Private git-repo, www-data and permissions. How to do it correctly?

August 25, 2016 4.9k views
Ubuntu Git WordPress

Im trying to get Git to work correctly with my Wordpress-Droplet, but im struggling with permissions as im fairly new to this.

I have a private GitLab repo and a local dev-enviroment that works together the way it should — no problems here. Changes are pushed to Gitlab perfectly. But things get confusing when I move to my droplet to pull the changes.

(I have not decided on whether or not i want a post-receive hook/auto-deploy yet… for now, I just want to get manual git pull to work correctly)

Basically what I want to do is set git up on my user so that im able to git fetch and pull from my private gitlab-repo to my html/wp-content/themes/theme -folder. But since Wordpress is handled by the www-data user (obviously), I get confused about permissions. Im able to sudo -u www-data git pull on my droplet to pull from GitLab, but Git is installed in my user directory, which gives me

warning: unable to access '/home/user/.config/git/attributes': Permission denied
warning: unable to access '/home/user/.config/git/ignore': Permission denied
warning: unable to access '/home/user/.config/git/attributes': Permission denied
warning: unable to access '/home/user/.config/git/attributes': Permission denied

Makes sense though, but now im just kinda lost to what I should have done to begin with.

Is there a way to give www-data access to my users git-config?
Or should the git config have been installed differently to begin with?
What user should optimally have permissions on my wordpress-directory to allow git-pulling (which now belongs to www-data)?

If this is confusing, its because im confused. Let me know if theres something I should make clear or have left out. Thanks guys!

1 Answer

There might be an easier way to accomplish this. What if you perform your git pull as your normal user account, in a temporary directory. Then once that is complete you run

chown -Rf www-data.www-data /my/tmp/directory
rm -Rf /var/www/html/wp-content/themes/theme
mv /my/tmp/directory /var/www/html/wp-content/themes/theme

This way you can update your wordpress theme without having to have git set permissions or ownership itself.

  • Thank you for replying!

    So are you saying theres no way of pulling directly into the …/html/… directory? If so, I guess I will go for an auto-deploy script.

Have another answer? Share your knowledge.