letsencrypt permissions
This commit is contained in:
parent
5ba59b687e
commit
fbc4c53d3a
|
@ -240,6 +240,7 @@ function add_cert_letsencrypt {
|
|||
echo $"Failed to install letsencrypt for domain $LETSENCRYPT_HOSTNAME"
|
||||
echo $'Also see https://letsencrypt.status.io to check for any service outages'
|
||||
chgrp -R ssl-cert /etc/letsencrypt
|
||||
chmod -R 600 /etc/letsencrypt
|
||||
chmod -R g=rX /etc/letsencrypt
|
||||
systemctl start nginx
|
||||
exit 63216
|
||||
|
@ -288,6 +289,7 @@ function add_cert_letsencrypt {
|
|||
# this group can be used to assign read permissions for
|
||||
# application user accounts
|
||||
chgrp -R ssl-cert /etc/letsencrypt
|
||||
chmod -R 600 /etc/letsencrypt
|
||||
chmod -R g=rX /etc/letsencrypt
|
||||
|
||||
nginx_ensite ${LETSENCRYPT_HOSTNAME}
|
||||
|
|
|
@ -560,6 +560,10 @@ function lockdown_permissions {
|
|||
if [ -d /var/lib/prosody ]; then
|
||||
chown -R prosody /var/lib/prosody
|
||||
fi
|
||||
if [ -d /etc/letsencrypt ]; then
|
||||
chmod -R 600 /etc/letsencrypt
|
||||
chmod -R g=rX /etc/letsencrypt
|
||||
fi
|
||||
}
|
||||
|
||||
function disable_core_dumps {
|
||||
|
|
Loading…
Reference in New Issue