diff --git a/backend/internal/bootstrap/router_bootstrap.go b/backend/internal/bootstrap/router_bootstrap.go index 5f20e53f..93a317c0 100644 --- a/backend/internal/bootstrap/router_bootstrap.go +++ b/backend/internal/bootstrap/router_bootstrap.go @@ -7,6 +7,8 @@ import ( "log" "net" "net/http" + "os" + "strconv" "time" "github.com/pocket-id/pocket-id/backend/frontend" @@ -119,6 +121,18 @@ func initRouterInternal(db *gorm.DB, svc *services) (utils.Service, error) { return nil, fmt.Errorf("failed to create %s listener: %w", network, err) } + // Set the socket mode if using a Unix socket + if network == "unix" && common.EnvConfig.UnixSocketMode != "" { + mode, err := strconv.ParseUint(common.EnvConfig.UnixSocketMode, 8, 32) + if err != nil { + return nil, fmt.Errorf("failed to parse UNIX socket mode '%s': %w", common.EnvConfig.UnixSocketMode, err) + } + + if err := os.Chmod(addr, os.FileMode(mode)); err != nil { + return nil, fmt.Errorf("failed to set UNIX socket mode '%s': %w", common.EnvConfig.UnixSocketMode, err) + } + } + // Service runner function runFn := func(ctx context.Context) error { log.Printf("Server listening on %s", addr) diff --git a/backend/internal/common/env_config.go b/backend/internal/common/env_config.go index 65b8a918..fe74910f 100644 --- a/backend/internal/common/env_config.go +++ b/backend/internal/common/env_config.go @@ -33,6 +33,7 @@ type EnvConfigSchema struct { Port string `env:"PORT"` Host string `env:"HOST"` UnixSocket string `env:"UNIX_SOCKET"` + UnixSocketMode string `env:"UNIX_SOCKET_MODE"` MaxMindLicenseKey string `env:"MAXMIND_LICENSE_KEY"` GeoLiteDBPath string `env:"GEOLITE_DB_PATH"` GeoLiteDBUrl string `env:"GEOLITE_DB_URL"` @@ -53,6 +54,7 @@ var EnvConfig = &EnvConfigSchema{ Port: "1411", Host: "0.0.0.0", UnixSocket: "", + UnixSocketMode: "", MaxMindLicenseKey: "", GeoLiteDBPath: "data/GeoLite2-City.mmdb", GeoLiteDBUrl: MaxMindGeoLiteCityUrl,