capistrano-env file permissions

Question

I use gem capistrano-env and found a small problem. My deploy script is:

Capistrano::Env.use do |env|
  env.add 'DB_DSN', 'mysql:host=localhost;dbname=dbname'
  env.add 'DB_USER', 'user'
  env.add 'DB_PASS', 'pass'
end

And this code create .env file on server after deploy. But! .env file permissions is 640 and my PHP script cannot read it. I can run chmod command after each deploy, but probably exist other nice solution?

EDIT

I created pull request and add new filemode option into this gem. So, now solution is:

Capistrano::Env.use do |env|
  env.add 'DB_DSN', 'mysql:host=localhost;dbname=dbname'
  env.add 'DB_USER', 'user'
  env.add 'DB_PASS', 'pass'
  env.filemode = 0644
end

Answer 1

You have a couple options to make this nicer.

1. It doesn't look like capistrano-env supports a custom permissions setting, but perhaps that feature could be added! Open an issue at GitHub and maybe the project maintainer will add it.

2. You could modify your deploy.rb to run the necessary chmod command for you. That way you wouldn't have to manually run chmod after each deploy.

Something like this:

# In deploy.rb
after "capenv:copy", "capenv:chmod" do
  on roles(:all) do
    execute "chmod", "a+r", "#{release_path}/#{Capistrano::Env.filename}"
  end
end

Answer 2

Looking at the capevn code the upload is done in a single task. You can locally override the definition of that task so you can change the file permissions. Put something like the following in deploy.rb

namespace :capenv do
  desc 'copy .env to release_path'
  task :copy do
    on roles(:all) do
      upload! StringIO.new(Capistrano::Env.to_s), "#{release_path}/#{Capistrano::Env.filename}", mode: 'a+r'
    end
  end
end