patternMinor
Vagrantfile change with Ansible playbook to control file permission on Vagrant synced folder for Trellis
Viewed 0 times
vagrantfilefiletrellisvagrantcontrolsyncedwithchangepermissionplaybook
Problem
I use Trellis for my WordPress development. It works great, except I'm finding it hard to change file (or directory) permission within the synced folder.
Generally I'm OK with the default permission setup. However, sometimes I need to give write permission to some of the sub-directories of the main (NFS) synced directory.
This is the Vagrantfile that uses Ansible playbook for the main configuration of the VM (I use VirtualBox). I'm not a Ruby programmer nor have I worked with Ansible, however, by the looks of it, the following is the part of the
How can I make changes to this file in a way so that I can control permission to specific files and folders when I need. Since changing the permiss
Generally I'm OK with the default permission setup. However, sometimes I need to give write permission to some of the sub-directories of the main (NFS) synced directory.
This is the Vagrantfile that uses Ansible playbook for the main configuration of the VM (I use VirtualBox). I'm not a Ruby programmer nor have I worked with Ansible, however, by the looks of it, the following is the part of the
Vagrantfile where file permissions are being set:if Vagrant::Util::Platform.windows? and !Vagrant.has_plugin? 'vagrant-winnfsd'
wordpress_sites.each_pair do |name, site|
config.vm.synced_folder local_site_path(site), remote_site_path(name, site), owner: 'vagrant', group: 'www-data', mount_options: ['dmode=776', 'fmode=775']
end
config.vm.synced_folder ANSIBLE_PATH, ANSIBLE_PATH_ON_VM, mount_options: ['dmode=755', 'fmode=644']
config.vm.synced_folder File.join(ANSIBLE_PATH, 'bin'), bin_path, mount_options: ['dmode=755', 'fmode=755']
else
if !Vagrant.has_plugin? 'vagrant-bindfs'
fail_with_message "vagrant-bindfs missing, please install the plugin with this command:\nvagrant plugin install vagrant-bindfs"
else
wordpress_sites.each_pair do |name, site|
config.vm.synced_folder local_site_path(site), nfs_path(name), type: 'nfs'
config.bindfs.bind_folder nfs_path(name), remote_site_path(name, site), u: 'vagrant', g: 'www-data', o: 'nonempty'
end
config.vm.synced_folder ANSIBLE_PATH, '/ansible-nfs', type: 'nfs'
config.bindfs.bind_folder '/ansible-nfs', ANSIBLE_PATH_ON_VM, o: 'nonempty', p: '0644,a+D'
config.bindfs.bind_folder bin_path, bin_path, perms: '0755'
end
endHow can I make changes to this file in a way so that I can control permission to specific files and folders when I need. Since changing the permiss
Solution
There are two parts of this Vagrantfile, one does the mounting for Windows hosts (the first half), the other one for UNIX hosts (the second half), but essentially the do the same - just with different plugins.
You can see from the
To add a new directory with different permissions simply add them to the list. Note that
So for example if you want to give the
Windows config:
Unix config:
This will for example set their permission to
Note that in the Windows config you have to map from
You can also play with users and groups:
Windows config:
Unix config:
Here we set them to use user
You can see from the
config.vm.synced_folder and config.bindfs.bind_folder commands where they set up the appropriate directories with the proper permissions.To add a new directory with different permissions simply add them to the list. Note that
File.join('a','b') simply converts the path to a/b, but it's a nicer way to do it, as it's platform independent (on Windows it can also handle \ style paths).So for example if you want to give the
/tmp/needswrite folder more permission you can simply add the following two lines to their appropriate places:Windows config:
config.vm.synced_folder File.join(ANSIBLE_PATH, 'tmp', 'needswrite'), File.join(ANSIBLE_PATH_ON_VM, 'tmp', 'needswrite'), mount_options: ['dmode=777', 'fmode=777']Unix config:
config.bindfs.bind_folder File.join(ANSIBLE_PATH_ON_VM, 'tmp', 'needswrite'), File.join(ANSIBLE_PATH_ON_VM, 'tmp', 'needswrite'), perms: '0777'This will for example set their permission to
777 instead of the default 755Note that in the Windows config you have to map from
ANSIBLE_PATH to ANSIBLE_PATH_ON_VM, while on the Unix config bindfs will do a remount, so you need to match them with the same directory name.You can also play with users and groups:
Windows config:
config.vm.synced_folder File.join(ANSIBLE_PATH, 'tmp', 'needswrite'), File.join(ANSIBLE_PATH_ON_VM, 'tmp', 'needswrite'), owner: 'new-owner', group: 'new-group', mount_options: ['dmode=755', 'fmode=755']Unix config:
config.bindfs.bind_folder File.join(ANSIBLE_PATH_ON_VM, 'tmp', 'needswrite'), File.join(ANSIBLE_PATH_ON_VM, 'tmp', 'needswrite'), u: 'new-owner', g: 'new-group', perms: '0777'Here we set them to use user
new-owner and group new-groupCode Snippets
config.vm.synced_folder File.join(ANSIBLE_PATH, 'tmp', 'needswrite'), File.join(ANSIBLE_PATH_ON_VM, 'tmp', 'needswrite'), mount_options: ['dmode=777', 'fmode=777']config.bindfs.bind_folder File.join(ANSIBLE_PATH_ON_VM, 'tmp', 'needswrite'), File.join(ANSIBLE_PATH_ON_VM, 'tmp', 'needswrite'), perms: '0777'config.vm.synced_folder File.join(ANSIBLE_PATH, 'tmp', 'needswrite'), File.join(ANSIBLE_PATH_ON_VM, 'tmp', 'needswrite'), owner: 'new-owner', group: 'new-group', mount_options: ['dmode=755', 'fmode=755']config.bindfs.bind_folder File.join(ANSIBLE_PATH_ON_VM, 'tmp', 'needswrite'), File.join(ANSIBLE_PATH_ON_VM, 'tmp', 'needswrite'), u: 'new-owner', g: 'new-group', perms: '0777'Context
StackExchange DevOps Q#202, answer score: 4
Revisions (0)
No revisions yet.