fix: restore invoking user's ownership after sudo deploy scripts

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
This commit is contained in:
Abhishek Kumar 2026-07-14 18:05:13 +05:30
parent 0ea3e34653
commit d84f0c1af8
4 changed files with 45 additions and 0 deletions

View file

@ -12,10 +12,21 @@ if [[ ! -f "$LIB_PATH" ]]; then
LIB_PATH="$BOOTSTRAP_LIB"
fi
# The preflight rewrites .env (awk + mv in dograh_set_env_key), so running this
# script via sudo leaves .env root-owned and later sudo-less edits fail. Hand
# the deploy dir back to the user who invoked sudo; a no-op for unprivileged
# runs and real root, where SUDO_UID is unset.
restore_ownership() {
if [[ -n "${SUDO_UID:-}" && -n "${SUDO_GID:-}" && -n "${DOGRAH_DEPLOY_PROJECT_DIR:-}" && -d "$DOGRAH_DEPLOY_PROJECT_DIR" ]]; then
chown -R "$SUDO_UID:$SUDO_GID" "$DOGRAH_DEPLOY_PROJECT_DIR" || true
fi
}
cleanup() {
if [[ -n "$BOOTSTRAP_LIB" ]]; then
rm -f "$BOOTSTRAP_LIB"
fi
restore_ownership
}
trap cleanup EXIT
@ -91,4 +102,8 @@ if (( ${#EXTRA_ARGS[@]} )); then
CMD+=("${EXTRA_ARGS[@]}")
fi
# exec replaces the shell, so the EXIT trap never fires on the success path —
# restore ownership here; everything this script writes happens before this point.
restore_ownership
exec "${CMD[@]}"

View file

@ -22,6 +22,16 @@ cleanup() {
if [[ -n "$BOOTSTRAP_LIB" ]]; then
rm -f "$BOOTSTRAP_LIB"
fi
# The script runs as root, so the files it touches in the install directory
# (.env rewrites, downloaded helper bundle, certs copied from Let's Encrypt)
# become root-owned, breaking later sudo-less git/edit operations. Hand the
# install back to the user who invoked sudo. SUDO_UID is unset when running
# as real root — nothing to restore then. Runs from the EXIT trap so a
# mid-setup failure also leaves ownership fixed.
if [[ -n "${SUDO_UID:-}" && -n "${SUDO_GID:-}" && -n "${DOGRAH_DEPLOY_PROJECT_DIR:-}" && -d "$DOGRAH_DEPLOY_PROJECT_DIR" ]]; then
echo -e "${BLUE}Restoring ownership of $DOGRAH_DEPLOY_PROJECT_DIR to ${SUDO_USER:-uid $SUDO_UID}...${NC}"
chown -R "$SUDO_UID:$SUDO_GID" "$DOGRAH_DEPLOY_PROJECT_DIR" || true
fi
}
trap cleanup EXIT

View file

@ -22,6 +22,16 @@ cleanup() {
if [[ -n "$BOOTSTRAP_LIB" ]]; then
rm -f "$BOOTSTRAP_LIB"
fi
# The script runs as root, so everything it creates in the deploy directory
# (.env, certs/, a cloned repo in build mode) is root-owned, which breaks
# later sudo-less git/edit operations. Hand it back to the user who invoked
# sudo. SUDO_UID is unset when running as real root (e.g. cloud-init) —
# root already owns its files, nothing to restore. Runs from the EXIT trap
# so a mid-setup failure also leaves ownership fixed.
if [[ -n "${SUDO_UID:-}" && -n "${SUDO_GID:-}" && -n "${DOGRAH_DEPLOY_PROJECT_DIR:-}" && -d "$DOGRAH_DEPLOY_PROJECT_DIR" ]]; then
echo -e "${BLUE}Restoring ownership of $DOGRAH_DEPLOY_PROJECT_DIR to ${SUDO_USER:-uid $SUDO_UID}...${NC}"
chown -R "$SUDO_UID:$SUDO_GID" "$DOGRAH_DEPLOY_PROJECT_DIR" || true
fi
}
trap cleanup EXIT

View file

@ -22,6 +22,16 @@ cleanup() {
if [[ -n "$BOOTSTRAP_LIB" ]]; then
rm -f "$BOOTSTRAP_LIB"
fi
# When run via sudo (the common case: docker access, root-owned installs),
# the refreshed deployment files and the rewritten .env become root-owned,
# breaking later sudo-less edits. Hand the install back to the user who
# invoked sudo; a no-op for unprivileged runs and real root, where SUDO_UID
# is unset. Runs from the EXIT trap so a mid-update failure also leaves
# ownership fixed.
if [[ -n "${SUDO_UID:-}" && -n "${SUDO_GID:-}" && -n "${DOGRAH_DEPLOY_PROJECT_DIR:-}" && -d "$DOGRAH_DEPLOY_PROJECT_DIR" ]]; then
echo -e "${BLUE}Restoring ownership of $DOGRAH_DEPLOY_PROJECT_DIR to ${SUDO_USER:-uid $SUDO_UID}...${NC}"
chown -R "$SUDO_UID:$SUDO_GID" "$DOGRAH_DEPLOY_PROJECT_DIR" || true
fi
}
trap cleanup EXIT