library/roles/dnet_user_services_perms: Fix to the ACL handling. Now it's possibile to specify the acl permissions.
This commit is contained in:
parent
f54c2bb457
commit
17c267a481
|
@ -16,9 +16,9 @@ dnet_log_directories:
|
||||||
|
|
||||||
# Define the following if you want some directories readable and writable by the dnet group but outside the dnet app data dirs
|
# Define the following if you want some directories readable and writable by the dnet group but outside the dnet app data dirs
|
||||||
#dnet_users_data_directories:
|
#dnet_users_data_directories:
|
||||||
# - { name: '/data/1', perms: 0755, create: True, file: False, owner: 'root', group: 'dnet' }
|
# - { name: '/data/1', perms: 0755, create: True, file: False, owner: 'root', group: 'dnet', aclperms: 'rwx' }
|
||||||
# - { name: '/data/2', create: False, perms: 0755, file: False, owner: 'root', group: 'dnet' }
|
# - { name: '/data/2', create: False, perms: 0755, file: False, owner: 'root', group: 'dnet', aclperms: 'rwx' }
|
||||||
# - { name: '/data/bah', create: False, perms: 0644, file: True }
|
# - { name: '/data/bah', create: False, perms: 0644, file: True, aclperms: 'rw' }
|
||||||
|
|
||||||
# Define the following array when you want to add commands to the sudoers file
|
# Define the following array when you want to add commands to the sudoers file
|
||||||
#dnet_sudo_commands:
|
#dnet_sudo_commands:
|
||||||
|
|
|
@ -6,19 +6,19 @@
|
||||||
tags: [ 'dnet', 'users', 'dnet_u_acl' ]
|
tags: [ 'dnet', 'users', 'dnet_u_acl' ]
|
||||||
|
|
||||||
- name: Set the read/write/access permissions on the users dnet data dirs
|
- name: Set the read/write/access permissions on the users dnet data dirs
|
||||||
acl: name={{ item.name }} entity={{ dnet_group }} etype=group permissions=rwx state=present
|
acl: name={{ item.name }} entity={{ dnet_group }} etype=group permissions={{ item.aclperms | default ('rwx') }} state=present
|
||||||
with_items: '{{ dnet_users_data_directories }}'
|
with_items: '{{ dnet_users_data_directories }}'
|
||||||
when: not item.file
|
when: not item.file
|
||||||
tags: [ 'dnet', 'users', 'dnet_u_acl' ]
|
tags: [ 'dnet', 'users', 'dnet_u_acl' ]
|
||||||
|
|
||||||
- name: Set the default read/write/access permissions on the users dnet data dirs
|
- name: Set the default read/write/access permissions on the users dnet data dirs
|
||||||
acl: name={{ item.name }} entity={{ dnet_group }} etype=group permissions=rwx state=present default=yes
|
acl: name={{ item.name }} entity={{ dnet_group }} etype=group permissions={{ item.aclperms | default ('rwx') }} state=present default=yes
|
||||||
with_items: '{{ dnet_users_data_directories }}'
|
with_items: '{{ dnet_users_data_directories }}'
|
||||||
when: not item.file
|
when: not item.file
|
||||||
tags: [ 'dnet', 'users', 'dnet_u_acl' ]
|
tags: [ 'dnet', 'users', 'dnet_u_acl' ]
|
||||||
|
|
||||||
- name: Set the read/write permissions on pre-existing files inside the users dnet data dirs
|
- name: Set the read/write permissions on pre-existing files inside the users dnet data dirs
|
||||||
acl: name={{ item.name }} entity={{ dnet_group }} etype=group permissions=rw state=present
|
acl: name={{ item.name }} entity={{ dnet_group }} etype=group permissions={{ item.aclperms | default ('rw') }} state=present
|
||||||
with_items: '{{ dnet_users_data_directories }}'
|
with_items: '{{ dnet_users_data_directories }}'
|
||||||
when: item.file
|
when: item.file
|
||||||
tags: [ 'dnet', 'users', 'dnet_u_acl' ]
|
tags: [ 'dnet', 'users', 'dnet_u_acl' ]
|
||||||
|
|
|
@ -57,7 +57,7 @@
|
||||||
tags: drupal
|
tags: drupal
|
||||||
|
|
||||||
- name: Create the files directory
|
- name: Create the files directory
|
||||||
file: dest={{ drupal_install_dir }}/{{ item.virthost }}/sites/default/files owner={{ item.user }} group={{ item.group }} mode=0770 state=directory
|
file: dest={{ drupal_install_dir }}/{{ item.virthost }}/sites/default/files owner={{ item.user }} group={{ item.group }} mode=0775 state=directory
|
||||||
with_items: '{{ phpfpm_pools }}'
|
with_items: '{{ phpfpm_pools }}'
|
||||||
when: ( unpack_drupal | changed )
|
when: ( unpack_drupal | changed )
|
||||||
tags: drupal
|
tags: drupal
|
||||||
|
|
Loading…
Reference in New Issue