diff options
author | elijah <elijah@riseup.net> | 2015-09-03 23:24:43 -0700 |
---|---|---|
committer | Micah Anderson <micah@leap.se> | 2015-09-15 10:56:41 -0400 |
commit | 2b1911f17b0ed5ee5ad2384e176b84b84243802f (patch) | |
tree | 71ae0d63e8cb08c4e64285017f08aa4f863bf021 /puppet/modules/site_webapp/manifests/couchdb.pp | |
parent | 2d20633ceaa670c58ca575eb2a751605bf5b4156 (diff) |
make couchdb.admin.yml only readable by root, make non-admin cron run as webapp user.
Diffstat (limited to 'puppet/modules/site_webapp/manifests/couchdb.pp')
-rw-r--r-- | puppet/modules/site_webapp/manifests/couchdb.pp | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/puppet/modules/site_webapp/manifests/couchdb.pp b/puppet/modules/site_webapp/manifests/couchdb.pp index 1dbc745d..5cf7f953 100644 --- a/puppet/modules/site_webapp/manifests/couchdb.pp +++ b/puppet/modules/site_webapp/manifests/couchdb.pp @@ -14,29 +14,29 @@ class site_webapp::couchdb { file { '/srv/leap/webapp/config/couchdb.yml': content => template('site_webapp/couchdb.yml.erb'), - owner => leap-webapp, - group => leap-webapp, + owner => 'leap-webapp', + group => 'leap-webapp', mode => '0600', require => Vcsrepo['/srv/leap/webapp']; '/srv/leap/webapp/config/couchdb.admin.yml': content => template('site_webapp/couchdb.admin.yml.erb'), - owner => leap-webapp, - group => leap-webapp, + owner => 'root', + group => 'root', mode => '0600', require => Vcsrepo['/srv/leap/webapp']; '/srv/leap/webapp/log': ensure => directory, - owner => leap-webapp, - group => leap-webapp, + owner => 'leap-webapp', + group => 'leap-webapp', mode => '0755', require => Vcsrepo['/srv/leap/webapp']; '/srv/leap/webapp/log/production.log': ensure => present, - owner => leap-webapp, - group => leap-webapp, + owner => 'leap-webapp', + group => 'leap-webapp', mode => '0666', require => Vcsrepo['/srv/leap/webapp']; } |