diff --git a/krypton.yml b/krypton.yml
index 8d6ea22..9d2a55d 100644
--- a/krypton.yml
+++ b/krypton.yml
@@ -42,13 +42,14 @@
- name: Ensure openLDAP directories are present.
file:
- path: "{{ item }}"
+ path: "{{ item.path }}"
+ mode: "0755"
state: directory
with_items:
- - "{{ openldap_data }}/ldap"
- - "{{ openldap_data }}/slapd"
- - "{{ openldap_data }}/ldif"
- - "{{ dehydrated_certs_dir }}/{{ openldap_domain }}"
+ - path: "{{ openldap_data }}/ldap"
+ - path: "{{ openldap_data }}/slapd"
+ - path: "{{ openldap_data }}/ldif"
+ - path: "{{ dehydrated_certs_dir }}/{{ openldap_domain }}"
- name: Ensure container for openLDAP is running.
docker_container:
diff --git a/pottwal.yml b/pottwal.yml
index 2298afb..e3100cf 100644
--- a/pottwal.yml
+++ b/pottwal.yml
@@ -202,11 +202,14 @@
- name: Ensure the hedgedoc directories exist
file:
- path: "{{ item }}"
+ path: "{{ item.path }}"
+ mode: "{{ item.mode }}"
state: directory
with_items:
- - "{{ data_dir }}/hedgedoc/data/database"
- - "{{ data_dir }}/hedgedoc/data/uploads"
+ - path: "{{ data_dir }}/hedgedoc/data/database"
+ mode: "0700"
+ - path: "{{ data_dir }}/hedgedoc/data/uploads"
+ mode: "0755"
- name: Setup docker network
docker_network:
@@ -267,6 +270,7 @@
- name: Ensure the influxdb directories exist
file:
path: "{{ item }}"
+ mode: 0700
state: directory
with_items:
- "{{ data_dir }}/influxdb"
@@ -362,9 +366,10 @@
- name: Ensure the uptime-kuma directories exist
file:
path: "{{ item }}"
+ mode: "0755"
state: directory
with_items:
- - "{{ data_dir }}/uptimekuma"
+ - "{{ data_dir }}/uptime-kuma"
- name: Ensure container for uptime-kuma is running
docker_container:
diff --git a/radon.yml b/radon.yml
index e614615..33f9e13 100644
--- a/radon.yml
+++ b/radon.yml
@@ -42,6 +42,7 @@
- name: Ensure the mosquitto directories exist
file:
path: "{{ item }}"
+ mode: 0755
state: directory
with_items:
- "{{ mosquitto_data }}/config"
@@ -52,6 +53,7 @@
template:
src: "templates/mosquitto.conf.j2"
dest: "{{ mosquitto_data }}/config/mosquitto.conf"
+ mode: 0644
notify: restart mosquitto
- name: Ensure mosquitto is running
diff --git a/roles/docker_setup/tasks/main.yml b/roles/docker_setup/tasks/main.yml
index 98cfde5..8f946fb 100644
--- a/roles/docker_setup/tasks/main.yml
+++ b/roles/docker_setup/tasks/main.yml
@@ -52,6 +52,7 @@
template:
src: templates/daemon.json.j2
dest: /etc/docker/daemon.json
+ mode: "0644"
notify: restart docker
- name: Check current docker-compose version.
@@ -72,7 +73,7 @@
get_url:
url: https://github.com/docker/compose/releases/download/{{ docker_compose_version }}/docker-compose-Linux-x86_64
dest: "{{ docker_compose_path }}"
- mode: 0755
+ mode: "0755"
- name: Place admin users in docker group
user:
diff --git a/roles/setup_http_site_proxy/tasks/main.yml b/roles/setup_http_site_proxy/tasks/main.yml
index 6aeff36..c1f52d2 100644
--- a/roles/setup_http_site_proxy/tasks/main.yml
+++ b/roles/setup_http_site_proxy/tasks/main.yml
@@ -3,6 +3,7 @@
template:
src: templates/apache-docker-proxy-site.j2
dest: /etc/apache2/sites-available/{{ site_name }}.conf
+ mode: "0644"
notify: restart apache2
- name: Activate Apache2 site
diff --git a/tau.yml b/tau.yml
index 8a622e7..172cecb 100644
--- a/tau.yml
+++ b/tau.yml
@@ -88,6 +88,7 @@
file:
path: "{{ data_dir }}/registry/data"
state: directory
+ mode: "0755"
- name: Setup Docker Registry Container
docker_container: