diff options
| author | EuAndreh <eu@euandre.org> | 2019-06-06 20:37:10 -0300 |
|---|---|---|
| committer | EuAndreh <eu@euandre.org> | 2019-06-06 20:37:10 -0300 |
| commit | 791235e443e1f2a1a53b414c6169697e4fee14be (patch) | |
| tree | 66cc8cfc72e29b8aa37dfde3f3c9464a5d7e7af2 | |
| parent | Re-add Ansible task to create /home/vps/ directory (diff) | |
| download | server-791235e443e1f2a1a53b414c6169697e4fee14be.tar.gz server-791235e443e1f2a1a53b414c6169697e4fee14be.tar.xz | |
Add mode to all files being copied by Ansible
Use strict 400 or 500 modes:
r: 4
w: 2
x: 1
4 means read-only, while 5 means readable and executable. None are writable:
immuatable infrastructure check.
| -rw-r--r-- | provision.yaml | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/provision.yaml b/provision.yaml index 28cc178..89c4080 100644 --- a/provision.yaml +++ b/provision.yaml @@ -27,13 +27,13 @@ - name: Copy local interpolated files to remote copy: src={{ item.src }} dest={{ item.dest }} mode={{ item.mode }} with_items: - - { src: './scripts/box/create-backup.sh', dest: '/home/vps/create-backup.sh', mode: '755' } - - { src: './scripts/box/restore-backup.sh', dest: '/home/vps/restore-backup.sh', mode: '755' } - - { src: './secrets/borg/borg-remote.pub', dest: '/root/.ssh/id_rsa.pub' } - - { src: './secrets/borg/borg-remote', dest: '/root/.ssh/id_rsa', mode: '400' } - - { src: './secrets/borg/known-hosts.txt', dest: '/root/.ssh/known_hosts' } - - { src: './scripts/box/bash-profile.sh', dest: '/root/.bash_profile' } - - { src: './docker-compose.yaml', dest: '/home/vps/docker-compose.yaml' } + - { src: './scripts/box/create-backup.sh', dest: '/home/vps/create-backup.sh', mode: '500' } + - { src: './scripts/box/restore-backup.sh', dest: '/home/vps/restore-backup.sh', mode: '500' } + - { src: './secrets/borg/borg-remote.pub', dest: '/root/.ssh/id_rsa.pub', mode: '400' } + - { src: './secrets/borg/borg-remote', dest: '/root/.ssh/id_rsa', mode: '400' } + - { src: './secrets/borg/known-hosts.txt', dest: '/root/.ssh/known_hosts', mode: '400' } + - { src: './scripts/box/bash-profile.sh', dest: '/root/.bash_profile', mode: '400' } + - { src: './docker-compose.yaml', dest: '/home/vps/docker-compose.yaml', mode: '400' } - name: Restore borg backup into fresh volume shell: /home/vps/restore-backup.sh - name: Start docker-compose |