Update default install path to /home/autocoder#14
Conversation
Summary of ChangesHello @heidi-dang, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request standardizes the default installation directory for the application. By changing the path from Highlights
Ignored Files
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here. You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension. Footnotes
|
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request updates the default installation path from /opt/autocoder to /home/autocoder in the documentation and deployment scripts. However, this change introduces a significant security regression: using a path within /home for root-privileged scripts makes the system vulnerable to local symlink attacks, potentially leading to denial of service or full system compromise. Additionally, using a directory under /home for an application is unconventional according to the Filesystem Hierarchy Standard (FHS) and could cause confusion. It is strongly recommended to revert this change and use a standard, root-owned directory like /opt/autocoder or /srv/autocoder.
| fi | ||
| fi | ||
| APP_DIR=${APP_DIR:-/opt/autocoder} | ||
| APP_DIR=${APP_DIR:-/home/autocoder} |
There was a problem hiding this comment.
Changing the default path to /home/autocoder introduces a high-severity security risk due to potential symlink attacks when the script is run with root privileges. Furthermore, using a directory under /home for an application is unconventional according to the Filesystem Hierarchy Standard (FHS). It is strongly recommended to revert to a standard, root-owned directory like /opt/autocoder or /srv/autocoder.
| APP_DIR=${APP_DIR:-/home/autocoder} | |
| APP_DIR=${APP_DIR:-/opt/autocoder} |
| read -r -p "Install path [/home/autocoder]: " APP_DIR | ||
| APP_DIR=${APP_DIR:-/home/autocoder} |
There was a problem hiding this comment.
Changing the default installation path to /home/autocoder in this script introduces a high-severity security risk. Since the script is intended to be run as root, a local non-privileged user could exploit this by creating symlinks in that directory, potentially leading to sensitive system files being overwritten. Additionally, using /home/autocoder is unconventional for an application's default path according to FHS. It is strongly recommended to keep the default installation path in a root-controlled directory like /opt/autocoder.
| read -r -p "Install path [/home/autocoder]: " APP_DIR | |
| APP_DIR=${APP_DIR:-/home/autocoder} | |
| read -r -p "Install path [/opt/autocoder]: " APP_DIR | |
| APP_DIR=${APP_DIR:-/opt/autocoder} |
| if [[ -z "${APP_DIR:-}" ]]; then | ||
| if [[ "${AUTOMATED_MODE}" -eq 0 ]]; then | ||
| read -r -p "Install path [/opt/autocoder]: " APP_DIR | ||
| read -r -p "Install path [/home/autocoder]: " APP_DIR |
There was a problem hiding this comment.
Changing the default installation path to a directory within /home introduces a potential security risk when the script is run as root. On many systems, /home is a directory where non-privileged users can create files and directories. If a local user named autocoder exists, they could pre-create the directory /home/autocoder and place symlinks (e.g., for .env.deploy or .env.production.bak) pointing to sensitive system files like /etc/shadow. When this script is run as root, it will follow these symlinks and overwrite the target files during the deployment process, leading to a denial of service or potential system compromise. It is safer to use a directory that is typically only writable by root for application data, such as /opt/autocoder.
| read -r -p "Install path [/home/autocoder]: " APP_DIR | |
| read -r -p "Install path [/opt/autocoder]: " APP_DIR |
| - Push CI (`.github/workflows/ci.yml`) runs the same validations on direct pushes to `main` and `master`, then builds and pushes a Docker image to GHCR (`ghcr.io/<owner>/<repo>:latest` and `:sha`). | ||
| - Deploy to VPS (`.github/workflows/deploy.yml`) runs after Push CI succeeds, SSHes into your VPS, prunes old Docker artifacts, pulls the target branch, pulls the GHCR `:sha` image (falls back to `:latest`), restarts with `docker compose up -d`, and leaves any existing `.env` untouched. It finishes with an HTTP smoke check on `http://127.0.0.1:8888/health`. | ||
| - Repo secrets required: `VPS_HOST`, `VPS_USER`, `VPS_SSH_KEY`, `VPS_DEPLOY_PATH` (use an absolute path like `/opt/autocoder`); optional `VPS_BRANCH` (defaults to `master`) and `VPS_PORT` (defaults to `22`). The VPS needs git, Docker + Compose plugin installed, and the repo cloned at `VPS_DEPLOY_PATH` with your `.env` present. | ||
| - Repo secrets required: `VPS_HOST`, `VPS_USER`, `VPS_SSH_KEY`, `VPS_DEPLOY_PATH` (use an absolute path like `/home/autocoder`); optional `VPS_BRANCH` (defaults to `master`) and `VPS_PORT` (defaults to `22`). The VPS needs git, Docker + Compose plugin installed, and the repo cloned at `VPS_DEPLOY_PATH` with your `.env` present. |
There was a problem hiding this comment.
Changing the default path to /home/autocoder is unconventional and deviates from the Filesystem Hierarchy Standard (FHS) unless an autocoder user is also created. The /home directory is typically reserved for user home directories, and placing application code there can be confusing for system administrators.
Consider reverting to the more standard /opt/autocoder or using /srv/autocoder, which are designated for optional applications and service data, respectively. This would align better with Linux best practices.
| ## Rollback | ||
| - Re-run deploy pointing to previous branch/sha: set branch prompt to the earlier ref. | ||
| - Or `git -C /opt/autocoder checkout <sha>` then `docker compose ... up -d --build`. | ||
| - Or `git -C /home/autocoder checkout <sha>` then `docker compose ... up -d --build`. |
There was a problem hiding this comment.
As mentioned in the review for README.md, using /home/autocoder is unconventional. This comment is to flag that this path is also hardcoded here. If the default path is changed back to /opt/autocoder or to /srv/autocoder, this line will also need to be updated.
1 participant
No description provided.