Fix a bunch of places that didn't use the full correct mode
This commit is contained in:
Kevin Fenzi
parent
1c6e9a11f4
commit
42afc9a637
7 changed files with 25 additions and 25 deletions
|
|
@ -17,7 +17,7 @@
|
|||
- ansible-server
|
||||
|
||||
- name: installing the phx2 dns check script
|
||||
copy: src=dns_check.py dest=/usr/local/bin/dns_check owner=root mode=755
|
||||
copy: src=dns_check.py dest=/usr/local/bin/dns_check owner=root mode=0755
|
||||
tags:
|
||||
- ansible-server
|
||||
#
|
||||
|
|
|
|||
|
|
@ -57,7 +57,7 @@
|
|||
- base
|
||||
|
||||
- name: copy ifcfg files - non virthost
|
||||
template: src=ifcfg.j2 dest=/etc/sysconfig/network-scripts/ifcfg-{{item}} mode=644
|
||||
template: src=ifcfg.j2 dest=/etc/sysconfig/network-scripts/ifcfg-{{item}} mode=0644
|
||||
with_items:
|
||||
- "{{ ansible_interfaces }}"
|
||||
notify:
|
||||
|
|
@ -92,7 +92,7 @@
|
|||
hostname: name="{{inventory_hostname}}"
|
||||
|
||||
- name: sshd_config
|
||||
copy: src={{ item }} dest=/etc/ssh/sshd_config mode=600
|
||||
copy: src={{ item }} dest=/etc/ssh/sshd_config mode=0600
|
||||
with_first_found:
|
||||
- "{{ sshd_config }}"
|
||||
- ssh/sshd_config.{{ inventory_hostname }}
|
||||
|
|
@ -185,7 +185,7 @@
|
|||
- base
|
||||
|
||||
- name: iptables
|
||||
template: src={{ item }} dest=/etc/sysconfig/iptables mode=600 validate="/sbin/iptables-restore --text %s"
|
||||
template: src={{ item }} dest=/etc/sysconfig/iptables mode=0600 validate="/sbin/iptables-restore --text %s"
|
||||
with_first_found:
|
||||
- iptables/iptables.{{ datacenter }}
|
||||
- iptables/iptables.{{ inventory_hostname }}
|
||||
|
|
@ -209,7 +209,7 @@
|
|||
- base
|
||||
|
||||
- name: ip6tables
|
||||
template: src={{ item }} dest=/etc/sysconfig/ip6tables mode=600 backup=yes
|
||||
template: src={{ item }} dest=/etc/sysconfig/ip6tables mode=0600 backup=yes
|
||||
with_first_found:
|
||||
- iptables/ip6tables.{{ datacenter }}
|
||||
- iptables/ip6tables.{{ inventory_hostname }}
|
||||
|
|
@ -244,7 +244,7 @@
|
|||
- flush journald tmpfiles to persistent store
|
||||
|
||||
- name: rsyslog.conf
|
||||
copy: src={{ item }} dest=/etc/rsyslog.conf mode=644
|
||||
copy: src={{ item }} dest=/etc/rsyslog.conf mode=0644
|
||||
with_first_found:
|
||||
- rsyslog/rsyslog.conf.{{ inventory_hostname }}
|
||||
- rsyslog/rsyslog.conf.{{ dist_tag }}
|
||||
|
|
@ -257,7 +257,7 @@
|
|||
- base
|
||||
|
||||
- name: rsyslog log rotate for rsyslog servers
|
||||
copy: src=rsyslog/merged-rsyslog dest=/etc/logrotate.d/merged-rsyslog mode=644
|
||||
copy: src=rsyslog/merged-rsyslog dest=/etc/logrotate.d/merged-rsyslog mode=0644
|
||||
when: inventory_hostname.startswith('log')
|
||||
notify:
|
||||
- restart rsyslog
|
||||
|
|
@ -278,7 +278,7 @@
|
|||
- base
|
||||
|
||||
- name: log everything to log01 except on mirrorlist, do not log local4 there.
|
||||
copy: src=rsyslog/rsyslog-log01 dest=/etc/rsyslog.d/rsyslog-log01.conf mode=644
|
||||
copy: src=rsyslog/rsyslog-log01 dest=/etc/rsyslog.d/rsyslog-log01.conf mode=0644
|
||||
when: not inventory_hostname.startswith(('mirrorlist','copr','jenkins'))
|
||||
tags:
|
||||
- rsyslogd
|
||||
|
|
@ -286,7 +286,7 @@
|
|||
- base
|
||||
|
||||
- name: log everything to log01 except on mirrorlist, do log local4 there.
