Fix permissions of sensitive files in docker-compose installation

2026-01-11 10:00:01 -03:30 · 2019-03-27 09:31:10 -04:00 · 2019-03-27 09:31:10 -04:00 · a6d031f46f
commit a6d031f46f
parent 2129f12085
1 changed files with 4 additions and 0 deletions
--- a/installer/roles/local_docker/tasks/compose.yml
+++ b/installer/roles/local_docker/tasks/compose.yml
@ -8,22 +8,26 @@
  template:
    src: docker-compose.yml.j2
    dest: "{{ docker_compose_dir }}/docker-compose.yml"
+    mode: 0600
  register: awx_compose_config

 - name: Render secrets file
  template:
    src: environment.sh.j2
    dest: "{{ docker_compose_dir }}/environment.sh"
+    mode: 0600

 - name: Render application credentials
  template:
    src: credentials.py.j2
    dest: "{{ docker_compose_dir }}/credentials.py"
+    mode: 0600

 - name: Render SECRET_KEY file
  copy:
    content: "{{ secret_key }}"
    dest: "{{ docker_compose_dir }}/SECRET_KEY"
+    mode: 0600

 - name: Start the containers
  docker_service: