Run as root and explicitly set the ownership.
This commit is contained in:
parent
3f61a385d5
commit
90cb70c124
|
@ -116,12 +116,12 @@
|
|||
tags: ['letsencrypt', 'letsencrypt_cron', 'letsencrypt_acme_sh', 'letsencrypt_acme_sh_scripts']
|
||||
|
||||
- name: Acme.sh distribution
|
||||
become: true
|
||||
become_user: '{{ letsencrypt_acme_sh_user }}'
|
||||
when: letsencrypt_acme_sh_install | bool
|
||||
tags: ['letsencrypt', 'letsencrypt_acme_sh']
|
||||
block:
|
||||
- name: Download the acme.sh distribution
|
||||
become: true
|
||||
become_user: "{{ letsencrypt_acme_user }}"
|
||||
ansible.builtin.git:
|
||||
repo: "{{ letsencrypt_acme_sh_git_url }}"
|
||||
dest: "{{ letsencrypt_acme_git_dest_dir }}"
|
||||
|
@ -134,6 +134,8 @@
|
|||
ansible.builtin.file:
|
||||
dest: "{{ item }}"
|
||||
state: directory
|
||||
owner: "{{ letsencrypt_acme_user }}"
|
||||
group: "{{ letsencrypt_acme_user }}"
|
||||
mode: 0755
|
||||
with_items: '{{ letsencrypt_acme_sh_dirs }}'
|
||||
|
||||
|
@ -146,9 +148,9 @@
|
|||
ansible.builtin.template:
|
||||
src: account.conf.j2
|
||||
dest: "{{ letsencrypt_acme_sh_base_data_dir }}/data/account.conf"
|
||||
owner: root
|
||||
owner: "{{ letsencrypt_acme_user }}"
|
||||
group: "{{ letsencrypt_acme_user }}"
|
||||
mode: 0640
|
||||
mode: 0440
|
||||
tags: ['letsencrypt', 'letsencrypt_account_conf', 'letsencrypt_acme_sh']
|
||||
|
||||
- name: Certificates management
|
||||
|
|
Loading…
Reference in New Issue