From 94faf739e3803a88571b02d5510fa7ec25b11f3e Mon Sep 17 00:00:00 2001
From: David Kilias <david.kilias@gmail.com>
Date: Wed, 26 Oct 2022 21:49:57 +0200
Subject: [PATCH 1/7] fix: fix missing filepermissions for pottwal

---
 pottwal.yml | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/pottwal.yml b/pottwal.yml
index 2298afb..f558dda 100644
--- a/pottwal.yml
+++ b/pottwal.yml
@@ -202,11 +202,14 @@
 
     - name: Ensure the hedgedoc directories exist
       file:
-        path: "{{ item }}"
+        path: "{{ item.path }}"
+        mode: "{{ item.mode }}"
         state: directory
       with_items:
-        - "{{ data_dir }}/hedgedoc/data/database"
-        - "{{ data_dir }}/hedgedoc/data/uploads"
+        - path: "{{ data_dir }}/hedgedoc/data/database"
+          mode: "0700"
+        - path: "{{ data_dir }}/hedgedoc/data/uploads"
+          mode: "0755"
 
     - name: Setup docker network
       docker_network:
@@ -267,6 +270,7 @@
     - name: Ensure the influxdb directories exist
       file:
         path: "{{ item }}"
+        mode: "0700"
         state: directory
       with_items:
         - "{{ data_dir }}/influxdb"
@@ -362,9 +366,10 @@
     - name: Ensure the uptime-kuma directories exist
       file:
         path: "{{ item }}"
+        mode: "0755"
         state: directory
       with_items:
-        - "{{ data_dir }}/uptimekuma"
+        - "{{ data_dir }}/uptime-kuma"
 
     - name: Ensure container for uptime-kuma is running
       docker_container:

From 78eeb7b8c6e168c047a928298f6d14fa6b1012c3 Mon Sep 17 00:00:00 2001
From: David Kilias <david.kilias@gmail.com>
Date: Wed, 26 Oct 2022 21:55:30 +0200
Subject: [PATCH 2/7] fix: fix missing file permissions for krypton

---
 krypton.yml | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/krypton.yml b/krypton.yml
index 8d6ea22..9d2a55d 100644
--- a/krypton.yml
+++ b/krypton.yml
@@ -42,13 +42,14 @@
 
     - name: Ensure openLDAP directories are present.
       file:
-        path: "{{ item }}"
+        path: "{{ item.path }}"
+        mode: "0755"
         state: directory
       with_items:
-        - "{{ openldap_data }}/ldap"
-        - "{{ openldap_data }}/slapd"
-        - "{{ openldap_data }}/ldif"
-        - "{{ dehydrated_certs_dir }}/{{ openldap_domain }}"
+        - path: "{{ openldap_data }}/ldap"
+        - path: "{{ openldap_data }}/slapd"
+        - path: "{{ openldap_data }}/ldif"
+        - path: "{{ dehydrated_certs_dir }}/{{ openldap_domain }}"
 
     - name: Ensure container for openLDAP is running.
       docker_container:

From 2fa392c8ef16546be5828061a0272ca9a41d7d94 Mon Sep 17 00:00:00 2001
From: David Kilias <david.kilias@gmail.com>
Date: Wed, 26 Oct 2022 21:58:52 +0200
Subject: [PATCH 3/7] fix: fix missing file permissions for radon

---
 radon.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/radon.yml b/radon.yml
index e614615..15092dd 100644
--- a/radon.yml
+++ b/radon.yml
@@ -42,6 +42,7 @@
     - name: Ensure the mosquitto directories exist
       file:
         path: "{{ item }}"
+        mode: 0755
         state: directory
       with_items:
         - "{{ mosquitto_data }}/config"

From 7555a13bf8d55aba2b2e18562d0129513fe30817 Mon Sep 17 00:00:00 2001
From: David Kilias <david.kilias@gmail.com>
Date: Wed, 26 Oct 2022 21:59:11 +0200
Subject: [PATCH 4/7] fix: fix missing file permissions for role docker_setup

