data:www-data ' . escapeshellarg($backupDir) . ' 2>/dev/null');
@chmod($backupDir, 0775);
}
if (!is_writable($backupDir)) {
throw new Exception('Backups directory is not writable by www-data. Run: chown www-data:www-data ' . $backupDir);
}
} }
try { try {