lavoiesl/fix-permissions.sh

## fix-permissions.sh
#!/bin/bash
# setfacl script for Web hosting

root=/mnt/data
admin_group=admin
users_group=devs
www_user=www-data

# Clear all acls
sudo setfacl -R -b $root/{environments,repositories,common}

# Add admin rights
sudo setfacl -R -m "g:admin:rwX,d:g:admin:rwX" $root/{environments,repositories,common}

# Add rights to $users_group, but only for subdirectories, they can’t create directories
sudo setfacl -R -m "d:g:$users_group:rwX" $root/{environments,repositories}
sudo setfacl -R -m "g:$users_group:rwX" $root/{environments,repositories}/*

# Give permissions everywhere, including default, but not on $root.
# Creating directories is restricted to root
sudo setfacl -R -m "d:u:$www_user:rwX" $root/environments
sudo setfacl -R -m "u:$www_user:rwX" $root/environments/*
	#!/bin/bash
	# setfacl script for Web hosting

	root=/mnt/data
	admin_group=admin
	users_group=devs
	www_user=www-data

	# Clear all acls
	sudo setfacl -R -b $root/{environments,repositories,common}

	# Add admin rights
	sudo setfacl -R -m "g:admin:rwX,d:g:admin:rwX" $root/{environments,repositories,common}

	# Add rights to $users_group, but only for subdirectories, they can’t create directories
	sudo setfacl -R -m "d:g:$users_group:rwX" $root/{environments,repositories}
	sudo setfacl -R -m "g:$users_group:rwX" $root/{environments,repositories}/*

	# Give permissions everywhere, including default, but not on $root.
	# Creating directories is restricted to root
	sudo setfacl -R -m "d:u:$www_user:rwX" $root/environments
	sudo setfacl -R -m "u:$www_user:rwX" $root/environments/*