---
 roles/docker_setup/tasks/main.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/roles/docker_setup/tasks/main.yml b/roles/docker_setup/tasks/main.yml
index 98cfde5..8f946fb 100644
--- a/roles/docker_setup/tasks/main.yml
+++ b/roles/docker_setup/tasks/main.yml
@@ -52,6 +52,7 @@
   template:
     src: templates/daemon.json.j2
     dest: /etc/docker/daemon.json
+    mode: "0644"
   notify: restart docker
 
 - name: Check current docker-compose version.
@@ -72,7 +73,7 @@
   get_url:
     url: https://github.com/docker/compose/releases/download/{{ docker_compose_version }}/docker-compose-Linux-x86_64
     dest: "{{ docker_compose_path }}"
-    mode: 0755
+    mode: "0755"
 
 - name: Place admin users in docker group
   user:

From bbf01577fd8426135c6306c2cc756031ce45bc70 Mon Sep 17 00:00:00 2001
From: David Kilias <david.kilias@gmail.com>
Date: Wed, 26 Oct 2022 21:59:37 +0200
Subject: [PATCH 5/7] fix: fix missing file permissions for role
 setup_http_site_proxy

---
 pottwal.yml                                | 2 +-
 radon.yml                                  | 1 +
 roles/setup_http_site_proxy/tasks/main.yml | 1 +
 3 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/pottwal.yml b/pottwal.yml
index f558dda..e3100cf 100644
--- a/pottwal.yml
+++ b/pottwal.yml
@@ -270,7 +270,7 @@
     - name: Ensure the influxdb directories exist
       file:
         path: "{{ item }}"
-        mode: "0700"
+        mode: 0700
         state: directory
       with_items:
         - "{{ data_dir }}/influxdb"
diff --git a/radon.yml b/radon.yml
index 15092dd..33f9e13 100644
--- a/radon.yml
+++ b/radon.yml
@@ -53,6 +53,7 @@
       template:
         src: "templates/mosquitto.conf.j2"
         dest: "{{ mosquitto_data }}/config/mosquitto.conf"
+        mode: 0644
       notify: restart mosquitto
 
     - name: Ensure mosquitto is running
diff --git a/roles/setup_http_site_proxy/tasks/main.yml b/roles/setup_http_site_proxy/tasks/main.yml
index 6aeff36..b4b241f 100644
--- a/roles/setup_http_site_proxy/tasks/main.yml
+++ b/roles/setup_http_site_proxy/tasks/main.yml
@@ -3,6 +3,7 @@
   template:
     src: templates/apache-docker-proxy-site.j2
     dest: /etc/apache2/sites-available/{{ site_name }}.conf
+    mode: 0644
   notify: restart apache2
 
 - name: Activate Apache2 site

From 3c6b13f4a7bb88c3db0e72db75bdda64efd6f81a Mon Sep 17 00:00:00 2001
From: David Kilias <david.kilias@gmail.com>
Date: Wed, 26 Oct 2022 22:20:36 +0200
Subject: [PATCH 6/7] fix: fix missing file permissions for tau

---
 tau.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tau.yml b/tau.yml
index 8a622e7..172cecb 100644
--- a/tau.yml
+++ b/tau.yml
@@ -88,6 +88,7 @@
       file:
         path: "{{ data_dir }}/registry/data"
         state: directory
+        mode: "0755"
 
     - name: Setup Docker Registry Container
       docker_container:

From c620de7d0d2fbf43c667d178ed960a758a2cefbd Mon Sep 17 00:00:00 2001
From: David Kilias <david.kilias@gmail.com>
Date: Fri, 28 Oct 2022 21:15:50 +0200
Subject: [PATCH 7/7] fix file permissions for setup_http_site_proxy

---
 roles/setup_http_site_proxy/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/setup_http_site_proxy/tasks/main.yml b/roles/setup_http_site_proxy/tasks/main.yml
index b4b241f..c1f52d2 100644
--- a/roles/setup_http_site_proxy/tasks/main.yml
+++ b/roles/setup_http_site_proxy/tasks/main.yml
@@ -3,7 +3,7 @@
   template:
     src: templates/apache-docker-proxy-site.j2
     dest: /etc/apache2/sites-available/{{ site_name }}.conf
-    mode: 0644
+    mode: "0644"
   notify: restart apache2
 
 - name: Activate Apache2 site