Private git-repo, www-data and permissions. How to do it correctly?

Posted August 25, 2016 8.2k views

Im trying to get Git to work correctly with my Wordpress-Droplet, but im struggling with permissions as im fairly new to this.

I have a private GitLab repo and a local dev-enviroment that works together the way it should — no problems here. Changes are pushed to Gitlab perfectly. But things get confusing when I move to my droplet to pull the changes.

(I have not decided on whether or not i want a post-receive hook/auto-deploy yet… for now, I just want to get manual git pull to work correctly)

Basically what I want to do is set git up on my user so that im able to git fetch and pull from my private gitlab-repo to my html/wp-content/themes/theme -folder. But since Wordpress is handled by the www-data user (obviously), I get confused about permissions. Im able to sudo -u www-data git pull on my droplet to pull from GitLab, but Git is installed in my user directory, which gives me

warning: unable to access '/home/user/.config/git/attributes': Permission denied
warning: unable to access '/home/user/.config/git/ignore': Permission denied
warning: unable to access '/home/user/.config/git/attributes': Permission denied
warning: unable to access '/home/user/.config/git/attributes': Permission denied

Makes sense though, but now im just kinda lost to what I should have done to begin with.

Is there a way to give www-data access to my users git-config?
Or should the git config have been installed differently to begin with?
What user should optimally have permissions on my wordpress-directory to allow git-pulling (which now belongs to www-data)?

If this is confusing, its because im confused. Let me know if theres something I should make clear or have left out. Thanks guys!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
1 answer

There might be an easier way to accomplish this. What if you perform your git pull as your normal user account, in a temporary directory. Then once that is complete you run

chown -Rf www-data.www-data /my/tmp/directory
rm -Rf /var/www/html/wp-content/themes/theme
mv /my/tmp/directory /var/www/html/wp-content/themes/theme

This way you can update your wordpress theme without having to have git set permissions or ownership itself.

  • Thank you for replying!

    So are you saying theres no way of pulling directly into the …/html/… directory? If so, I guess I will go for an auto-deploy script.