From f2066c896d65e0e2ac6c332ceedc63a68e3a8660 Mon Sep 17 00:00:00 2001
From: Pierre-Yves Chibon <pingou@pingoured.fr>
Date: Tue, 16 Jun 2020 20:56:31 +0200
Subject: [PATCH] distgit: looks like the acl action does not support
 with_items, pity

Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
---
 roles/distgit/tasks/main.yml | 28 ++++++++++++++++++++++------
 1 file changed, 22 insertions(+), 6 deletions(-)

diff --git a/roles/distgit/tasks/main.yml b/roles/distgit/tasks/main.yml
index 494eb28c04..5e01e16bad 100644
--- a/roles/distgit/tasks/main.yml
+++ b/roles/distgit/tasks/main.yml
@@ -138,13 +138,29 @@
   - config
   - distgit
 
-- name: Make sure apache can access the fedora-messasing keys
+- name: Make sure apache can access the fedora-messasing ca
   acl:
-    path: {{ item }}
-    with_items:
-    - /etc/pki/rabbitmq/git-hooks.ca
-    - /etc/pki/rabbitmq/git-hooks.crt
-    - /etc/pki/rabbitmq/git-hooks.key
+    path: /etc/pki/rabbitmq/git-hooks.ca
+    entity: apache
+    etype: group
+    permissions: r
+    state: present
+  tags:
+  - distgit
+
+- name: Make sure apache can access the fedora-messasing crt
+  acl:
+    path: /etc/pki/rabbitmq/git-hooks.crt
+    entity: apache
+    etype: group
+    permissions: r
+    state: present
+  tags:
+  - distgit
+
+- name: Make sure apache can access the fedora-messasing key
+  acl:
+    path: /etc/pki/rabbitmq/git-hooks.key
     entity: apache
     etype: group
     permissions: r