ansible-roles/dnet_user_services_perms/tasks/dnet-data-dirs.yml

---
- name: Create the dnet data dirs
  file: name={{ item }} state=directory owner={{ dnet_user }} group={{ dnet_group }} mode=0750
  with_items: '{{ dnet_data_directories }}'
  tags: [ 'tomcat', 'dnet', 'users' ]

- name: Create the dnet log dirs
  file: name={{ item }} state=directory owner={{ tomcat_user }} group={{ dnet_group }} mode=0750
  with_items: '{{ dnet_log_directories }}'
  tags: [ 'tomcat', 'dnet', 'users' ]

- name: Set the read/write permissions on the dnet data dirs
  acl: name={{ item }} entity={{ dnet_group }} etype=group permissions=rwx state=present
  with_items: '{{ dnet_data_directories }}'
  tags: [ 'tomcat', 'dnet', 'users' ]

- name: Set the default read/write permissions on the dnet data dirs
  acl: name={{ item }} entity={{ dnet_group }} etype=group permissions=rwx state=present default=yes
  with_items: '{{ dnet_data_directories }}'
  tags: [ 'tomcat', 'dnet', 'users' ]

- name: Recursively set the ACLs to give access and read write permissions on the dnet data directories
  shell: find {{ item }} -type d -exec setfacl -d -m group:{{ dnet_group }}:rwx,m:rwx {} \; ; find {{ item }} -type d -exec setfacl -m group:{{ dnet_group }}:rwx,m:rwx {} \; ; find {{ item }} -type f -exec setfacl -m group:{{ dnet_group }}:rw,m:rw {} \;
  with_items: '{{ dnet_data_directories }}'
  tags: [ 'dnet_acls', 'dnet', 'users' ]

- name: Set the read permissions on the dnet log dirs
  acl: name={{ item }} entity={{ dnet_group }} etype=group permissions=rx state=present
  with_items: '{{ dnet_log_directories }}'
  tags: [ 'tomcat', 'dnet', 'users' ]

- name: Set the default read permissions on the dnet log dirs
  acl: name={{ item }} entity={{ dnet_group }} etype=group permissions=rx state=present default=yes
  with_items: '{{ dnet_log_directories }}'
  tags: [ 'tomcat', 'dnet', 'users' ]

- name: Recursively set the ACLs to give access and read permissions on the log directories
  shell: find {{ item }} -type d -exec setfacl -d -m group:{{ dnet_group }}:r-x {} \; ; find {{ item }} -type d -exec setfacl -m group:{{ dnet_group }}:r-x {} \; ; find {{ item }} -type f -exec setfacl -m group:{{ dnet_group }}:r {} \;
  with_items: '{{ dnet_log_directories }}'
  tags: [ 'dnet_acls', 'dnet', 'users' ]
library/roles/dnet_user_services_perms: The role now permits to deal with services other than tomcat. dnet-openaire/virtuoso.yml: Use the dnet_user_services_perms to set up ACLs and sudo. library/roles/ssh-keys/defaults/main.yml: All the keys have been moved to library/vars/isti-global.yml. 2015-08-27 17:14:27 +02:00			`---`
			`- name: Create the dnet data dirs`
			`file: name={{ item }} state=directory owner={{ dnet_user }} group={{ dnet_group }} mode=0750`
library/roles/dnet_user_services_perms: Ansible 2 compatibility 2016-06-30 11:30:35 +02:00			`with_items: '{{ dnet_data_directories }}'`
library/roles/dnet_user_services_perms: The role now permits to deal with services other than tomcat. dnet-openaire/virtuoso.yml: Use the dnet_user_services_perms to set up ACLs and sudo. library/roles/ssh-keys/defaults/main.yml: All the keys have been moved to library/vars/isti-global.yml. 2015-08-27 17:14:27 +02:00			`tags: [ 'tomcat', 'dnet', 'users' ]`

			`- name: Create the dnet log dirs`
			`file: name={{ item }} state=directory owner={{ tomcat_user }} group={{ dnet_group }} mode=0750`
library/roles/dnet_user_services_perms: Ansible 2 compatibility 2016-06-30 11:30:35 +02:00			`with_items: '{{ dnet_log_directories }}'`
library/roles/dnet_user_services_perms: The role now permits to deal with services other than tomcat. dnet-openaire/virtuoso.yml: Use the dnet_user_services_perms to set up ACLs and sudo. library/roles/ssh-keys/defaults/main.yml: All the keys have been moved to library/vars/isti-global.yml. 2015-08-27 17:14:27 +02:00			`tags: [ 'tomcat', 'dnet', 'users' ]`

