From 3f3d1b27a8c862a3a5bd371d178e3a54df7e4bb0 Mon Sep 17 00:00:00 2001 From: Martin Schurz Date: Mon, 24 Aug 2020 10:59:25 +0200 Subject: [PATCH] move chmod to end, because of generated files Signed-off-by: Martin Schurz --- tasks/main.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/tasks/main.yml b/tasks/main.yml index aab3cc1..e0b0604 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,12 +1,4 @@ --- -- name: config should not be worldwide read- or writeable - file: - path: "/etc/nginx" - mode: "o-rw" - owner: "root" - group: "root" - recurse: true - - name: create additional configuration template: src: "hardening.conf.j2" @@ -97,3 +89,11 @@ args: creates: "/etc/nginx/dh{{ nginx_dh_size }}.pem" notify: restart nginx + +- name: config should not be worldwide read- or writeable + file: + path: "/etc/nginx" + mode: "o-rw" + owner: "root" + group: "root" + recurse: true \ No newline at end of file