Closed bpartridge closed 8 years ago
thefinn93
commented
8 years ago Merged this from my phone in case I forgot about it. Looks good. I'm a little concerned about the permissions, they seem overly permissive, is there any particular reason you picked a+rw?
bpartridge
commented
8 years ago Agree that's probably overkill - I wanted to make sure that both letsencrypt and the web server's user could read and write the folder, and that letsencrypt could write to it. Thinking about it now, any other role (i.e. for setting up the server) writing things into the folder would expand permissions accordingly. So it's probably sufficient to just assert +rw just so the user running letsencrypt can access it? Happy to change and resubmit if you agree.
kpcyrd
commented
8 years ago Setting the webroot to 777 might not be a good idea.
thefinn93
commented
8 years ago Yeah... @bpartridge +rw sounds good to me, wanna go ahead and PR it?
On some systems, /var/www (or whatever webroot might be set to) may not exist yet (i.e. if nginx was installed simultaneously), and letsencrypt fails in that case. It's a simple task to fix it.