|
||||
copy: src=rsyslog/rsyslog-log01-nolocal4 dest=/etc/rsyslog.d/rsyslog-log01.conf mode=644
|
||||
copy: src=rsyslog/rsyslog-log01-nolocal4 dest=/etc/rsyslog.d/rsyslog-log01.conf mode=0644
|
||||
when: inventory_hostname.startswith('mirrorlist')
|
||||
tags:
|
||||
- rsyslogd
|
||||
|
|
@ -311,7 +311,7 @@
|
|||
- base
|
||||
|
||||
- name: install a sync httpd logs cron script only on log01
|
||||
copy: src=syncHttpLogs.sh dest=/etc/cron.daily/syncHttpLogs.sh mode=755
|
||||
copy: src=syncHttpLogs.sh dest=/etc/cron.daily/syncHttpLogs.sh mode=0755
|
||||
when: inventory_hostname.startswith('log01')
|
||||
tags:
|
||||
- config
|
||||
|
|
@ -349,7 +349,7 @@
|
|||
dest="/etc/profile.d/setstgps1.sh"
|
||||
owner=root
|
||||
group=root
|
||||
mode=644
|
||||
mode=0644
|
||||
when: env == 'staging'
|
||||
tags:
|
||||
- base
|
||||
|
|
@ -364,7 +364,7 @@
|
|||
dest="/etc/profile.d/setprodps1.sh"
|
||||
owner=root
|
||||
group=root
|
||||
mode=644
|
||||
mode=0644
|
||||
when: env == 'production'
|
||||
tags:
|
||||
- base
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@
|
|||
- base
|
||||
|
||||
- name: watchdog device configuration
|
||||
copy: src=watchdog.conf dest=/etc/watchdog.conf owner=root group=root mode=644
|
||||
copy: src=watchdog.conf dest=/etc/watchdog.conf owner=root group=root mode=0644
|
||||
tags:
|
||||
- config
|
||||
- watchdog
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@
|
|||
#
|
||||
|
||||
- name: create /srv/web/pub for nfs mounts
|
||||
file: dest=/srv/web/pub state=directory mode=755
|
||||
file: dest=/srv/web/pub state=directory mode=0755
|
||||
tags:
|
||||
- batcave
|
||||
- config
|
||||
|
|
|
|||
|
|
@ -29,7 +29,7 @@
|
|||
# setup /etc/nsswitch.conf to use nssdb
|
||||
#
|
||||
- name: setup /etc/nsswitch.conf for client use
|
||||
copy: src=nsswitch.conf dest=/etc/nsswitch.conf owner=root mode=644
|
||||
copy: src=nsswitch.conf dest=/etc/nsswitch.conf owner=root mode=0644
|
||||
tags:
|
||||
- config
|
||||
- fas_client
|
||||
|
|
@ -48,7 +48,7 @@
|
|||
# Currently the default template is used, but could be modified on a host basis.
|
||||
#
|
||||
- name: setup /etc/fas.conf for client use
|
||||
template: src={{ item }} dest=/etc/fas.conf owner=root mode=600
|
||||
template: src={{ item }} dest=/etc/fas.conf owner=root mode=0600
|
||||
with_first_found:
|
||||
- ../templates/{{ inventory_hostname }}.fas.conf.j2
|
||||
- ../templates/{{ ansible_hostname }}.fas.conf.j2
|
||||
|
|
@ -70,20 +70,20 @@
|
|||
# - config
|
||||
|
||||
- name: fas_client cron job
|
||||
copy: src=fas-client.cron dest=/etc/cron.d/fas-client owner=root mode=644
|
||||
copy: src=fas-client.cron dest=/etc/cron.d/fas-client owner=root mode=0644
|
||||
tags:
|
||||
- config
|
||||
- fas_client
|
||||
|
||||
- name: fas_client_aliases cron job
|
||||
copy: src=fas-client-aliases.cron dest=/etc/cron.d/fas-client-aliases owner=root mode=644
|
||||
copy: src=fas-client-aliases.cron dest=/etc/cron.d/fas-client-aliases owner=root mode=0644
|
||||
tags:
|
||||
- config
|
||||
- fas_client
|
||||
when: fas_aliases is defined
|
||||
|
||||
- name: fas_client_aliases template
|
||||
copy: src=aliases.template dest=/etc/aliases.template owner=root mode=644
|
||||
copy: src=aliases.template dest=/etc/aliases.template owner=root mode=0644
|
||||
tags:
|
||||
- config
|
||||
- fas_client
|
||||
|
|
|
|||
|
|
@ -100,7 +100,7 @@
|
|||
dest="/etc/fedmsg.d/{{ item }}"
|
||||
owner=root
|
||||
group=root
|
||||
mode=644
|
||||
mode=0644
|
||||
with_items:
|
||||
- ssl.py
|
||||
- endpoints.py
|
||||
|
|
@ -137,7 +137,7 @@
|
|||
dest="/etc/fedmsg.d/{{ item }}"
|
||||
owner=root
|
||||
group=root
|
||||
mode=644
|
||||
mode=0644
|
||||
with_items:
|
||||
- policy.py
|
||||
when: "'persistent-cloud' not in group_names"
|
||||
|
|
@ -158,7 +158,7 @@
|
|||
dest="/etc/fedmsg.d/{{ item }}"
|
||||
owner=root
|
||||
group=root
|
||||
mode=644
|
||||
mode=0644
|
||||
with_items:
|
||||
- ssl.py
|
||||
- endpoints-external.py
|
||||
|
|
@ -183,7 +183,7 @@
|
|||
dest="/etc/fedmsg.d/{{ item }}"
|
||||
owner=root
|
||||
group=root
|
||||
mode=644
|
||||
mode=0644
|
||||
with_items:
|
||||
- endpoints-external-composer.py
|
||||
when: "'releng-stg' in group_names"
|
||||
|
|
|
|||
|
|
@ -24,7 +24,7 @@
|
|||
when: ansible_distribution_major_version|int > 21
|
||||
|
||||
- name: rsyncd.conf file
|
||||
copy: src={{ item }} dest=/etc/rsyncd.conf mode=644
|
||||
copy: src={{ item }} dest=/etc/rsyncd.conf mode=0644
|
||||
with_first_found:
|
||||
- "{{ rsyncd_conf }}"
|
||||
- rsyncd.conf.{{ inventory_hostname }}
|
||||
|
|
@ -37,7 +37,7 @@
|
|||
- config
|
||||
|
||||
- name: xinetd rsync file
|
||||
copy: src={{ item }} dest=/etc/xinetd.d/rsync mode=644
|
||||
copy: src={{ item }} dest=/etc/xinetd.d/rsync mode=0644
|
||||
with_first_found:
|
||||
- "{{ rsync }}"
|
||||
- rsync.{{ inventory_hostname }}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue