From 94faf739e3803a88571b02d5510fa7ec25b11f3e Mon Sep 17 00:00:00 2001
From: David Kilias <david.kilias@gmail.com>
Date: Wed, 26 Oct 2022 21:49:57 +0200
Subject: [PATCH 1/7] fix: fix missing filepermissions for pottwal
---
pottwal.yml | 13 +++++++++----
1 file changed, 9 insertions(+), 4 deletions(-)
diff --git a/pottwal.yml b/pottwal.yml
index 2298afb..f558dda 100644
--- a/pottwal.yml
+++ b/pottwal.yml
@@ -202,11 +202,14 @@
- name: Ensure the hedgedoc directories exist
file:
- path: "{{ item }}"
+ path: "{{ item.path }}"
+ mode: "{{ item.mode }}"
state: directory
with_items:
- - "{{ data_dir }}/hedgedoc/data/database"
- - "{{ data_dir }}/hedgedoc/data/uploads"
+ - path: "{{ data_dir }}/hedgedoc/data/database"
+ mode: "0700"
+ - path: "{{ data_dir }}/hedgedoc/data/uploads"
+ mode: "0755"
- name: Setup docker network
docker_network:
@@ -267,6 +270,7 @@
- name: Ensure the influxdb directories exist
file:
path: "{{ item }}"
+ mode: "0700"
state: directory
with_items:
- "{{ data_dir }}/influxdb"
@@ -362,9 +366,10 @@
- name: Ensure the uptime-kuma directories exist
file:
path: "{{ item }}"
+ mode: "0755"
state: directory
with_items:
- - "{{ data_dir }}/uptimekuma"
+ - "{{ data_dir }}/uptime-kuma"
- name: Ensure container for uptime-kuma is running
docker_container:
From 78eeb7b8c6e168c047a928298f6d14fa6b1012c3 Mon Sep 17 00:00:00 2001
From: David Kilias <david.kilias@gmail.com>
Date: Wed, 26 Oct 2022 21:55:30 +0200
Subject: [PATCH 2/7] fix: fix missing file permissions for krypton
---
krypton.yml | 11 ++++++-----
1 file changed, 6 insertions(+), 5 deletions(-)
diff --git a/krypton.yml b/krypton.yml
index 8d6ea22..9d2a55d 100644
--- a/krypton.yml
+++ b/krypton.yml
@@ -42,13 +42,14 @@
- name: Ensure openLDAP directories are present.
file:
- path: "{{ item }}"
+ path: "{{ item.path }}"
+ mode: "0755"
state: directory
with_items:
- - "{{ openldap_data }}/ldap"
- - "{{ openldap_data }}/slapd"
- - "{{ openldap_data }}/ldif"
- - "{{ dehydrated_certs_dir }}/{{ openldap_domain }}"
+ - path: "{{ openldap_data }}/ldap"
+ - path: "{{ openldap_data }}/slapd"
+ - path: "{{ openldap_data }}/ldif"
+ - path: "{{ dehydrated_certs_dir }}/{{ openldap_domain }}"
- name: Ensure container for openLDAP is running.
docker_container:
From 2fa392c8ef16546be5828061a0272ca9a41d7d94 Mon Sep 17 00:00:00 2001
From: David Kilias <david.kilias@gmail.com>
Date: Wed, 26 Oct 2022 21:58:52 +0200
Subject: [PATCH 3/7] fix: fix missing file permissions for radon
---
radon.yml | 1 +
1 file changed, 1 insertion(+)
diff --git a/radon.yml b/radon.yml
index e614615..15092dd 100644
--- a/radon.yml
+++ b/radon.yml
@@ -42,6 +42,7 @@
- name: Ensure the mosquitto directories exist
file:
path: "{{ item }}"
+ mode: 0755
state: directory
with_items:
- "{{ mosquitto_data }}/config"
From 7555a13bf8d55aba2b2e18562d0129513fe30817 Mon Sep 17 00:00:00 2001
From: David Kilias <david.kilias@gmail.com>
Date: Wed, 26 Oct 2022 21:59:11 +0200
Subject: [PATCH 4/7] fix: fix missing file permissions for role docker_setup
---
roles/docker_setup/tasks/main.yml | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/roles/docker_setup/tasks/main.yml b/roles/docker_setup/tasks/main.yml
index 98cfde5..8f946fb 100644
--- a/roles/docker_setup/tasks/main.yml
+++ b/roles/docker_setup/tasks/main.yml
@@ -52,6 +52,7 @@
template:
src: templates/daemon.json.j2
dest: /etc/docker/daemon.json
+ mode: "0644"
notify: restart docker
- name: Check current docker-compose version.
