mirror of
https://bitbucket.org/atlassian/dc-deployments-automation.git
synced 2025-12-15 09:23:06 -06:00
56 lines
1.5 KiB
YAML
56 lines
1.5 KiB
YAML
---
|
|
- name: Enforce correct permissions on mounted filesystems attached to atl_product_home
|
|
ansible.builtin.file:
|
|
path: "{{ item }}"
|
|
owner: "{{ atl_product_user }}"
|
|
group: "{{ atl_product_user }}"
|
|
mode: 0750
|
|
state: directory
|
|
recurse: no
|
|
with_items:
|
|
- "{{ atl_product_home }}"
|
|
- "{{ atl_product_home }}/caches"
|
|
- "{{ atl_product_home }}/log"
|
|
|
|
- stat:
|
|
path: "{{ atl_product_home }}"
|
|
register: xxx
|
|
|
|
- name: DEBUG print atl_product_home stat info
|
|
debug:
|
|
msg: >-
|
|
{{ xxx.stat.uid ~ ':' ~ xxx.stat.gid ~ ' (' ~ xxx.stat.mode ~ ')'
|
|
if xxx.stat.exists
|
|
else
|
|
'?:? (?)' }}
|
|
|
|
- name: Enforce the permissions on the pem files
|
|
ansible.builtin.file:
|
|
path: "{{ atl_product_home }}/config/{{ item }}"
|
|
state: touch
|
|
owner: "{{ atl_product_user }}"
|
|
group: "{{ atl_product_user }}"
|
|
mode: 0600
|
|
with_items:
|
|
- signing-key.pem
|
|
- control-plane.pem
|
|
register: pem_chown
|
|
failed_when:
|
|
- pem_chown.failed | bool
|
|
- "'No such file or directory' not in pem_chown.msg"
|
|
|
|
- name: Touch mesh.properties to make sure it exists
|
|
ansible.builtin.file:
|
|
state: touch
|
|
path: "{{ mesh_properties_file }}"
|
|
owner: "{{ atl_product_user }}"
|
|
group: "{{ atl_product_user }}"
|
|
mode: 0600
|
|
|
|
# check for lines starting with '!' and prefix them with #
|
|
- name: Prefix properties files bangs with hashes
|
|
ansible.builtin.replace:
|
|
path: "{{ mesh_properties_file }}"
|
|
regexp: '^(\!.*)$'
|
|
replace: '# \1'
|