How to correctly set rights on the web server for convenience?

You have a server with a website (apache+nginx+php). All website files owned by the user www-data and edit them when he can.
T,E. I in the group, but can only watch, and I would quietly edit, add everything to git and all that. How to organize it? Change rights to edit the group? As normal\safe. How do properly it should be organized?
March 23rd 20 at 19:25
5 answers
March 23rd 20 at 19:27
It right when it is safe, but safe != Convenient.

All files are 644, directories are 755 and on the subject of "desirable/convenient" it's not for production, maintenance back and front on the test server and then deploy to prod (ways deploya dofiga, all not listed, on habré enough articles).
No test server? The dev in the help.
March 23rd 20 at 19:29
If www-data can edit the files and he is in the group www-data, then giving rights to a group write you anything for the service does not change. But to add to the group and get all what you want
Logical. Thank you. - Albina commented on March 23rd 20 at 19:32
March 23rd 20 at 19:31
Generally correctly, that no one with hands on the server files of the project have never edited. Edit locally, commitish, a shove, and the server delay either by hand or deploy script.
There Drupal is spinning, it upgrade modules sometimes the hands to perform. - Albina commented on March 23rd 20 at 19:34
March 23rd 20 at 19:33
Add a new user and run the scripts on his behalf. PHP-FPM to help.
March 23rd 20 at 19:35
1. sudo su www-data
2. to put everything into git and edit locally, and the site to upload after checking

Find more questions by tags Web DevelopmentApacheLinux