public async Task DeployAsync(IApp app, Package package) { #region Ensure the app exists var instance = Find(app.Id); if (instance == null) { await CreateAsync(app).ConfigureAwait(false); } #endregion var directory = GetAppPath(app); if (directory.Exists) throw new Exception($"Directory '{directory.FullName}' already exists"); try { await package.ExtractToDirectoryAsync(directory).ConfigureAwait(false); } catch { directory.Delete(true); throw; } // TODO, download the keychain #region Set Access Control var accountName = "IIS AppPool\\" + app.Name; log.Info($"Setting ACL for {accountName}"); var rights = FileSystemRights.ReadData | FileSystemRights.ReadAndExecute; // Current settings var accessControl = directory.GetAccessControl(); // Add the FileSystemAccessRule to the security settings. accessControl.AddAccessRule(new FileSystemAccessRule( accountName, rights, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow )); try { directory.SetAccessControl(accessControl); } catch (Exception ex) { log.Error($"Error creating ACL. {ex.Message}"); } #endregion // Ensure the rights have propogated await Task.Delay(TimeSpan.FromMilliseconds(30)).ConfigureAwait(false); LogInfo(app, $"Deployed v{app.Version}"); }