What is there to configure? Group ownership is done in the Web Site app; Read Only is irrelevent - you'd just remove File Upload access which will achieve the same. There is nothing else to configure. FTP access is covered by FTP Upload.

Unfortunately, that part of GitLab is only available to users with a ClearCenter account. It is the same for all paid apps.

I should have clarified, those changes only need to be done on the PDC, but we will be pushing them to all installations.

So you can upload to it by FTP or SMB.

I am just doing things with Dave. Can you do:Then see if this gets your clearsync of certificates going?

Please also check the port being used in both the PDC and BDC in /etc/clearsync.d/filesync-accounts.conf, and please let us know if they are different. They should both be using 8155.

I don't think so. I used 0644 and root:root as I did not know what the default was. At lease that way it gave access to anyone. 0640 and root:clearsync is fine is the clearsync user is running the app as the clearsync user belongs to the clearsync group.

"ps aux" shows the clearsync user running clearsync:

Is this what you meant by probably a bug?

Testing again. Only websites created through the Flexshare system show in the Flexshare app. Websites createdthrough the Web Site app only show up in the Website App although the Flexshares should still exist in the background. Have a look at:

I am not sure. My brain is currently preoccupied with the App-Attack-Detector upgrade problem. What is the output to:

Enable it for "File Server Upload" or possibly "FTP Upload" then have another look.

No. That does not seem to be right. If you create a Flexshare, test, and your domain is and enable it for a website, you get the standard flexshare in /var/flexshare/shares/test and you get a folder /var/www/virtual/test. These use your internal domain name and it is not configurable (I've just rememberer that piece of info!) so are only suitable for internal web sites or where you use the same domain internally and externally.

If you create a sandboxed website, test.example.com, you get a flexshare called /var/flexshare/shares/test.example.com and a folder /var/www/virtual/test.example.com. These can use any domain name you like. If you use a different domain internally you can still use the hosts file to access them.

The folders under /var/flexshare/shares and /var/www/virtual are not symlinked together but bind mounted together. Have a look at the output to "findmnt" in a big screen, or, to cut it down a bit "findmnt -t nocgroup,notmpfs,nooverlay -o TARGET,SOURCE,FSTYPE".