From 57f7a15b51975052a587572a6a08ba88d52af3ef Mon Sep 17 00:00:00 2001
From: schurzi <Martin.Schurz@t-systems.com>
Date: Mon, 24 Aug 2020 11:22:33 +0200
Subject: [PATCH] imove chmod to end because of generated files (#31)

Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>
---
 tasks/main.yml | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/tasks/main.yml b/tasks/main.yml
index aab3cc1..e0b0604 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -1,12 +1,4 @@
 ---
-- name: config should not be worldwide read- or writeable
-  file:
-    path: "/etc/nginx"
-    mode: "o-rw"
-    owner: "root"
-    group: "root"
-    recurse: true
-
 - name: create additional configuration
   template:
     src: "hardening.conf.j2"
@@ -97,3 +89,11 @@
   args:
     creates: "/etc/nginx/dh{{ nginx_dh_size }}.pem"
   notify: restart nginx
+
+- name: config should not be worldwide read- or writeable
+  file:
+    path: "/etc/nginx"
+    mode: "o-rw"
+    owner: "root"
+    group: "root"
+    recurse: true
\ No newline at end of file