From d7aab4c929ecb4cefb88652ff8bb86f24dbbd6b7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Javi=20Mart=C3=ADn?= <javim@elretirao.net>
Date: Mon, 11 Nov 2019 11:40:57 +0100
Subject: [PATCH] Check permissions for secrets file

Old versions of the installer created this file as root, making it
impossible to change it as a regular user.

So for old installations we need to make sure we've got write access to
this file.

We're using `sudo` because in these applications the installer gives
`sudo` access to the deploy user, so everything works fine with the
default configuration.
---
 config/deploy.rb | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/config/deploy.rb b/config/deploy.rb
index 1112257cb..7a10e80ed 100644
--- a/config/deploy.rb
+++ b/config/deploy.rb
@@ -136,9 +136,15 @@ task :smtp_ssl_and_delay_jobs_secrets do
     within current_path do
       with rails_env: fetch(:rails_env) do
         tasks_file_path = "lib/tasks/secrets.rake"
+        shared_secrets_path = "#{shared_path}/config/secrets.yml"
 
         unless test("[ -e #{current_path}/#{tasks_file_path} ]")
           begin
+            unless test("[ -w #{shared_secrets_path} ]")
+              execute "sudo chown `whoami` #{shared_secrets_path}"
+              execute "chmod u+w #{shared_secrets_path}"
+            end
+
             execute "cp #{release_path}/#{tasks_file_path} #{current_path}/#{tasks_file_path}"
 
             execute :rake, "secrets:smtp_ssl_and_delay_jobs"