diff --git a/app/Models/PrivateKey.php b/app/Models/PrivateKey.php index bb76d5ed6..7163ae7b5 100644 --- a/app/Models/PrivateKey.php +++ b/app/Models/PrivateKey.php @@ -237,7 +237,7 @@ protected function ensureStorageDirectoryExists() $testSuccess = $disk->put($testFilename, 'test'); if (! $testSuccess) { - throw new \Exception('SSH keys storage directory is not writable'); + throw new \Exception('SSH keys storage directory is not writable. Run on the host: sudo chown -R 9999 /data/coolify/ssh && sudo chmod -R 700 /data/coolify/ssh && docker restart coolify'); } // Clean up test file diff --git a/scripts/upgrade.sh b/scripts/upgrade.sh index 648849d5c..f32db9b8d 100644 --- a/scripts/upgrade.sh +++ b/scripts/upgrade.sh @@ -141,6 +141,15 @@ else log "Network 'coolify' already exists" fi +# Fix SSH directory ownership if not owned by container user UID 9999 (fixes #6621) +# Only changes owner — preserves existing group to respect custom setups +SSH_OWNER=$(stat -c '%u' /data/coolify/ssh 2>/dev/null || echo "unknown") +if [ "$SSH_OWNER" != "9999" ]; then + log "Fixing SSH directory ownership (was owned by UID $SSH_OWNER)" + chown -R 9999 /data/coolify/ssh + chmod -R 700 /data/coolify/ssh +fi + # Check if Docker config file exists DOCKER_CONFIG_MOUNT="" if [ -f /root/.docker/config.json ]; then diff --git a/tests/Unit/PrivateKeyStorageTest.php b/tests/Unit/PrivateKeyStorageTest.php index 00f39e3df..09472604b 100644 --- a/tests/Unit/PrivateKeyStorageTest.php +++ b/tests/Unit/PrivateKeyStorageTest.php @@ -112,7 +112,7 @@ public function it_throws_exception_when_storage_directory_is_not_writable() ); $this->expectException(\Exception::class); - $this->expectExceptionMessage('SSH keys storage directory is not writable'); + $this->expectExceptionMessage('SSH keys storage directory is not writable. Run on the host: sudo chown -R 9999 /data/coolify/ssh && sudo chmod -R 700 /data/coolify/ssh && docker restart coolify'); PrivateKey::createAndStore([ 'name' => 'Test Key',