			`- name: Set the read/write permissions on the dnet data dirs`
			`acl: name={{ item }} entity={{ dnet_group }} etype=group permissions=rwx state=present`
library/roles/dnet_user_services_perms: Ansible 2 compatibility 2016-06-30 11:30:35 +02:00			`with_items: '{{ dnet_data_directories }}'`
library/roles/dnet_user_services_perms: The role now permits to deal with services other than tomcat. dnet-openaire/virtuoso.yml: Use the dnet_user_services_perms to set up ACLs and sudo. library/roles/ssh-keys/defaults/main.yml: All the keys have been moved to library/vars/isti-global.yml. 2015-08-27 17:14:27 +02:00			`tags: [ 'tomcat', 'dnet', 'users' ]`

			`- name: Set the default read/write permissions on the dnet data dirs`
			`acl: name={{ item }} entity={{ dnet_group }} etype=group permissions=rwx state=present default=yes`
library/roles/dnet_user_services_perms: Ansible 2 compatibility 2016-06-30 11:30:35 +02:00			`with_items: '{{ dnet_data_directories }}'`
library/roles/dnet_user_services_perms: The role now permits to deal with services other than tomcat. dnet-openaire/virtuoso.yml: Use the dnet_user_services_perms to set up ACLs and sudo. library/roles/ssh-keys/defaults/main.yml: All the keys have been moved to library/vars/isti-global.yml. 2015-08-27 17:14:27 +02:00			`tags: [ 'tomcat', 'dnet', 'users' ]`

library/roles/dnet_user_services_perms/tasks/dnet-data-dirs.yml: Try to fix the task that sets ACLs, again. 2017-02-09 21:59:13 +01:00			`- name: Recursively set the ACLs to give access and read write permissions on the dnet data directories`
			`shell: find {{ item }} -type d -exec setfacl -d -m group:{{ dnet_group }}:rwx,m:rwx {} \; ; find {{ item }} -type d -exec setfacl -m group:{{ dnet_group }}:rwx,m:rwx {} \; ; find {{ item }} -type f -exec setfacl -m group:{{ dnet_group }}:rw,m:rw {} \;`
			`with_items: '{{ dnet_data_directories }}'`
			`tags: [ 'dnet_acls', 'dnet', 'users' ]`

library/roles/dnet_user_services_perms: The role now permits to deal with services other than tomcat. dnet-openaire/virtuoso.yml: Use the dnet_user_services_perms to set up ACLs and sudo. library/roles/ssh-keys/defaults/main.yml: All the keys have been moved to library/vars/isti-global.yml. 2015-08-27 17:14:27 +02:00			`- name: Set the read permissions on the dnet log dirs`
			`acl: name={{ item }} entity={{ dnet_group }} etype=group permissions=rx state=present`
library/roles/dnet_user_services_perms: Ansible 2 compatibility 2016-06-30 11:30:35 +02:00			`with_items: '{{ dnet_log_directories }}'`
library/roles/dnet_user_services_perms: The role now permits to deal with services other than tomcat. dnet-openaire/virtuoso.yml: Use the dnet_user_services_perms to set up ACLs and sudo. library/roles/ssh-keys/defaults/main.yml: All the keys have been moved to library/vars/isti-global.yml. 2015-08-27 17:14:27 +02:00			`tags: [ 'tomcat', 'dnet', 'users' ]`

			`- name: Set the default read permissions on the dnet log dirs`
			`acl: name={{ item }} entity={{ dnet_group }} etype=group permissions=rx state=present default=yes`
library/roles/dnet_user_services_perms: Ansible 2 compatibility 2016-06-30 11:30:35 +02:00			`with_items: '{{ dnet_log_directories }}'`
library/roles/dnet_user_services_perms: The role now permits to deal with services other than tomcat. dnet-openaire/virtuoso.yml: Use the dnet_user_services_perms to set up ACLs and sudo. library/roles/ssh-keys/defaults/main.yml: All the keys have been moved to library/vars/isti-global.yml. 2015-08-27 17:14:27 +02:00			`tags: [ 'tomcat', 'dnet', 'users' ]`
library/roles/dnet_user_services_perms/tasks/dnet-data-dirs.yml: Add the logs ACLs recursively. 2016-12-16 19:14:14 +01:00
			`- name: Recursively set the ACLs to give access and read permissions on the log directories`
			`shell: find {{ item }} -type d -exec setfacl -d -m group:{{ dnet_group }}:r-x {} \; ; find {{ item }} -type d -exec setfacl -m group:{{ dnet_group }}:r-x {} \; ; find {{ item }} -type f -exec setfacl -m group:{{ dnet_group }}:r {} \;`
			`with_items: '{{ dnet_log_directories }}'`
			`tags: [ 'dnet_acls', 'dnet', 'users' ]`