0

I am learning sysadmin and currently I am using nginx on port 80 as my primary web server. I wish to also use apache as a reverse proxy option on port 8080, or swap apache to primary with nginx.

But want I wish to understand is how best to layout user/group permissions to allow nginx/apache to modify the files they need to, as well as my own SSH admin to modify the same files and directories and finally an FTP user to edit their allocated folder like a standard webhost.

That boring chunk of text might not get your attention so I have created a very clear and perfect diagram to explain

enter image description here Now I understand I cant just give one user/group full access because it seems to close off access by others, the command below will not let apache nor my admin or ftp users to modify files

I have tried different things and read up on this abit but I dont understand how I can do this properly

chown -R nginx:nginx /var/www

Cacoon
  • 133
  • 5

1 Answers1

0

I use the following setup:

My own shell account as the owner for the files.

The group owner of the files is the nginx group or whichever group nginx running user is assigned to.

Files have 640 permission mask and directories have 750 permission mask, which means:

Shell account can read and write files and access directories.

nginx user can read files and access directories.

Tero Kilkanen
  • 36,796
  • 3
  • 41
  • 63
  • Could you give me a more clear example for someone so new (and noob) at this whole linux perms thing. I get what youre saying but im not sure exactly how to go about all of that and i know permissions can be a fickle beast and dont want to mess it up – Cacoon Mar 25 '18 at 20:45
  • 1
    https://www.linux.com/learn/understanding-linux-file-permissions tells how permissions on Linux work. It is too big a subject for a site like this. – Tero Kilkanen Mar 26 '18 at 17:52
  • Appreciate it man ill have a look – Cacoon Mar 27 '18 at 01:53