diff options
| author | Eli Young <elyscape@gmail.com> | 2016-03-21 16:10:34 -0700 |
|---|---|---|
| committer | Eli Young <elyscape@gmail.com> | 2016-03-21 16:10:34 -0700 |
| commit | a51b7d5fda69b3f88b0231c8b805755fe98691ca (patch) | |
| tree | 2d28033e76ef192c7c2eda450a3b1a00e464a8bd | |
| parent | b7ed298359eaa69b1c00acd0edd101511765c6ea (diff) | |
Lock down permissions on named certificates
| -rw-r--r-- | playbooks/common/openshift-master/config.yml | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml index 972427c53..f1eaf8e16 100644 --- a/playbooks/common/openshift-master/config.yml +++ b/playbooks/common/openshift-master/config.yml @@ -311,13 +311,14 @@ file: path: "{{ named_certs_dir }}" state: directory + mode: 0700 when: named_certs_specified | bool - name: Land named certificates copy: src="{{ item.certfile }}" dest="{{ named_certs_dir }}" with_items: openshift_master_named_certificates when: named_certs_specified | bool - name: Land named certificate keys - copy: src="{{ item.keyfile }}" dest="{{ named_certs_dir }}" + copy: src="{{ item.keyfile }}" dest="{{ named_certs_dir }}" mode=0600 with_items: openshift_master_named_certificates when: named_certs_specified | bool |