kubernetes-sigs
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

etcd: Fix permissions of /etc/ssl/etcd/ssl (#6908)

pull/6966/head
Hannes Körber 2020-12-09 09:48:49 +01:00 committed by GitHub
parent e022e2e13c
commit dbe02d398a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
roles/etcd/defaults/main.yml
View File

@ -14,6 +14,7 @@ etcd_backup_retention_count: -1
etcd_config_dir: /etc/ssl/etcd etcd_config_dir: /etc/ssl/etcd
etcd_cert_dir: "{{ etcd_config_dir }}/ssl" etcd_cert_dir: "{{ etcd_config_dir }}/ssl"
etcd_cert_dir_mode: "0700"
etcd_cert_group: root etcd_cert_group: root
# Note: This does not set up DNS entries. It simply adds the following DNS # Note: This does not set up DNS entries. It simply adds the following DNS
# entries to the certificate # entries to the certificate

4
roles/etcd/tasks/gen_certs_script.yml
View File

@ -5,7 +5,7 @@
group: "{{ etcd_cert_group }}" group: "{{ etcd_cert_group }}"
state: directory state: directory
owner: kube owner: kube
mode: 0700 mode: "{{ etcd_cert_dir_mode }}"
recurse: yes recurse: yes
- name: "Gen_certs | create etcd script dir (on {{ groups['etcd'][0] }})" - name: "Gen_certs | create etcd script dir (on {{ groups['etcd'][0] }})"
@ -157,5 +157,5 @@
group: "{{ etcd_cert_group }}" group: "{{ etcd_cert_group }}"
state: directory state: directory
owner: kube owner: kube
mode: 0640 mode: "{{ etcd_cert_dir_mode }}"
recurse: yes recurse: yes