Merge pull request #3261 from mattymo/etcd_ssl_dir_perms

Ensure etcd file permissions are correct when using vault
6 years ago · a801e02cea
1 changed files with 6 additions and 0 deletions
--- a/roles/etcd/tasks/gen_certs_vault.yml
+++ b/roles/etcd/tasks/gen_certs_vault.yml
@ -65,3 +65,9 @@
  with_items: "{{ etcd_node_certs_needed|d([]) }}"
  when: inventory_hostname in etcd_node_cert_hosts
  notify: set etcd_secret_changed
+
+- name: gen_certs_vault | ensure file permissions
+  shell: >-
+    find {{etcd_cert_dir }} -type d -exec chmod 0755 {} \; &&
+    find {{etcd_cert_dir }} -type f -exec chmod 0640 {} \;
+  changed_when: false