diff options
author | elijah <elijah@riseup.net> | 2015-09-03 23:24:43 -0700 |
---|---|---|
committer | elijah <elijah@riseup.net> | 2015-09-03 23:24:43 -0700 |
commit | 9d645a82c7346e8d585c664a82c719647a0d2ffa (patch) | |
tree | b4ae9a91fbfa83c01ecb20e5aa20fb0bbccf7c32 /puppet/modules/site_webapp/manifests/couchdb.pp | |
parent | da53a4a723cc05cfa39e066c64a9467d7efad04b (diff) |
make couchdb.admin.yml only readable by root, make non-admin cron run as webapp user.
Diffstat (limited to 'puppet/modules/site_webapp/manifests/couchdb.pp')
-rw-r--r-- | puppet/modules/site_webapp/manifests/couchdb.pp | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/puppet/modules/site_webapp/manifests/couchdb.pp b/puppet/modules/site_webapp/manifests/couchdb.pp index 1dbc745d..5cf7f953 100644 --- a/puppet/modules/site_webapp/manifests/couchdb.pp +++ b/puppet/modules/site_webapp/manifests/couchdb.pp @@ -14,29 +14,29 @@ class site_webapp::couchdb { file { '/srv/leap/webapp/config/couchdb.yml': content => template('site_webapp/couchdb.yml.erb'), - owner => leap-webapp, - group => leap-webapp, + owner => 'leap-webapp', + group => 'leap-webapp', mode => '0600', require => Vcsrepo['/srv/leap/webapp']; '/srv/leap/webapp/config/couchdb.admin.yml': content => template('site_webapp/couchdb.admin.yml.erb'), - owner => leap-webapp, - group => leap-webapp, + owner => 'root', + group => 'root', mode => '0600', require => Vcsrepo['/srv/leap/webapp']; '/srv/leap/webapp/log': ensure => directory, - owner => leap-webapp, - group => leap-webapp, + owner => 'leap-webapp', + group => 'leap-webapp', mode => '0755', require => Vcsrepo['/srv/leap/webapp']; '/srv/leap/webapp/log/production.log': ensure => present, - owner => leap-webapp, - group => leap-webapp, + owner => 'leap-webapp', + group => 'leap-webapp', mode => '0666', require => Vcsrepo['/srv/leap/webapp']; } |