letsencrypt permissions

This commit is contained in:
Bob Mottram 2017-05-28 14:31:55 +01:00
parent 5ba59b687e
commit fbc4c53d3a
2 changed files with 6 additions and 0 deletions

View File

@ -240,6 +240,7 @@ function add_cert_letsencrypt {
echo $"Failed to install letsencrypt for domain $LETSENCRYPT_HOSTNAME"
echo $'Also see https://letsencrypt.status.io to check for any service outages'
chgrp -R ssl-cert /etc/letsencrypt
chmod -R 600 /etc/letsencrypt
chmod -R g=rX /etc/letsencrypt
systemctl start nginx
exit 63216
@ -288,6 +289,7 @@ function add_cert_letsencrypt {
# this group can be used to assign read permissions for
# application user accounts
chgrp -R ssl-cert /etc/letsencrypt
chmod -R 600 /etc/letsencrypt
chmod -R g=rX /etc/letsencrypt
nginx_ensite ${LETSENCRYPT_HOSTNAME}

View File

@ -560,6 +560,10 @@ function lockdown_permissions {
if [ -d /var/lib/prosody ]; then
chown -R prosody /var/lib/prosody
fi
if [ -d /etc/letsencrypt ]; then
chmod -R 600 /etc/letsencrypt
chmod -R g=rX /etc/letsencrypt
fi
}
function disable_core_dumps {