setting perms recursively for the gnupg dir

cf6c4dc0 · John Jarvis · 7f13645f · cf6c4dc0
Commit cf6c4dc0 authored Nov 15, 2013 by John Jarvis
Hide whitespace changes
Inline Side-by-side

Showing with 10 additions and 1 deletions

playbooks/roles/certs/tasks/main.yml
+10 -1

No files found.
--- a/playbooks/roles/certs/tasks/main.yml
+++ b/playbooks/roles/certs/tasks/main.yml
@@ -65,7 +65,7 @@
  copy: >
    src={{ CERTS_LOCAL_PRIVATE_KEY }}
    dest={{ certs_app_dir }}/{{ CERTS_LOCAL_PRIVATE_KEY|basename }}
-    owner={{ certs_user }} group={{ common_web_user }} mode=0640
+    owner={{ certs_user }} mode=0640
  notify: certs | restart certs
  register: certs_gpg_key
@@ -77,6 +77,15 @@
  when: certs_gpg_key.changed
  notify: certs | restart certs
+- name: certs | set permission to the certs_gpg_dir so that it can be read by the web user
+  file: >
+    path={{ certs_gpg_dir }}
+    owner={{ certs_user }}
+    group={{ common_web_user }}
+    mode=0640 recurse=yes
+  sudo_user: "{{ certs_user }}"
+  notify: certs | restart certs
 - include: deploy.yml
 - name: certs | create a symlink for venv python