search

sous-chefs / nginx

Development repository for the nginx cookbook
https://supermarket.chef.io/cookbooks/nginx
Apache License 2.0
551 stars 810 forks source link

Default folder_mode permissions in nginx_config resource may fail logrotate #622

Open TimRots opened 1 year ago

TimRots commented 1 year ago

:ghost: Brief Description

Currently the nginx_config resource in this cookbook has a folder_mode property which defaults to 0750 and is used for nginx_dir, configs in nginx_dir, and nginx_log_dir permissions.

These defaults can cause issues with the logrotate configuration that is shipped with most Debian (like) OS-es.

A suggestion to omit this issue would be to introduce more fine-grained control over the logdir permissions by adding properties like log_dir_perm, log_dir_owner, and log_dir_group.

I would like to volunteer for making a fix if I can get some feedback from the maintainers on the how.

:pancakes: Cookbook version

>= 12.1.0

:woman_cook: Chef-Infra Version

18.2.7

:tophat: Platform details

Ubuntu 20.04 / 22.04

bmhughes commented 1 year ago

Yes adding those properties to nginx_config sounds like the way to go @TimRots , would be happy to accept a PR!

TimRots commented 1 year ago

Thank you for the quick reply @bmhughes. I will try to make time next week to work on this and ask for your review when I have a draft PR ready.