jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

sftp: fix private key file permissions on restore

Browse Source
This commit is contained in:
Girish Ramakrishnan
2022-03-30 11:29:14 -07:00
parent 724f5643bc
commit 529f6fb2cd
2 changed files with 10 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/sftp.js
View File

@@ -24,20 +24,20 @@ const apps = require('./apps.js'),
volumes = require('./volumes.js');
async function ensureKeys() {
let sftpPrivateKey = await blobs.get(blobs.SFTP_PRIVATE_KEY);
let sftpPublicKey = await blobs.get(blobs.SFTP_PUBLIC_KEY);
const sftpPrivateKey = await blobs.get(blobs.SFTP_PRIVATE_KEY);
const sftpPublicKey = await blobs.get(blobs.SFTP_PUBLIC_KEY);
if (!sftpPrivateKey || !sftpPublicKey) {
debug('ensureSecrets: generating new sftp keys');
if (!safe.child_process.execSync(`ssh-keygen -m PEM -t rsa -f "${paths.SFTP_KEYS_DIR}/ssh_host_rsa_key" -q -N ""`)) throw new BoxError(BoxError.OPENSSL_ERROR, `Could not generate sftp ssh keys: ${safe.error.message}`);
sftpPublicKey = safe.fs.readFileSync(paths.SFTP_PUBLIC_KEY_FILE);
await blobs.set(blobs.SFTP_PUBLIC_KEY, sftpPublicKey);
sftpPrivateKey = safe.fs.readFileSync(paths.SFTP_PRIVATE_KEY_FILE);
await blobs.set(blobs.SFTP_PRIVATE_KEY, sftpPrivateKey);
const newSftpPublicKey = safe.fs.readFileSync(paths.SFTP_PUBLIC_KEY_FILE);
await blobs.set(blobs.SFTP_PUBLIC_KEY, newSftpPublicKey);
const newSftpPrivateKey = safe.fs.readFileSync(paths.SFTP_PRIVATE_KEY_FILE);
await blobs.set(blobs.SFTP_PRIVATE_KEY, newSftpPrivateKey);
} else {
if (!safe.fs.writeFileSync(paths.SFTP_PUBLIC_KEY_FILE, sftpPublicKey)) throw new BoxError(BoxError.FS_ERROR, `Could not save sftp public key: ${safe.error.message}`);
if (!safe.fs.writeFileSync(paths.SFTP_PRIVATE_KEY_FILE, sftpPrivateKey, { mode: 0o600 })) throw new BoxError(BoxError.FS_ERROR, `Could not save sftp private key: ${safe.error.message}`);
}
if (!safe.fs.writeFileSync(paths.SFTP_PUBLIC_KEY_FILE, sftpPublicKey)) throw new BoxError(BoxError.FS_ERROR, `Could not save sftp public key: ${safe.error.message}`);
if (!safe.fs.writeFileSync(paths.SFTP_PRIVATE_KEY_FILE, sftpPrivateKey)) throw new BoxError(BoxError.FS_ERROR, `Could not save sftp private key: ${safe.error.message}`);
}
async function start(existingInfra) {