search

shadowman-lab / Ansible-ImageBuilder

5 stars 4 forks source link

Just a notice even though this is just for demo #2

Closed kris9854 closed 9 months ago

kris9854 commented 10 months ago

I know this is a demo repo but just FYI 

  - name: Copy Key
    ansible.builtin.copy:
      src: "{{ keysourcelocation }}"
      dest: /etc/pki/tls/private/localhost.key
      owner: root
      group: root
      mode: '0644'

Should be:

  - name: Copy Key
    ansible.builtin.copy:
      src: "{{ keysourcelocation }}"
      dest: /etc/pki/tls/private/localhost.key
      owner: root
      group: root
      mode: '0600'

As the .key shouldn't be readable for everyone on the server :)

Hope it is okay to give this

kris9854 commented 10 months ago

This in the image_builder_apache_ssl role :)

adworjan commented 9 months ago

Fixed permissions