etcd: Fix permissions of /etc/ssl/etcd/ssl (#6908)
This commit is contained in:
parent
e022e2e13c
commit
dbe02d398a
2 changed files with 3 additions and 2 deletions
|
@ -14,6 +14,7 @@ etcd_backup_retention_count: -1
|
||||||
|
|
||||||
etcd_config_dir: /etc/ssl/etcd
|
etcd_config_dir: /etc/ssl/etcd
|
||||||
etcd_cert_dir: "{{ etcd_config_dir }}/ssl"
|
etcd_cert_dir: "{{ etcd_config_dir }}/ssl"
|
||||||
|
etcd_cert_dir_mode: "0700"
|
||||||
etcd_cert_group: root
|
etcd_cert_group: root
|
||||||
# Note: This does not set up DNS entries. It simply adds the following DNS
|
# Note: This does not set up DNS entries. It simply adds the following DNS
|
||||||
# entries to the certificate
|
# entries to the certificate
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
group: "{{ etcd_cert_group }}"
|
group: "{{ etcd_cert_group }}"
|
||||||
state: directory
|
state: directory
|
||||||
owner: kube
|
owner: kube
|
||||||
mode: 0700
|
mode: "{{ etcd_cert_dir_mode }}"
|
||||||
recurse: yes
|
recurse: yes
|
||||||
|
|
||||||
- name: "Gen_certs | create etcd script dir (on {{ groups['etcd'][0] }})"
|
- name: "Gen_certs | create etcd script dir (on {{ groups['etcd'][0] }})"
|
||||||
|
@ -157,5 +157,5 @@
|
||||||
group: "{{ etcd_cert_group }}"
|
group: "{{ etcd_cert_group }}"
|
||||||
state: directory
|
state: directory
|
||||||
owner: kube
|
owner: kube
|
||||||
mode: 0640
|
mode: "{{ etcd_cert_dir_mode }}"
|
||||||
recurse: yes
|
recurse: yes
|
||||||
|
|
Loading…
Reference in a new issue