diff --git a/roles/ansible-server/tasks/main.yml b/roles/ansible-server/tasks/main.yml index 873a1ce99a..f41d5ce2e5 100644 --- a/roles/ansible-server/tasks/main.yml +++ b/roles/ansible-server/tasks/main.yml @@ -17,7 +17,7 @@ - ansible-server - name: installing the phx2 dns check script - copy: src=dns_check.py dest=/usr/local/bin/dns_check owner=root mode=755 + copy: src=dns_check.py dest=/usr/local/bin/dns_check owner=root mode=0755 tags: - ansible-server # diff --git a/roles/base/tasks/main.yml b/roles/base/tasks/main.yml index dfcd42495d..6dfd4f9db1 100644 --- a/roles/base/tasks/main.yml +++ b/roles/base/tasks/main.yml @@ -57,7 +57,7 @@ - base - name: copy ifcfg files - non virthost - template: src=ifcfg.j2 dest=/etc/sysconfig/network-scripts/ifcfg-{{item}} mode=644 + template: src=ifcfg.j2 dest=/etc/sysconfig/network-scripts/ifcfg-{{item}} mode=0644 with_items: - "{{ ansible_interfaces }}" notify: @@ -92,7 +92,7 @@ hostname: name="{{inventory_hostname}}" - name: sshd_config - copy: src={{ item }} dest=/etc/ssh/sshd_config mode=600 + copy: src={{ item }} dest=/etc/ssh/sshd_config mode=0600 with_first_found: - "{{ sshd_config }}" - ssh/sshd_config.{{ inventory_hostname }} @@ -185,7 +185,7 @@ - base - name: iptables - template: src={{ item }} dest=/etc/sysconfig/iptables mode=600 validate="/sbin/iptables-restore --text %s" + template: src={{ item }} dest=/etc/sysconfig/iptables mode=0600 validate="/sbin/iptables-restore --text %s" with_first_found: - iptables/iptables.{{ datacenter }} - iptables/iptables.{{ inventory_hostname }} @@ -209,7 +209,7 @@ - base - name: ip6tables - template: src={{ item }} dest=/etc/sysconfig/ip6tables mode=600 backup=yes + template: src={{ item }} dest=/etc/sysconfig/ip6tables mode=0600 backup=yes with_first_found: - iptables/ip6tables.{{ datacenter }} - iptables/ip6tables.{{ inventory_hostname }} @@ -244,7 +244,7 @@ - flush journald tmpfiles to persistent store - name: rsyslog.conf - copy: src={{ item }} dest=/etc/rsyslog.conf mode=644 + copy: src={{ item }} dest=/etc/rsyslog.conf mode=0644 with_first_found: - rsyslog/rsyslog.conf.{{ inventory_hostname }} - rsyslog/rsyslog.conf.{{ dist_tag }} @@ -257,7 +257,7 @@ - base - name: rsyslog log rotate for rsyslog servers - copy: src=rsyslog/merged-rsyslog dest=/etc/logrotate.d/merged-rsyslog mode=644 + copy: src=rsyslog/merged-rsyslog dest=/etc/logrotate.d/merged-rsyslog mode=0644 when: inventory_hostname.startswith('log') notify: - restart rsyslog @@ -278,7 +278,7 @@ - base - name: log everything to log01 except on mirrorlist, do not log local4 there. - copy: src=rsyslog/rsyslog-log01 dest=/etc/rsyslog.d/rsyslog-log01.conf mode=644 + copy: src=rsyslog/rsyslog-log01 dest=/etc/rsyslog.d/rsyslog-log01.conf mode=0644 when: not inventory_hostname.startswith(('mirrorlist','copr','jenkins')) tags: - rsyslogd @@ -286,7 +286,7 @@ - base - name: log everything to log01 except on mirrorlist, do log local4 there. - copy: src=rsyslog/rsyslog-log01-nolocal4 dest=/etc/rsyslog.d/rsyslog-log01.conf mode=644 + copy: src=rsyslog/rsyslog-log01-nolocal4 dest=/etc/rsyslog.d/rsyslog-log01.conf mode=0644 when: inventory_hostname.startswith('mirrorlist') tags: - rsyslogd @@ -311,7 +311,7 @@ - base - name: install a sync httpd logs cron script only on log01 - copy: src=syncHttpLogs.sh dest=/etc/cron.daily/syncHttpLogs.sh mode=755 + copy: src=syncHttpLogs.sh dest=/etc/cron.daily/syncHttpLogs.sh mode=0755 when: inventory_hostname.startswith('log01') tags: - config @@ -349,7 +349,7 @@ dest="/etc/profile.d/setstgps1.sh" owner=root group=root - mode=644 + mode=0644 when: env == 'staging' tags: - base @@ -364,7 +364,7 @@ dest="/etc/profile.d/setprodps1.sh" owner=root group=root - mode=644 + mode=0644 when: env == 'production' tags: - base diff --git a/roles/base/tasks/watchdog.yml b/roles/base/tasks/watchdog.yml index