ceph
/
ceph-ansible
mirror of https://github.com/ceph/ceph-ansible.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

alertmanager/prometheus: fix owner/group 

Set the owner/group on alertmanager and prometheus directories and
files to nobody and nogroup (uid and gid 65534) to avoid permission
issues.

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1901543

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
pull/6088/head
Dimitri Savineau 2020-11-25 12:00:38 -05:00 committed by Guillaume Abrioux
parent 239a14279d
commit eb452d35bc
1 changed files with 9 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
roles/ceph-prometheus/tasks/main.yml
View File

@ -4,6 +4,7 @@
path: "{{ item }}" path: "{{ item }}"
state: directory state: directory
owner: "{{ prometheus_user_id }}" owner: "{{ prometheus_user_id }}"
group: "{{ prometheus_user_id }}"
with_items: with_items:
- "{{ prometheus_conf_dir }}" - "{{ prometheus_conf_dir }}"
- "{{ prometheus_data_dir }}" - "{{ prometheus_data_dir }}"
@ -13,6 +14,7 @@
src: prometheus.yml.j2 src: prometheus.yml.j2
dest: "{{ prometheus_conf_dir }}/prometheus.yml" dest: "{{ prometheus_conf_dir }}/prometheus.yml"
owner: "{{ prometheus_user_id }}" owner: "{{ prometheus_user_id }}"
group: "{{ prometheus_user_id }}"
mode: 0640 mode: 0640
notify: service handler notify: service handler
@ -20,21 +22,23 @@
file: file:
path: "/etc/prometheus/alerting/" path: "/etc/prometheus/alerting/"
state: directory state: directory
recurse: yes owner: "{{ prometheus_user_id }}"
group: "{{ prometheus_user_id }}"
- name: copy alerting rules - name: copy alerting rules
copy: copy:
src: "ceph_dashboard.yml" src: "ceph_dashboard.yml"
dest: "/etc/prometheus/alerting/ceph_dashboard.yml" dest: "/etc/prometheus/alerting/ceph_dashboard.yml"
owner: root owner: "{{ prometheus_user_id }}"
group: root group: "{{ prometheus_user_id }}"
mode: 0644 mode: 0644
- name: create alertmanager directories - name: create alertmanager directories
file: file:
path: "{{ item }}" path: "{{ item }}"
state: directory state: directory
owner: "root" owner: "{{ prometheus_user_id }}"
group: "{{ prometheus_user_id }}"
with_items: with_items:
- "{{ alertmanager_conf_dir }}" - "{{ alertmanager_conf_dir }}"
- "{{ alertmanager_data_dir }}" - "{{ alertmanager_data_dir }}"
@ -44,6 +48,7 @@
src: alertmanager.yml.j2 src: alertmanager.yml.j2
dest: "{{ alertmanager_conf_dir }}/alertmanager.yml" dest: "{{ alertmanager_conf_dir }}/alertmanager.yml"
owner: "{{ prometheus_user_id }}" owner: "{{ prometheus_user_id }}"
group: "{{ prometheus_user_id }}"
mode: 0640 mode: 0640
notify: service handler notify: service handler