From 791235e443e1f2a1a53b414c6169697e4fee14be Mon Sep 17 00:00:00 2001 From: EuAndreh Date: Thu, 6 Jun 2019 20:37:10 -0300 Subject: Add mode to all files being copied by Ansible Use strict 400 or 500 modes: r: 4 w: 2 x: 1 4 means read-only, while 5 means readable and executable. None are writable: immuatable infrastructure check. --- provision.yaml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/provision.yaml b/provision.yaml index 28cc178..89c4080 100644 --- a/provision.yaml +++ b/provision.yaml @@ -27,13 +27,13 @@ - name: Copy local interpolated files to remote copy: src={{ item.src }} dest={{ item.dest }} mode={{ item.mode }} with_items: - - { src: './scripts/box/create-backup.sh', dest: '/home/vps/create-backup.sh', mode: '755' } - - { src: './scripts/box/restore-backup.sh', dest: '/home/vps/restore-backup.sh', mode: '755' } - - { src: './secrets/borg/borg-remote.pub', dest: '/root/.ssh/id_rsa.pub' } - - { src: './secrets/borg/borg-remote', dest: '/root/.ssh/id_rsa', mode: '400' } - - { src: './secrets/borg/known-hosts.txt', dest: '/root/.ssh/known_hosts' } - - { src: './scripts/box/bash-profile.sh', dest: '/root/.bash_profile' } - - { src: './docker-compose.yaml', dest: '/home/vps/docker-compose.yaml' } + - { src: './scripts/box/create-backup.sh', dest: '/home/vps/create-backup.sh', mode: '500' } + - { src: './scripts/box/restore-backup.sh', dest: '/home/vps/restore-backup.sh', mode: '500' } + - { src: './secrets/borg/borg-remote.pub', dest: '/root/.ssh/id_rsa.pub', mode: '400' } + - { src: './secrets/borg/borg-remote', dest: '/root/.ssh/id_rsa', mode: '400' } + - { src: './secrets/borg/known-hosts.txt', dest: '/root/.ssh/known_hosts', mode: '400' } + - { src: './scripts/box/bash-profile.sh', dest: '/root/.bash_profile', mode: '400' } + - { src: './docker-compose.yaml', dest: '/home/vps/docker-compose.yaml', mode: '400' } - name: Restore borg backup into fresh volume shell: /home/vps/restore-backup.sh - name: Start docker-compose -- cgit v1.2.3