Specify folder permissionsdevelop

author: Silvio Rhatto <rhatto@riseup.net> 2018-06-09 16:06:59 -0300
committer: Silvio Rhatto <rhatto@riseup.net> 2018-06-09 16:06:59 -0300
commit: 0723c9ad8b28d8eff9ee65afac5acf8a8299e8bf (patch)
tree: 0264916e0f7b301670cb1ed997828c29d83fc78e
parent: 19076f1b19609ed9c7705bec10acc94abd63834f (diff)
download: puppet-ssl-0723c9ad8b28d8eff9ee65afac5acf8a8299e8bf.tar.gz
puppet-ssl-0723c9ad8b28d8eff9ee65afac5acf8a8299e8bf.tar.bz2
1 files changed, 10 insertions, 1 deletions
diff --git a/manifests/init.pp b/manifests/init.pp
index 8b5ece8..6c3a4c8 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -3,13 +3,22 @@ class ssl {
     ensure => present,
   }
 
-  file { [ "/etc/ssl", "/etc/ssl/certs", "/etc/ssl/private", "/etc/ssl/dhparams" ]:
+  file { [ "/etc/ssl", "/etc/ssl/certs" ]:
     ensure  => directory,
     owner   => "root",
     group   => "ssl-cert",
+    mode    => '0755',
     require => Group['ssl-cert'],
   }
 
+  file { [ "/etc/ssl/private", "/etc/ssl/dhparams" ]:
+    ensure  => directory,
+    owner   => "root",
+    group   => "ssl-cert",
+    mode    => '0750',
+    require => [ File['/etc/ssl'], Group['ssl-cert'] ],
+  }
+
   file { "/usr/local/bin/ssl-cert-check":
     ensure => present,
     owner   => "root",
author	Silvio Rhatto <rhatto@riseup.net>	2018-06-09 16:06:59 -0300
committer	Silvio Rhatto <rhatto@riseup.net>	2018-06-09 16:06:59 -0300
commit	0723c9ad8b28d8eff9ee65afac5acf8a8299e8bf (patch)
tree	0264916e0f7b301670cb1ed997828c29d83fc78e
parent	19076f1b19609ed9c7705bec10acc94abd63834f (diff)
download	puppet-ssl-0723c9ad8b28d8eff9ee65afac5acf8a8299e8bf.tar.gz puppet-ssl-0723c9ad8b28d8eff9ee65afac5acf8a8299e8bf.tar.bz2