change umask

This commit is contained in:
SebClem 2023-02-17 17:10:23 +01:00
parent 6ca04c782b
commit df6c16f2e6
Signed by: sebclem
GPG Key ID: 5A4308F6A359EA50

View File

@ -18,7 +18,7 @@
path: "{{ home }}" path: "{{ home }}"
owner: "{{ user }}" owner: "{{ user }}"
group: "{{ group }}" group: "{{ group }}"
mode: 0700 mode: 0770
state: directory state: directory
- name: Ensure ssh dir is present - name: Ensure ssh dir is present
@ -26,7 +26,7 @@
path: "{{ home }}/.ssh" path: "{{ home }}/.ssh"
owner: "{{ user }}" owner: "{{ user }}"
group: "{{ group }}" group: "{{ group }}"
mode: 0700 mode: 0770
state: directory state: directory
- name: Ensure pool dir is present - name: Ensure pool dir is present
@ -34,14 +34,14 @@
path: "{{ pool }}" path: "{{ pool }}"
owner: "{{ user }}" owner: "{{ user }}"
group: "{{ group }}" group: "{{ group }}"
mode: 0700 mode: 0770
state: directory state: directory
- name: Create autorized key entry - name: Create autorized key entry
ansible.posix.authorized_key: ansible.posix.authorized_key:
user: "{{ user }}" user: "{{ user }}"
key: "{{ item.key }}" key: "{{ item.key }}"
key_options: 'command="cd {{ pool }}/{{ item.host }};borg serve --restrict-to-path {{ pool }}/{{ item.host }}",restrict' key_options: 'command="cd {{ pool }}/{{ item.host }};borg serve --umask=007 --restrict-to-path {{ pool }}/{{ item.host }}",restrict'
with_items: "{{ auth_users }}" with_items: "{{ auth_users }}"
- name: Ensure permission on authorized_keys file - name: Ensure permission on authorized_keys file
@ -57,6 +57,6 @@
path: "{{ pool }}/{{ item.host }}" path: "{{ pool }}/{{ item.host }}"
owner: "{{ user }}" owner: "{{ user }}"
group: "{{ group }}" group: "{{ group }}"
mode: 0700 mode: 0770
state: directory state: directory
with_items: "{{ auth_users }}" with_items: "{{ auth_users }}"