a2c5c112eb..65e0dcaef6 100644 --- a/roles/base/tasks/watchdog.yml +++ b/roles/base/tasks/watchdog.yml @@ -17,7 +17,7 @@ - base - name: watchdog device configuration - copy: src=watchdog.conf dest=/etc/watchdog.conf owner=root group=root mode=644 + copy: src=watchdog.conf dest=/etc/watchdog.conf owner=root group=root mode=0644 tags: - config - watchdog diff --git a/roles/batcave/tasks/main.yml b/roles/batcave/tasks/main.yml index d92a175573..9ad153cd25 100644 --- a/roles/batcave/tasks/main.yml +++ b/roles/batcave/tasks/main.yml @@ -7,7 +7,7 @@ # - name: create /srv/web/pub for nfs mounts - file: dest=/srv/web/pub state=directory mode=755 + file: dest=/srv/web/pub state=directory mode=0755 tags: - batcave - config diff --git a/roles/fas_client/tasks/main.yml b/roles/fas_client/tasks/main.yml index 1e7e2560bf..dd723095ae 100644 --- a/roles/fas_client/tasks/main.yml +++ b/roles/fas_client/tasks/main.yml @@ -29,7 +29,7 @@ # setup /etc/nsswitch.conf to use nssdb # - name: setup /etc/nsswitch.conf for client use - copy: src=nsswitch.conf dest=/etc/nsswitch.conf owner=root mode=644 + copy: src=nsswitch.conf dest=/etc/nsswitch.conf owner=root mode=0644 tags: - config - fas_client @@ -48,7 +48,7 @@ # Currently the default template is used, but could be modified on a host basis. # - name: setup /etc/fas.conf for client use - template: src={{ item }} dest=/etc/fas.conf owner=root mode=600 + template: src={{ item }} dest=/etc/fas.conf owner=root mode=0600 with_first_found: - ../templates/{{ inventory_hostname }}.fas.conf.j2 - ../templates/{{ ansible_hostname }}.fas.conf.j2 @@ -70,20 +70,20 @@ # - config - name: fas_client cron job - copy: src=fas-client.cron dest=/etc/cron.d/fas-client owner=root mode=644 + copy: src=fas-client.cron dest=/etc/cron.d/fas-client owner=root mode=0644 tags: - config - fas_client - name: fas_client_aliases cron job - copy: src=fas-client-aliases.cron dest=/etc/cron.d/fas-client-aliases owner=root mode=644 + copy: src=fas-client-aliases.cron dest=/etc/cron.d/fas-client-aliases owner=root mode=0644 tags: - config - fas_client when: fas_aliases is defined - name: fas_client_aliases template - copy: src=aliases.template dest=/etc/aliases.template owner=root mode=644 + copy: src=aliases.template dest=/etc/aliases.template owner=root mode=0644 tags: - config - fas_client diff --git a/roles/fedmsg/base/tasks/main.yml b/roles/fedmsg/base/tasks/main.yml index 76f26e70d2..9a253d6461 100644 --- a/roles/fedmsg/base/tasks/main.yml +++ b/roles/fedmsg/base/tasks/main.yml @@ -100,7 +100,7 @@ dest="/etc/fedmsg.d/{{ item }}" owner=root group=root - mode=644 + mode=0644 with_items: - ssl.py - endpoints.py @@ -137,7 +137,7 @@ dest="/etc/fedmsg.d/{{ item }}" owner=root group=root - mode=644 + mode=0644 with_items: - policy.py when: "'persistent-cloud' not in group_names" @@ -158,7 +158,7 @@ dest="/etc/fedmsg.d/{{ item }}" owner=root group=root - mode=644 + mode=0644 with_items: - ssl.py - endpoints-external.py @@ -183,7 +183,7 @@ dest="/etc/fedmsg.d/{{ item }}" owner=root group=root - mode=644 + mode=0644 with_items: - endpoints-external-composer.py when: "'releng-stg' in group_names" diff --git a/roles/rsyncd/tasks/main.yml b/roles/rsyncd/tasks/main.yml index 629a264e3e..85e93f2fd6 100644 --- a/roles/rsyncd/tasks/main.yml +++ b/roles/rsyncd/tasks/main.yml @@ -24,7 +24,7 @@ when: ansible_distribution_major_version|int > 21 - name: rsyncd.conf file - copy: src={{ item }} dest=/etc/rsyncd.conf mode=644 + copy: src={{ item }} dest=/etc/rsyncd.conf mode=0644 with_first_found: - "{{ rsyncd_conf }}" - rsyncd.conf.{{ inventory_hostname }} @@ -37,7 +37,7 @@ - config - name: xinetd rsync file - copy: src={{ item }} dest=/etc/xinetd.d/rsync mode=644 + copy: src={{ item }} dest=/etc/xinetd.d/rsync mode=0644 with_first_found: - "{{ rsync }}" - rsync.{{ inventory_hostname }}