root/greenlock.js
2
0
Fork 0
mirror of https://github.com/therootcompany/greenlock.js.git synced 2025-04-19 05:20:37 +00:00
Code Issues 27 Releases Wiki Activity

Read-only package directory #10

New Issue
Open
opened 2019-11-22 07:35:14 +00:00 by Ghost · 4 comments
Ghost commented 2019-11-22 07:35:14 +00:00
Copy Link

First of all, thank you for your effort on brining greenlock.js and greenlock-express to the next level.

Due to security reasons (ubuntu snap) the package directory of my app is mounted read only. This has never been an issue while using greenlock v2 because i could define the directories where greenlock can write it's files. But the .greenlockrc file is written by greenlock.js/bin/lib/greenlockrc.js in the packageRoot, so I faced a permissions issue while upgrading from greenlock v2.

Analyzing this issue in my testing environment showed my that the content of the .greenlockrc file is the same as the manager-based parameters shown below. Is there any way to get around this or to define the location of the .greenlockrc file?

var greenlock = require('@root/greenlock').create({
        packageAgent: pkg.name + '/' + pkg.version,
        maintainerEmail: pkg.author.email,
        packageRoot: packageRoot(),
        manager: '@greenlock/manager',
        configFile: path.join(workingPath, 'greenlock.json'),
        notify: notify
    });
First of all, thank you for your effort on brining greenlock.js and greenlock-express to the next level. Due to security reasons (ubuntu snap) the package directory of my app is mounted read only. This has never been an issue while using greenlock v2 because i could define the directories where greenlock can write it's files. But the .greenlockrc file is written by greenlock.js/bin/lib/greenlockrc.js in the packageRoot, so I faced a permissions issue while upgrading from greenlock v2. Analyzing this issue in my testing environment showed my that the content of the .greenlockrc file is the same as the manager-based parameters shown below. Is there any way to get around this or to define the location of the .greenlockrc file? ~~~~ var greenlock = require('@root/greenlock').create({ packageAgent: pkg.name + '/' + pkg.version, maintainerEmail: pkg.author.email, packageRoot: packageRoot(), manager: '@greenlock/manager', configFile: path.join(workingPath, 'greenlock.json'), notify: notify }); ~~~~
coolaj86 commented 2019-11-22 10:09:28 +00:00
Owner
Copy Link

I'm moving this weekend, but I'll address that next week. I already have some work-in-progress that addresses this.

I'm moving this weekend, but I'll address that next week. I already have some work-in-progress that addresses this.
Ghost commented 2019-11-23 07:32:59 +00:00
Author
Copy Link

In my case, I run my app during start with a forever ia a .sh file. When I ssh the rasp and run "manually" the app, I need to sudo node app.js otherwise I cannot access greenlock.json.

In my case, I run my app during start with a forever ia a .sh file. When I ssh the rasp and run "manually" the app, I need to sudo node app.js otherwise I cannot access greenlock.json.
Ghost commented 2019-12-02 14:35:28 +00:00
Author
Copy Link

I recently discovered the changes you are planning for version 4. The new migration guide recommends a .greenlockrc file as part of the read-only image. Since i am deploying as well on Linux with Ubuntu snap (writable directories are defined by environment variables) as well as on Windows the configDir variable cannot be the same on both systems. Is there any change to change the configDir during runtime?

I recently discovered the changes you are planning for version 4. The new migration guide recommends a .greenlockrc file as part of the read-only image. Since i am deploying as well on Linux with Ubuntu snap (writable directories are defined by environment variables) as well as on Windows the configDir variable cannot be the same on both systems. Is there any change to change the configDir during runtime?
Ghost commented 2020-03-23 13:42:30 +00:00
Author
Copy Link

Almost got it working with version 4. But there is a wrong default value in greenlock.js/lib/rc.js

In line 27 the 'changed' variable is initialized like this: 'var changed = true;'

To support read-only filesystems the .greenlockrc file should only be written when its content differs from the current configuration. (https://git.rootprojects.org/root/greenlock.js/src/branch/master/MIGRATION_GUIDE.md)

But there is no code that changes 'changed' to false. So rc.js will always try to write the file which leads to a fatal error on read only filesystems. Initializing with 'false' like 'var change = false;' skips the writing process when there is no information to be updated.

Almost got it working with version 4. But there is a wrong default value in greenlock.js/lib/rc.js In line 27 the 'changed' variable is initialized like this: 'var changed = true;' To support read-only filesystems the .greenlockrc file should only be written when its content differs from the current configuration. (https://git.rootprojects.org/root/greenlock.js/src/branch/master/MIGRATION_GUIDE.md) But there is no code that changes 'changed' to false. So rc.js will always try to write the file which leads to a fatal error on read only filesystems. Initializing with 'false' like 'var change = false;' skips the writing process when there is no information to be updated.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
No items
No Label
Milestone
No items
No Milestone
Assignees
Clear assignees
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: root/greenlock.js#10
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?