Secure files permission
parent
5b0977567c
commit
8ccc9f521f
|
@ -19,6 +19,6 @@
|
||||||
nginx_modules: "{{ shell_modules.stdout_lines }}"
|
nginx_modules: "{{ shell_modules.stdout_lines }}"
|
||||||
|
|
||||||
- name: FILE | Create folders
|
- name: FILE | Create folders
|
||||||
file: dest={{ item }} owner=root mode=0755 state=directory
|
file: dest="{{ item.dir }}" owner="{{ item.owner }}" mode="{{ item.mode }}" state=directory
|
||||||
with_items: "{{ nginx_dirs }}"
|
with_items: "{{ nginx_dirs }}"
|
||||||
|
|
||||||
|
|
|
@ -25,6 +25,7 @@
|
||||||
copy: >
|
copy: >
|
||||||
content="{{ item.key }}"
|
content="{{ item.key }}"
|
||||||
dest="{{ nginx_ssl_dir + '/' + item.name + '/' + item.name + '.key' if item.dest_key is not defined else item.dest_key }}"
|
dest="{{ nginx_ssl_dir + '/' + item.name + '/' + item.name + '.key' if item.dest_key is not defined else item.dest_key }}"
|
||||||
|
mode=0640
|
||||||
with_items: "{{ nginx_ssl_pairs }}"
|
with_items: "{{ nginx_ssl_pairs }}"
|
||||||
when: item.key is defined
|
when: item.key is defined
|
||||||
notify: reload nginx
|
notify: reload nginx
|
||||||
|
@ -34,6 +35,7 @@
|
||||||
copy: >
|
copy: >
|
||||||
content="{{ item.cert }}"
|
content="{{ item.cert }}"
|
||||||
dest="{{ nginx_ssl_dir + '/' + item.name + '/' + item.name + '.crt' if item.dest_cert is not defined else item.dest_cert }}"
|
dest="{{ nginx_ssl_dir + '/' + item.name + '/' + item.name + '.crt' if item.dest_cert is not defined else item.dest_cert }}"
|
||||||
|
mode=0644
|
||||||
with_items: "{{ nginx_ssl_pairs }}"
|
with_items: "{{ nginx_ssl_pairs }}"
|
||||||
when: item.cert is defined
|
when: item.cert is defined
|
||||||
notify: reload nginx
|
notify: reload nginx
|
||||||
|
|
|
@ -147,6 +147,7 @@
|
||||||
location:
|
location:
|
||||||
'/hello':
|
'/hello':
|
||||||
- htpasswd: 'hello'
|
- htpasswd: 'hello'
|
||||||
|
use_error_log: true
|
||||||
- name: 'test-htpasswd-all.local'
|
- name: 'test-htpasswd-all.local'
|
||||||
template: '_base'
|
template: '_base'
|
||||||
htpasswd: 'hello'
|
htpasswd: 'hello'
|
||||||
|
|
|
@ -23,9 +23,15 @@ nginx_upstream_server_params:
|
||||||
# min_version: '1.5.12'
|
# min_version: '1.5.12'
|
||||||
|
|
||||||
nginx_dirs:
|
nginx_dirs:
|
||||||
- "{{ nginx_htpasswd_dir }}"
|
- dir: "{{ nginx_htpasswd_dir }}"
|
||||||
- "{{ nginx_ssl_dir }}"
|
mode: "0750"
|
||||||
- "{{ nginx_helper_dir }}"
|
owner: "{{ nginx_user }}"
|
||||||
|
- dir: "{{ nginx_ssl_dir }}"
|
||||||
|
mode: "0750"
|
||||||
|
owner: "root"
|
||||||
|
- dir: "{{ nginx_helper_dir }}"
|
||||||
|
mode: "0755"
|
||||||
|
owner: "root"
|
||||||
|
|
||||||
nginx_templates_no_dir:
|
nginx_templates_no_dir:
|
||||||
- '_backuppc'
|
- '_backuppc'
|
||||||
|
|
Loading…
Reference in New Issue