From: Silvio Rhatto <rhatto@riseup.net>
Date: Sat, 9 Jun 2018 19:06:59 +0000 (-0300)
Subject: Specify folder permissions
X-Git-Url: https://gitweb.fluxo.info/?a=commitdiff_plain;h=0723c9ad8b28d8eff9ee65afac5acf8a8299e8bf;p=puppet-ssl.git

Specify folder permissions
---

diff --git a/manifests/init.pp b/manifests/init.pp
index 8b5ece8..6c3a4c8 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -3,13 +3,22 @@ class ssl {
     ensure => present,
   }
 
-  file { [ "/etc/ssl", "/etc/ssl/certs", "/etc/ssl/private", "/etc/ssl/dhparams" ]:
+  file { [ "/etc/ssl", "/etc/ssl/certs" ]:
     ensure  => directory,
     owner   => "root",
     group   => "ssl-cert",
+    mode    => '0755',
     require => Group['ssl-cert'],
   }
 
+  file { [ "/etc/ssl/private", "/etc/ssl/dhparams" ]:
+    ensure  => directory,
+    owner   => "root",
+    group   => "ssl-cert",
+    mode    => '0750',
+    require => [ File['/etc/ssl'], Group['ssl-cert'] ],
+  }
+
   file { "/usr/local/bin/ssl-cert-check":
     ensure => present,
     owner   => "root",