forked from ISTI-ansible-roles/ansible-roles
library/roles/postgresql: Fix the ssl key permissions.
This commit is contained in:
parent
5ffd2eee27
commit
4edbd0350a
|
@ -21,6 +21,7 @@ fi
|
||||||
echo "Copy the key file" >> $LE_LOG_DIR/pgpool2.log
|
echo "Copy the key file" >> $LE_LOG_DIR/pgpool2.log
|
||||||
cp ${LE_CERTS_DIR}/privkey ${PGPOOL2_KEYFILE}
|
cp ${LE_CERTS_DIR}/privkey ${PGPOOL2_KEYFILE}
|
||||||
chmod 440 ${PGPOOL2_KEYFILE}
|
chmod 440 ${PGPOOL2_KEYFILE}
|
||||||
|
chown root ${PGPOOL2_KEYFILE}
|
||||||
chgrp postgres ${PGPOOL2_KEYFILE}
|
chgrp postgres ${PGPOOL2_KEYFILE}
|
||||||
|
|
||||||
echo "Reload the pgpool2 service" >> $LE_LOG_DIR/pgpool2.log
|
echo "Reload the pgpool2 service" >> $LE_LOG_DIR/pgpool2.log
|
||||||
|
|
|
@ -21,6 +21,7 @@ fi
|
||||||
echo "Copy the key file" >> $LE_LOG_DIR/postgresql.log
|
echo "Copy the key file" >> $LE_LOG_DIR/postgresql.log
|
||||||
cp ${LE_CERTS_DIR}/privkey ${POSTGRESQL_KEYFILE}
|
cp ${LE_CERTS_DIR}/privkey ${POSTGRESQL_KEYFILE}
|
||||||
chmod 440 ${POSTGRESQL_KEYFILE}
|
chmod 440 ${POSTGRESQL_KEYFILE}
|
||||||
|
chown root ${POSTGRESQL_KEYFILE}
|
||||||
chgrp postgres ${POSTGRESQL_KEYFILE}
|
chgrp postgres ${POSTGRESQL_KEYFILE}
|
||||||
|
|
||||||
echo "Reload the postgresql service" >> $LE_LOG_DIR/postgresql.log
|
echo "Reload the postgresql service" >> $LE_LOG_DIR/postgresql.log
|
||||||
|
|
|
@ -2,6 +2,7 @@
|
||||||
- name: Create the acme hooks directory if it does not yet exist
|
- name: Create the acme hooks directory if it does not yet exist
|
||||||
file: dest={{ letsencrypt_acme_services_scripts_dir }} state=directory owner=root group=root
|
file: dest={{ letsencrypt_acme_services_scripts_dir }} state=directory owner=root group=root
|
||||||
when:
|
when:
|
||||||
|
- psql_pgpool_service_install
|
||||||
- pgpool_letsencrypt_managed
|
- pgpool_letsencrypt_managed
|
||||||
- letsencrypt_acme_install
|
- letsencrypt_acme_install
|
||||||
tags: [ 'postgresql', 'postgres', 'pgpool', 'letsencrypt' ]
|
tags: [ 'postgresql', 'postgres', 'pgpool', 'letsencrypt' ]
|
||||||
|
@ -9,6 +10,7 @@
|
||||||
- name: Install a script that fix the letsencrypt certificate for postgresql and then reload the service
|
- name: Install a script that fix the letsencrypt certificate for postgresql and then reload the service
|
||||||
copy: src=pgpool-letsencrypt-acme.sh dest={{ letsencrypt_acme_services_scripts_dir }}/pgpool owner=root group=root mode=4555
|
copy: src=pgpool-letsencrypt-acme.sh dest={{ letsencrypt_acme_services_scripts_dir }}/pgpool owner=root group=root mode=4555
|
||||||
when:
|
when:
|
||||||
|
- psql_pgpool_service_install
|
||||||
- pgpool_letsencrypt_managed
|
- pgpool_letsencrypt_managed
|
||||||
- letsencrypt_acme_install
|
- letsencrypt_acme_install
|
||||||
tags: [ 'postgresql', 'postgres', 'pgpool', 'letsencrypt' ]
|
tags: [ 'postgresql', 'postgres', 'pgpool', 'letsencrypt' ]
|
||||||
|
|
Loading…
Reference in New Issue