From ca5462c11d01b2ab43537a760a27589c05ace930 Mon Sep 17 00:00:00 2001
From: Jacky <me@jackyu.cn>
Date: Tue, 4 Feb 2025 19:54:39 +0800
Subject: [PATCH] fix(cert): incorrect permission of ssl dir

---
 internal/cert/write_file.go | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/internal/cert/write_file.go b/internal/cert/write_file.go
index 97199783..a22b1a1b 100644
--- a/internal/cert/write_file.go
+++ b/internal/cert/write_file.go
@@ -1,10 +1,11 @@
 package cert
 
 import (
-	"github.com/0xJacky/Nginx-UI/internal/helper"
-	"github.com/0xJacky/Nginx-UI/internal/nginx"
 	"os"
 	"path/filepath"
+
+	"github.com/0xJacky/Nginx-UI/internal/helper"
+	"github.com/0xJacky/Nginx-UI/internal/nginx"
 )
 
 type Content struct {
@@ -33,25 +34,25 @@ func (c *Content) WriteFile() (err error) {
 	// The permission bits perm (before umask) are used for all directories that MkdirAll creates.
 	// If path is already a directory, MkdirAll does nothing and returns nil.
 
-	err = os.MkdirAll(filepath.Dir(c.SSLCertificatePath), 0644)
+	err = os.MkdirAll(filepath.Dir(c.SSLCertificatePath), 0755)
 	if err != nil {
 		return
 	}
 
-	err = os.MkdirAll(filepath.Dir(c.SSLCertificateKeyPath), 0644)
+	err = os.MkdirAll(filepath.Dir(c.SSLCertificateKeyPath), 0755)
 	if err != nil {
 		return
 	}
 
 	if c.SSLCertificate != "" {
-		err = os.WriteFile(c.SSLCertificatePath, []byte(c.SSLCertificate), 0644)
+		err = os.WriteFile(c.SSLCertificatePath, []byte(c.SSLCertificate), 0755)
 		if err != nil {
 			return
 		}
 	}
 
 	if c.SSLCertificateKey != "" {
-		err = os.WriteFile(c.SSLCertificateKeyPath, []byte(c.SSLCertificateKey), 0644)
+		err = os.WriteFile(c.SSLCertificateKeyPath, []byte(c.SSLCertificateKey), 0755)
 		if err != nil {
 			return
 		}