Merge pull request #418 from dalcde/socket

Add option for socket permissions
2024-11-23 02:06:29 -05:00 · 2020-06-22 16:56:57 +02:00 · 2020-06-22 16:56:57 +02:00 · 389bbc46f7
commit 389bbc46f7
parent 77fbfa33a1 f2aba67374
3 changed files with 25 additions and 1 deletions
--- a/src/lib/app.ts
+++ b/src/lib/app.ts
@ -6,6 +6,7 @@ import cookieParser from 'cookie-parser'
 import ejs from 'ejs'
 import express from 'express'
 import session from 'express-session'
+import childProcess from 'child_process'
 import helmet from 'helmet'
 import http from 'http'
 import https from 'https'
@ -255,10 +256,23 @@ function startListen (): void {
    realtime.maintenance = false
  }

+  const unixCallback = function (): void {
+    const throwErr = function (err): void { if (err) throw err }
+    if (config.socket.owner !== undefined) {
+      childProcess.spawn('chown', [config.socket.owner, config.path]).on('error', throwErr)
+    }
+    if (config.socket.group !== undefined) {
+      childProcess.spawn('chgrp', [config.socket.group, config.path]).on('error', throwErr)
+    }
+    if (config.socket.mode !== undefined) {
+      fs.chmod(config.path, config.socket.mode, throwErr)
+    }
+    listenCallback()
+  }
  // use unix domain socket if 'path' is specified
  if (config.path) {
    address = config.path
-    server.listen(config.path, listenCallback)
+    server.listen(config.path, unixCallback)
  } else {
    address = config.host + ':' + config.port
    server.listen(config.port, config.host, listenCallback)
--- a/src/lib/config/default.ts
+++ b/src/lib/config/default.ts
@ -8,6 +8,11 @@ export const defaultConfig: Config = {
  urlPath: '',
  host: '0.0.0.0',
  port: 3000,
+  socket: {
+    group: undefined,
+    owner: undefined,
+    mode: undefined
+  },
  loglevel: 'info',
  urlAddPort: false,
  allowOrigin: ['localhost'],
--- a/src/lib/config/environment.ts
+++ b/src/lib/config/environment.ts
@ -7,6 +7,11 @@ export const environment = {
  host: process.env.CMD_HOST,
  port: toIntegerConfig(process.env.CMD_PORT),
  path: process.env.CMD_PATH,
+  socket: {
+    group: process.env.CMD_SOCKET_GROUP,
+    owner: process.env.CMD_SOCKET_OWNER,
+    mode: process.env.CMD_SOCKET_MODE
+  },
  loglevel: process.env.CMD_LOGLEVEL,
  urlAddPort: toBooleanConfig(process.env.CMD_URL_ADDPORT),
  useSSL: toBooleanConfig(process.env.CMD_USESSL),