From 3b448e58dc81cc6a54e0997222815a05d94d93a0 Mon Sep 17 00:00:00 2001
From: Mohamed Al Ashaal <m7medalash3al@gmail.com>
Date: Tue, 23 Apr 2024 19:32:26 +0200
Subject: [PATCH] added the support for --user and --group options and
 automatically instructs fpm to run as root when if needed

---
 cmd/serve/flags.go         | 14 ++++++++++++++
 cmd/serve/serve.go         |  2 ++
 go.mod                     |  2 +-
 internals/fpm/fpm.go       | 12 +++++++++++-
 internals/fpm/php-fpm.conf |  4 ++--
 5 files changed, 30 insertions(+), 4 deletions(-)

diff --git a/cmd/serve/flags.go b/cmd/serve/flags.go
index 2c2f0f8..c6fdf13 100644
--- a/cmd/serve/flags.go
+++ b/cmd/serve/flags.go
@@ -136,5 +136,19 @@ func DefaultFlags(envPrefix string) []cli.Flag {
 			EnvVars: []string{prefixWrapper("CORS_AGE")},
 			Value:   0,
 		},
+
+		&cli.StringFlag{
+			Name:    "user",
+			Usage:   "run the fpm www pool user",
+			EnvVars: []string{prefixWrapper("USER")},
+			Value:   "www-data",
+		},
+
+		&cli.StringFlag{
+			Name:    "group",
+			Usage:   "run the fpm www pool group",
+			EnvVars: []string{prefixWrapper("GROUP")},
+			Value:   "www-data",
+		},
 	}
 }
diff --git a/cmd/serve/serve.go b/cmd/serve/serve.go
index ff822a1..abf60ee 100644
--- a/cmd/serve/serve.go
+++ b/cmd/serve/serve.go
@@ -64,6 +64,8 @@ func Before() cli.BeforeFunc {
 			WorkerCount:           ctx.Int("workers"),
 			WorkerMaxRequestCount: ctx.Int("requests"),
 			WorkerMaxRequestTime:  ctx.Int("timeout"),
+			User:                  ctx.String("user"),
+			Group:                 ctx.String("group"),
 		}
 
 		return fpmProcess.Start()
diff --git a/go.mod b/go.mod
index 08fe3ba..415f4a4 100644
--- a/go.mod
+++ b/go.mod
@@ -1,6 +1,6 @@
 module github.com/alash3al/phoo
 
-go 1.21
+go 1.22
 
 require (
 	github.com/joho/godotenv v1.5.1
diff --git a/internals/fpm/fpm.go b/internals/fpm/fpm.go
index dff9700..c598c18 100644
--- a/internals/fpm/fpm.go
+++ b/internals/fpm/fpm.go
@@ -25,6 +25,9 @@ type Process struct {
 	WorkerCount           int
 	WorkerMaxRequestCount int
 	WorkerMaxRequestTime  int
+
+	User  string
+	Group string
 }
 
 func (p *Process) Start() error {
@@ -49,6 +52,8 @@ func (p *Process) Start() error {
 		"worker.count":             fmt.Sprintf("%v", p.WorkerCount),
 		"worker.request.max_count": fmt.Sprintf("%v", p.WorkerMaxRequestCount),
 		"worker.request.max_time":  fmt.Sprintf("%v", p.WorkerMaxRequestTime),
+		"user":                     p.User,
+		"group":                    p.Group,
 	})
 
 	if err := os.WriteFile(p.ConfigFilename, []byte(fpmConfigFileContents), 0755); err != nil {
@@ -59,7 +64,12 @@ func (p *Process) Start() error {
 }
 
 func (p *Process) execAndWait() error {
-	cmd := exec.Command(p.BinFilename, "-F", "-O", "-y", p.ConfigFilename)
+	args := []string{"-F", "-O", "-y", p.ConfigFilename}
+	if p.User == "root" || p.Group == "root" {
+		args = append(args, "-R")
+	}
+
+	cmd := exec.Command(p.BinFilename, args...)
 	cmd.Stdout = os.Stdout
 	cmd.Stderr = os.Stderr
 
diff --git a/internals/fpm/php-fpm.conf b/internals/fpm/php-fpm.conf
index 5b0b8e9..e5b141b 100644
--- a/internals/fpm/php-fpm.conf
+++ b/internals/fpm/php-fpm.conf
@@ -12,5 +12,5 @@ pm.max_children = {{worker.count}}
 pm.max_requests = {{worker.request.max_count}}
 request_terminate_timeout = {{worker.request.max_time}}
 clear_env = no
-user = www-data
-group = www-data
\ No newline at end of file
+user = {{user}}
+group = {{group}}
\ No newline at end of file