From 5a9d0f3e0ff2067610ad4d3207724b9defce25c3 Mon Sep 17 00:00:00 2001
From: Tom Hughes <tom@compton.nu>
Date: Thu, 8 Dec 2022 10:17:22 +0000
Subject: [PATCH] Run phpfpm exporter in group www-data to allow socket access

---
 cookbooks/php/resources/fpm.rb             | 1 +
 cookbooks/prometheus/resources/exporter.rb | 2 ++
 2 files changed, 3 insertions(+)

diff --git a/cookbooks/php/resources/fpm.rb b/cookbooks/php/resources/fpm.rb
index f8cc208b5..b63a0c814 100644
--- a/cookbooks/php/resources/fpm.rb
+++ b/cookbooks/php/resources/fpm.rb
@@ -55,6 +55,7 @@ action :create do
       port new_resource.prometheus_port
       restrict_address_families "AF_UNIX"
       service service_name
+      group "www-data"
       command "server"
       options "--phpfpm.scrape-uri=#{scrape_uri}"
     end
diff --git a/cookbooks/prometheus/resources/exporter.rb b/cookbooks/prometheus/resources/exporter.rb
index ac970426b..3087f9c93 100644
--- a/cookbooks/prometheus/resources/exporter.rb
+++ b/cookbooks/prometheus/resources/exporter.rb
@@ -27,6 +27,7 @@ property :port, :kind_of => Integer, :required => [:create]
 property :listen_switch, :kind_of => String, :default => "web.listen-address"
 property :listen_type, :kind_of => String, :default => "address"
 property :user, :kind_of => String
+property :group, :kind_of => String
 property :command, :kind_of => String
 property :options, :kind_of => [String, Array]
 property :environment, :kind_of => Hash, :default => {}
@@ -50,6 +51,7 @@ action :create do
     type "simple"
     user new_resource.user
     dynamic_user new_resource.user.nil?
+    group new_resource.group
     environment new_resource.environment
     exec_start "#{executable_path} #{new_resource.command} #{executable_options}"
     sandbox :enable_network => true
-- 
2.39.5