YunoHost-Apps
Feature request: Expose app via SFTP
Just as it's done with my_webapp (see https://github.com/YunoHost-Apps/my_webapp_ynh/blob/master/scripts/install#L86) I would like to have the option to access the wordpress app via SFTP with a dedicated app user. I do know that it's possible to mount the WP directory to a user's home directory (https://yunohost.org/en/sftp_on_apps). However, this brings some culprits with it, see https://github.com/YunoHost/issues/issues/2398 and https://forum.yunohost.org/t/wordpress-default-folder-file-permission-issues-result-in-404-403-errors/24873.
I did the steps from my_webapp manually for a WP app on my server and everything seems to work fine (no problems with HTTP 404 or 403 errors). I ran the following commands:
# Check groups for WP user
id wordpress__4
# Add SFTP group
usermod -a -G sftp.app wordpress__4
# Set password for WP user
chpasswd <<< "wordpress__4:<REDACTED_PWD>"
# Own app dir by root to allow SFTP connections
chown root:root /var/www/wordpress__4
# Set group permissions
setfacl -m g:wordpress__4:r-x /var/www/wordpress__4
setfacl -m g:www-data:r-x /var/www/wordpress__4
chmod 750 /var/www/wordpress__4
I might open a PR for this soon.
This feature would make me use the wordpress package instead of the my_webapp package.
