Specify folder permissions

author Silvio Rhatto <rhatto@riseup.net>

Sat, 9 Jun 2018 19:06:59 +0000 (16:06 -0300)

committer Silvio Rhatto <rhatto@riseup.net>

Sat, 9 Jun 2018 19:06:59 +0000 (16:06 -0300)
author Silvio Rhatto <rhatto@riseup.net>
Sat, 9 Jun 2018 19:06:59 +0000 (16:06 -0300)
committer Silvio Rhatto <rhatto@riseup.net>
Sat, 9 Jun 2018 19:06:59 +0000 (16:06 -0300)
diff --git a/manifests/init.pp b/manifests/init.pp

index 8b5ece891fb94d29e697b92635cbb0ca1cf90027..6c3a4c81b2238671864ce9d6dbb0d541b9216741 100644 (file)
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -3,13 +3,22 @@ class ssl {
      ensure => present,
    }
  
-  file { [ "/etc/ssl", "/etc/ssl/certs", "/etc/ssl/private", "/etc/ssl/dhparams" ]:
+  file { [ "/etc/ssl", "/etc/ssl/certs" ]:
      ensure  => directory,
      owner   => "root",
      group   => "ssl-cert",
+    mode    => '0755',
      require => Group['ssl-cert'],
    }
  
+  file { [ "/etc/ssl/private", "/etc/ssl/dhparams" ]:
+    ensure  => directory,
+    owner   => "root",
+    group   => "ssl-cert",
+    mode    => '0750',
+    require => [ File['/etc/ssl'], Group['ssl-cert'] ],
+  }
+
    file { "/usr/local/bin/ssl-cert-check":
      ensure => present,
      owner   => "root",
author	Silvio Rhatto <rhatto@riseup.net>
	Sat, 9 Jun 2018 19:06:59 +0000 (16:06 -0300)
committer	Silvio Rhatto <rhatto@riseup.net>
	Sat, 9 Jun 2018 19:06:59 +0000 (16:06 -0300)