From 84d5459e230a500924a0ec7d4e6f1fdc4cb59c08 Mon Sep 17 00:00:00 2001
From: SebClem <seb6596@gmail.com>
Date: Fri, 17 Feb 2023 17:10:23 +0100
Subject: [PATCH] change umask

---
 tasks/configure.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/tasks/configure.yml b/tasks/configure.yml
index 158245f..5252c5f 100644
--- a/tasks/configure.yml
+++ b/tasks/configure.yml
@@ -18,7 +18,7 @@
     path: "{{ home }}"
     owner: "{{ user }}"
     group: "{{ group }}"
-    mode: 0700
+    mode: 0770
     state: directory
 
 - name: Ensure ssh dir is present
@@ -34,14 +34,14 @@
     path: "{{ pool }}"
     owner: "{{ user }}"
     group: "{{ group }}"
-    mode: 0700
+    mode: 0770
     state: directory
 
 - name: Create autorized key entry
   ansible.posix.authorized_key:
     user: "{{ user }}"
     key: "{{ item.key }}"
-    key_options: 'command="cd {{ pool }}/{{ item.host }};borg serve --restrict-to-path {{ pool }}/{{ item.host }}",restrict'
+    key_options: 'command="cd {{ pool }}/{{ item.host }};borg serve --umask=007 --restrict-to-path {{ pool }}/{{ item.host }}",restrict'
   with_items: "{{ auth_users }}"
 
 - name: Ensure permission on authorized_keys file
@@ -57,6 +57,6 @@
     path: "{{ pool }}/{{ item.host }}"
     owner: "{{ user }}"
     group: "{{ group }}"
-    mode: 0700
+    mode: 0770
     state: directory
   with_items: "{{ auth_users }}"