[nginx] Add template permissions
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>certbot_on_virtu
parent
dd249f2a30
commit
a16208b1c3
|
|
@ -11,6 +11,9 @@
|
||||||
template:
|
template:
|
||||||
src: "nginx/snippets/{{ item }}.j2"
|
src: "nginx/snippets/{{ item }}.j2"
|
||||||
dest: "/etc/nginx/snippets/{{ item }}"
|
dest: "/etc/nginx/snippets/{{ item }}"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: 0644
|
||||||
loop:
|
loop:
|
||||||
- options-ssl.conf
|
- options-ssl.conf
|
||||||
- options-proxypass.conf
|
- options-proxypass.conf
|
||||||
|
|
@ -19,6 +22,9 @@
|
||||||
template:
|
template:
|
||||||
src: letsencrypt/dhparam.j2
|
src: letsencrypt/dhparam.j2
|
||||||
dest: /etc/letsencrypt/dhparam
|
dest: /etc/letsencrypt/dhparam
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: 0644
|
||||||
|
|
||||||
- name: Disable default site
|
- name: Disable default site
|
||||||
file:
|
file:
|
||||||
|
|
@ -30,6 +36,8 @@
|
||||||
template:
|
template:
|
||||||
src: "nginx/sites-available/{{ item }}.j2"
|
src: "nginx/sites-available/{{ item }}.j2"
|
||||||
dest: "/etc/nginx/sites-available/{{ item }}"
|
dest: "/etc/nginx/sites-available/{{ item }}"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
mode: 0644
|
mode: 0644
|
||||||
loop:
|
loop:
|
||||||
- reverseproxy
|
- reverseproxy
|
||||||
|
|
@ -42,6 +50,8 @@
|
||||||
file:
|
file:
|
||||||
src: "/etc/nginx/sites-available/{{ item }}"
|
src: "/etc/nginx/sites-available/{{ item }}"
|
||||||
dest: "/etc/nginx/sites-enabled/{{ item }}"
|
dest: "/etc/nginx/sites-enabled/{{ item }}"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
state: link
|
state: link
|
||||||
loop:
|
loop:
|
||||||
- reverseproxy
|
- reverseproxy
|
||||||
|
|
@ -55,6 +65,8 @@
|
||||||
template:
|
template:
|
||||||
src: "nginx/sites-available/service.j2"
|
src: "nginx/sites-available/service.j2"
|
||||||
dest: "/etc/nginx/sites-available/service"
|
dest: "/etc/nginx/sites-available/service"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
mode: 0644
|
mode: 0644
|
||||||
notify: Reload nginx
|
notify: Reload nginx
|
||||||
|
|
||||||
|
|
@ -63,6 +75,8 @@
|
||||||
file:
|
file:
|
||||||
src: "/etc/nginx/sites-available/service"
|
src: "/etc/nginx/sites-available/service"
|
||||||
dest: "/etc/nginx/sites-enabled/service"
|
dest: "/etc/nginx/sites-enabled/service"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
state: link
|
state: link
|
||||||
notify: Reload nginx
|
notify: Reload nginx
|
||||||
ignore_errors: "{{ ansible_check_mode }}"
|
ignore_errors: "{{ ansible_check_mode }}"
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue