From 0ec0c24404073093cba3dbff5ae583ce66aa8b98 Mon Sep 17 00:00:00 2001
From: Evan Kaufman <ekaufman@collegedegrees.com>
Date: Thu, 7 Nov 2013 11:28:12 -0600
Subject: [PATCH 1/2] Various fixes for `genesis:permissions`

* #39 - run permission/ownership commands with sudo
* #35 - add www-data user to deploy group
* #33, #20 - fixed -follow flag for `find`, added `chmod g+s` for directories
---
 deployment/lib/server.rb                 | 6 +++---
 provisioning/roles/common/tasks/main.yml | 4 ++++
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/deployment/lib/server.rb b/deployment/lib/server.rb
index f33a550..e7fdf4b 100644
--- a/deployment/lib/server.rb
+++ b/deployment/lib/server.rb
@@ -23,13 +23,13 @@
     desc "Fix permissions"
     task :permissions do
         # Avoid uploading problems if Apache owns directories
-        run "find #{remote_web} -follow -type d -exec chown :www-data {} \\;"
+        sudo "find -L #{remote_web} -type d -exec chown :www-data {} \\;"
 
         # Both deploy & Apache have 1st control of directories
-        run "find #{remote_web} -follow -type d -exec chmod 775 {} \\;"
+        sudo "find -L #{remote_web} -type d -exec chmod 775 {} \\; -exec chmod g+s {} \\;"
 
         # Files should not be executable, but deploy + Apache still have control
-        run "find #{remote_web} -follow -type f -exec chmod 644 {} \\;"
+        sudo "find -L #{remote_web} -type f -exec chmod 664 {} \\;"
     end
 
     namespace :logs do
diff --git a/provisioning/roles/common/tasks/main.yml b/provisioning/roles/common/tasks/main.yml
index 6a8df1f..89f0c57 100644
--- a/provisioning/roles/common/tasks/main.yml
+++ b/provisioning/roles/common/tasks/main.yml
@@ -40,6 +40,10 @@
   when:           has_vagrant.stdout
   sudo:           yes
 
+- name:           Add www-data user to deploy
+  user:           name=www-data append=yes groups=deploy
+  sudo:           yes
+
 - name:           Update php.ini's memory_limit
   lineinfile:     dest=/etc/php5/apache2/php.ini backup=yes regexp='memory_limit' line='memory_limit = 1024M'
   sudo:           yes

From 2266dbd3a224cc3855fc5eec4b58b51c18c38695 Mon Sep 17 00:00:00 2001
From: Evan Kaufman <ekaufman@collegedegrees.com>
Date: Fri, 8 Nov 2013 14:34:42 -0600
Subject: [PATCH 2/2] Added FS_METHOD setting of "direct"

This makes sense since the server we're provisioning has neither ftp nor keyless ssh support, and permissions should allow for direct filesystem io
---
 generator/app/templates/web/wp-config.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/generator/app/templates/web/wp-config.php b/generator/app/templates/web/wp-config.php
index d14736f..fa8f749 100644
--- a/generator/app/templates/web/wp-config.php
+++ b/generator/app/templates/web/wp-config.php
@@ -18,8 +18,8 @@
   // Replace salts
   .replace(/(\/\*\*#@\+.+?\*\/\n).+?(\n\/\*\*#@-\*\/)/m, "$1" + props.salts + "$2")
 
-  // Limit to 5 post revisions
-  .replace("/* That's all,", "define('WP_POST_REVISIONS', 5);\n\n/*That's all,")
+  // Limit to 5 post revisions, and force direct filesystem IO
+  .replace("/* That's all,", "define('WP_POST_REVISIONS', 5);\n\ndefine('FS_METHOD', 'direct');\n\n/*That's all,")
 %>
 if (WP_ENV !== 'www') {
   Genesis::rewriteUrls();