Oh hello there!
One of my many goals is to see if it’s possible to snap an HTTP daemon like NGINX privately. I know private snaps can be made (I’ve done this with
openrdap which is the same product,
rdap was an easy Go program to snap,
openrdap is its other namespace - yay for my first snap being easy!), and can be tested/deployed/etc. but snapping a full HTTP daemon is something I’m a little unsure about.
I know at the least it’ll need certain permissions and connections set up for consuming (network access, filesystem access, etc.) so it’s unfortunately not going to be as confined as I’d like it to be, but for privacy I’m just trying to experiment a bit with this.
One thing that I want to do though is utilize the system-default
www-data user as shared between the snap and the system, because NGINX and such in Ubuntu by default use
www-data. Is there any way to permit this to be done when creating the snap, or is this impossible? Asking because there seems to be a way in the snap to define daemon user creation, but I want to use the default www-data user instead that comes on pretty much all Ubuntu/Debian systems.