Permissions with ZipArchive in Linux environment provisioned by Puppet / Vagrant

0

The scenario:

I use an environment that is provisioned by Puppet / Vagrant (PuPHPet).

Apache runs with user www-data:www-data

--- Config vagrant    
apache:
    install: '1'
    settings:
        version: 2.4
        user: www-data
        group: www-data

When we are doing the environment setup we do the following:

We added the user ubuntu to the group www-data

$ sudo usermod -a -G www-data ubuntu

Read / write permission to the whole group

$ sudo chmod -R g+rw /var/www/

And it passes ownership of everything to www-data:www-data , because otherwise the application can not write to the files, upload, etc.

$ sudo chown -R www-data:www-data /var/www/

Whenever we need to deploy a new version of the application we run the entire pipeline locally, this generates a .zip file and then uploads this file to FTP via SFTP and then extracts it from the zip in the required directory with PHP script .

The problem:

We connect to the machine via SFTP using the user ubuntu . Access the unzip link (so you do not need to use the CLI to do these updates) When the script extracts, all files and folders are allowed:

So I can no longer do anything with the files as an FTP user because the permission was restricted to www-user: www-data.

So I need to log in again via SSH on the server and give chmod / chown to the directory so the application can perform operations on the directories.

My question is:

What would be the solution to this deploy scenario that I do not have to keep manipulating permissions all the time I do an update?

    
asked by anonymous 09.08.2018 / 22:01

0 answers