traefik: Adjust directory permissions
This patch reduces the permissions on the install directory to just the root user and also fixes the ansible-lint issue by specifying the `mode`.
This commit is contained in:
parent
c8030de88b
commit
7732e5d43f
3 changed files with 23 additions and 9 deletions
|
|
@ -31,6 +31,9 @@
|
|||
file:
|
||||
path: "{{ item }}"
|
||||
state: directory
|
||||
mode: '0750'
|
||||
owner: 'root'
|
||||
group: 'root'
|
||||
setype: "container_file_t"
|
||||
selevel: "{{ traefik_selinux_level | default(omit) }}"
|
||||
with_items:
|
||||
|
|
|
|||
|
|
@ -34,6 +34,9 @@
|
|||
file:
|
||||
path: "{{ item }}"
|
||||
state: directory
|
||||
mode: '0700'
|
||||
owner: 'root'
|
||||
group: 'root'
|
||||
with_items:
|
||||
- "{{ traefik_install_location }}"
|
||||
become: true
|
||||
|
|
@ -42,6 +45,9 @@
|
|||
file:
|
||||
path: "{{ item }}"
|
||||
state: directory
|
||||
mode: '0700'
|
||||
owner: 'root'
|
||||
group: 'root'
|
||||
setype: "container_file_t"
|
||||
selevel: "{{ traefik_selinux_level }}"
|
||||
with_items:
|
||||
|
|
@ -90,8 +96,8 @@
|
|||
template:
|
||||
src: dynamic_conf.yml
|
||||
dest: "{{ traefik_config_location }}/dynamic_conf.yml"
|
||||
owner: root
|
||||
group: root
|
||||
owner: 'root'
|
||||
group: 'root'
|
||||
mode: '0600'
|
||||
setype: "container_file_t"
|
||||
selevel: "{{ traefik_selinux_level }}"
|
||||
|
|
|
|||
|
|
@ -33,6 +33,9 @@
|
|||
file:
|
||||
path: "{{ item }}"
|
||||
state: directory
|
||||
mode: '0700'
|
||||
owner: 'root'
|
||||
group: 'root'
|
||||
with_items:
|
||||
- "{{ traefik_tor_location }}"
|
||||
become: true
|
||||
|
|
@ -41,11 +44,11 @@
|
|||
file:
|
||||
path: "{{ item }}"
|
||||
state: directory
|
||||
mode: '0700'
|
||||
owner: '994'
|
||||
group: '994'
|
||||
setype: "container_file_t"
|
||||
selevel: "{{ traefik_tor_selinux_level | default(omit) }}"
|
||||
mode: "0700"
|
||||
owner: "994"
|
||||
group: "994"
|
||||
with_items:
|
||||
- "{{ traefik_tor_data_location }}"
|
||||
become: true
|
||||
|
|
@ -56,9 +59,9 @@
|
|||
state: directory
|
||||
setype: "container_file_t"
|
||||
selevel: "{{ traefik_tor_selinux_level | default(omit) }}"
|
||||
mode: "0755"
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0750'
|
||||
owner: 'root'
|
||||
group: 'root'
|
||||
with_items:
|
||||
- "{{ traefik_tor_config_location }}"
|
||||
become: true
|
||||
|
|
@ -69,6 +72,8 @@
|
|||
dest: "{{ traefik_tor_config_location }}/traefik"
|
||||
setype: "container_file_t"
|
||||
selevel: "{{ traefik_tor_selinux_level | default(omit) }}"
|
||||
mode: "0644"
|
||||
mode: '0644'
|
||||
owner: 'root'
|
||||
group: 'root'
|
||||
notify: Restart tor proxy
|
||||
become: true
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue