fix: git safe.directory для админки (dubious ownership)

Co-authored-by: Cursor <cursoragent@cursor.com>

src/services/git-deploy.js

@@ -30,13 +30,43 @@ function isUpdateEnabled() {
   return fs.existsSync(path.join(root, 'scripts', 'admin-web-update.sh'));
 }
 
+function gitEnv(root) {
+  const resolved = path.resolve(root);
+  return {
+    ...process.env,
+    GIT_TERMINAL_PROMPT: '0',
+    GIT_CONFIG_COUNT: '1',
+    GIT_CONFIG_KEY_0: 'safe.directory',
+    GIT_CONFIG_VALUE_0: resolved,
+  };
+}
+
+/** Git 2.35+: репозиторий с другим владельцем (www-data vs root) */
+async function ensureSafeDirectory(root) {
+  const resolved = path.resolve(root);
+  const home = process.env.HOME || '/var/www';
+  try {
+    await execFileAsync('git', ['config', '--global', '--add', 'safe.directory', resolved], {
+      timeout: 15000,
+      env: { ...process.env, HOME: home },
+    });
+  } catch {
+    // глобальный config может быть недоступен — используем -c в gitCmd
+  }
+}
+
 async function gitCmd(args, cwd) {
-  const { stdout, stderr } = await execFileAsync('git', args, {
-    cwd,
-    maxBuffer: 1024 * 1024,
-    timeout: 90000,
-    env: { ...process.env, GIT_TERMINAL_PROMPT: '0' },
-  });
+  const root = path.resolve(cwd);
+  const { stdout, stderr } = await execFileAsync(
+    'git',
+    ['-c', `safe.directory=${root}`, ...args],
+    {
+      cwd: root,
+      maxBuffer: 1024 * 1024,
+      timeout: 90000,
+      env: gitEnv(root),
+    }
+  );
   return `${stdout}${stderr}`.trim();
 }
 
@@ -69,6 +99,7 @@ async function getGitInfo({ fetchRemote = false } = {}) {
   };
 
   try {
+    await ensureSafeDirectory(root);
     info.branch = await gitCmd(['branch', '--show-current'], root);
     if (!info.branch) {
       info.branch = '(detached)';
@@ -113,7 +144,7 @@ function runDeployUpdate() {
 
     const child = spawn(cmd, args, {
       cwd: root,
-      env: { ...process.env, SHOP_ROOT: root },
+      env: { ...gitEnv(root), SHOP_ROOT: root },
       timeout: 300000,
     });