Security for secrets directory #24
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Even though Nginx Proxy Manager currently uses the `secrets` directory, it makes sense to create this directory as part of the general stacks installer. Furthermore, it should be secured by the installer so that this secure step doesn't have to be manually accomplished later. Backup processes that use rsync to pull down files from servers may encounter problems, though, if the user doesn't have access to the files, even if they are using rsync with sudo. So, we offer to set the `secrets` directory to a group that the real user has access to. It's just more natural, convenient, and functional.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Currently, only the Nginx Proxy Manager stack uses the
secretsdirectory, but it's intended to be available for anydocker-hoststack that will need secrets. So, we add the installation of thesecretsdirectory to the mainsetup.shinstaller for stacks.Additionally, though, it's important to incorporate security into the creation of this directory, so that the admin is not expected to have to do it after the fact to be secure. At the very least, the directory should have all perms removed from "others".
To ensure the directory can be readable by the user doing the install, who is probably the admin, we also give the option to set the "group" of the directory to a group that the user is a member of. This is just a nicety but really makes things more convenient.
The whole security setting step can be skipped by the user if desired.
Notes
On systems integrated with AD, retrieval of user groups may be slow, taking many seconds. So, we retrieve the user's groups in the background right away, so that by the time we want to list the user's groups, the wait will be shorter or even no wait at all.
By using the id command, we get group IDs and names, so it is most accurate (by using the ID) and user-friendly (by showing the name).