Give execute and read permissions to the owner (and group) for both files

chmod u+x start-infra.sh
chmod u+x firewall_rules.sh

Change ownership of the files to the user and group that will run the script

Replace 'youruser' and 'yourgroup' with the actual user and group

chown youruser:yourgroup start-infra.sh
chown youruser:yourgroup firewall_rules.sh

To find your username and primary group for the chown command on an Ubuntu server, you can use these simple commands:

whoami # find your username
id -gn # find your group
groups # The groups command without any arguments will list all the groups your user belongs to. Your primary group is usually the first one listed and often has the same name as your username.

why acme.json should be granted with chmod 600, otherwise traefik will complain for overpower?

Traefik requires the acme.json file to have chmod 600 permissions for security. This file stores sensitive information, including the private keys for your SSL/TLS certificates. If the permissions are "too open," it means other users or processes on your server could potentially read and access those keys.

To prevent this security risk, Traefik's developers intentionally configured the software to fail if the permissions are not strict enough. The error message you see, "permissions for acme.json are too open, please use 600," is a direct security measure to protect your private keys and ensure that only the user running Traefik can read and write to the file.

The Breakdown of chmod 600

The number 600 represents a specific set of permissions in the Unix/Linux file system:

• The first digit, 6, grants read (4) and write (2) permissions to the file's owner.
• The second digit, 0, grants no permissions to the file's group.
• The third digit, 0, grants no permissions to all other users on the system.

This configuration ensures that the acme.json file is only accessible by the owner, keeping the cryptographic keys and certificate data secure.