@@ -72,7 +73,7 @@
get_url:
url: https://github.com/docker/compose/releases/download/{{ docker_compose_version }}/docker-compose-Linux-x86_64
dest: "{{ docker_compose_path }}"
- mode: 0755
+ mode: "0755"
- name: Place admin users in docker group
user:
From bbf01577fd8426135c6306c2cc756031ce45bc70 Mon Sep 17 00:00:00 2001
From: David Kilias <david.kilias@gmail.com>
Date: Wed, 26 Oct 2022 21:59:37 +0200
Subject: [PATCH 5/7] fix: fix missing file permissions for role
setup_http_site_proxy
---
pottwal.yml | 2 +-
radon.yml | 1 +
roles/setup_http_site_proxy/tasks/main.yml | 1 +
3 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/pottwal.yml b/pottwal.yml
index f558dda..e3100cf 100644
--- a/pottwal.yml
+++ b/pottwal.yml
@@ -270,7 +270,7 @@
- name: Ensure the influxdb directories exist
file:
path: "{{ item }}"
- mode: "0700"
+ mode: 0700
state: directory
with_items:
- "{{ data_dir }}/influxdb"
diff --git a/radon.yml b/radon.yml
index 15092dd..33f9e13 100644
--- a/radon.yml
+++ b/radon.yml
@@ -53,6 +53,7 @@
template:
src: "templates/mosquitto.conf.j2"
dest: "{{ mosquitto_data }}/config/mosquitto.conf"
+ mode: 0644
notify: restart mosquitto
- name: Ensure mosquitto is running
diff --git a/roles/setup_http_site_proxy/tasks/main.yml b/roles/setup_http_site_proxy/tasks/main.yml
index 6aeff36..b4b241f 100644
--- a/roles/setup_http_site_proxy/tasks/main.yml
+++ b/roles/setup_http_site_proxy/tasks/main.yml
@@ -3,6 +3,7 @@
template:
src: templates/apache-docker-proxy-site.j2
dest: /etc/apache2/sites-available/{{ site_name }}.conf
+ mode: 0644
notify: restart apache2
- name: Activate Apache2 site
From 3c6b13f4a7bb88c3db0e72db75bdda64efd6f81a Mon Sep 17 00:00:00 2001
From: David Kilias <david.kilias@gmail.com>
Date: Wed, 26 Oct 2022 22:20:36 +0200
Subject: [PATCH 6/7] fix: fix missing file permissions for tau
---
tau.yml | 1 +
1 file changed, 1 insertion(+)
diff --git a/tau.yml b/tau.yml
index 8a622e7..172cecb 100644
--- a/tau.yml
+++ b/tau.yml
@@ -88,6 +88,7 @@
file:
path: "{{ data_dir }}/registry/data"
state: directory
+ mode: "0755"
- name: Setup Docker Registry Container
docker_container:
From c620de7d0d2fbf43c667d178ed960a758a2cefbd Mon Sep 17 00:00:00 2001
From: David Kilias <david.kilias@gmail.com>
Date: Fri, 28 Oct 2022 21:15:50 +0200
Subject: [PATCH 7/7] fix file permissions for setup_http_site_proxy
---
roles/setup_http_site_proxy/tasks/main.yml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/roles/setup_http_site_proxy/tasks/main.yml b/roles/setup_http_site_proxy/tasks/main.yml
index b4b241f..c1f52d2 100644
--- a/roles/setup_http_site_proxy/tasks/main.yml
+++ b/roles/setup_http_site_proxy/tasks/main.yml
@@ -3,7 +3,7 @@
template:
src: templates/apache-docker-proxy-site.j2
dest: /etc/apache2/sites-available/{{ site_name }}.conf
- mode: 0644
+ mode: "0644"
notify: restart apache2
- name: Activate Apache2 site