Change mode with leading 0, but still as String

2017-03-23 16:59:43 +01:00 · 2017-03-23 16:59:43 +01:00 · 294cea44e8
parent 5efb9b04e1
commit 294cea44e8
43 changed files with 78 additions and 78 deletions
--- a/admin-users/tasks/adduser_debian.yml
+++ b/admin-users/tasks/adduser_debian.yml
@ -32,7 +32,7 @@
 - name: Fix perms on homedirectory for '{{ user.name }}'
  file:
   name: '/home/{{ user.name }}'
-   mode: "700"
+   mode: "0700"
   state: directory
 - name: is evomaintenance installed?
@ -54,7 +54,7 @@
  file:
    dest: '/home/{{ user.name }}/.ssh/'
    state: directory
-    mode: "700"
+    mode: "0700"
    owner: '{{ user.name }}'
    group: '{{ user.name }}'
@ -126,7 +126,7 @@
 - name: Verify Evolinux sudoers file permissions
  file:
    path: /etc/sudoers.d/evolinux
-    mode: "440"
+    mode: "0440"
    state: file
 - name: Add user in sudoers file for '{{ user.name }}'
--- a/apt-repositories/tasks/backports.yml
+++ b/apt-repositories/tasks/backports.yml
@ -6,7 +6,7 @@
    dest: /etc/apt/sources.list.d/backports.list
    force: yes
    backup: yes
-    mode: "640"
+    mode: "0640"
  notify: apt update
 - name: Backports configuration
@ -15,7 +15,7 @@
    dest: /etc/apt/preferences.d/backports
    force: yes
    backup: yes
-    mode: "640"
+    mode: "0640"
  notify: apt update
 - meta: flush_handlers
--- a/drbd-utils/tasks/munin.yml
+++ b/drbd-utils/tasks/munin.yml
@ -12,7 +12,7 @@
  copy:
    src: munin/drbd-plugin
    dest: /etc/munin/plugins/drbd
-    mode: "755"
+    mode: "0755"
  when: munin_plugins_dir.stat.exists
  notify: restart munin-node
--- a/drbd-utils/tasks/nagios.yml
+++ b/drbd-utils/tasks/nagios.yml
@ -29,5 +29,5 @@
  copy:
    src: "nagios/check_drbd"
    dest: "/usr/local/lib/nagios/plugins/check_drbd"
-    mode: "755"
+    mode: "0755"
  when: nagios_plugins_dir.stat.exists
--- a/elasticsearch/tasks/tmpdir.yml
+++ b/elasticsearch/tasks/tmpdir.yml
@ -14,7 +14,7 @@
      path: "{{ elasticsearch_custom_tmpdir or elasticsearch_default_tmpdir | mandatory }}"
      owner: elasticsearch
      group: elasticsearch
-      mode: "755"
+      mode: "0755"
      state: directory
    tags:
      - elasticsearch
--- a/etc-git/tasks/main.yml
+++ b/etc-git/tasks/main.yml
@ -30,7 +30,7 @@
  file:
    path: /etc/.git
    owner: root
-    mode: "700"
+    mode: "0700"
    state: directory
 - name: /etc/.gitignore is present
@ -38,7 +38,7 @@
    src: gitignore
    dest: /etc/.gitignore
    owner: root
-    mode: "600"
+    mode: "0600"
 - name: does /etc/ have any commit?
  command: "git log"
--- a/evoacme/tasks/acme.yml
+++ b/evoacme/tasks/acme.yml
@ -16,7 +16,7 @@
 - name: Fix crt dir's right
  file:
    path: "{{ evoacme_crt_dir }}"
-    mode: "755"
+    mode: "0755"
    owner: acme
    group: acme
    state: directory
@ -24,7 +24,7 @@
 - name: Fix log dir's right
  file:
    path: "{{ evoacme_log_dir }}"
-    mode: "755"
+    mode: "0755"
    owner: acme
    group: acme
    state: directory
@ -32,7 +32,7 @@
 - name: Fix challenge dir's right
  file:
    path: "{{ evoacme_acme_dir }}"
-    mode: "755"
+    mode: "0755"
    owner: acme
    group: acme
    state: directory
--- a/evoacme/tasks/apache.yml
+++ b/evoacme/tasks/apache.yml
@ -12,7 +12,7 @@
    dest: /etc/apache2/conf-available/letsencrypt.conf
    owner: root
    group: root
-    mode: "644"
+    mode: "0644"
  notify: reload apache2
 - name: Enable acme challenge conf
--- a/evoacme/tasks/certbot.yml
+++ b/evoacme/tasks/certbot.yml
@ -92,13 +92,13 @@
      content: |
        #!/bin/sh
        sudo /opt/certbot/certbot-auto $@
-      mode: "755"
+      mode: "0755"
  - name: Add sudo right for source install
    copy:
      src: files/sudoers
      dest: /etc/sudoers.d/certbot
-      mode: "440"
+      mode: "0440"
      validate: '/usr/sbin/visudo -cf %s'
  when: evoacme_certbot_release is undefined
@ -111,4 +111,4 @@
  copy:
    src: certbot.cron
    dest: /etc/cron.daily/certbot
-    mode: "755"
+    mode: "0755"
--- a/evoacme/tasks/conf.yml
+++ b/evoacme/tasks/conf.yml
@ -30,4 +30,4 @@
    dest: /etc/default/evoacme
    owner: root
    group: root
-    mode: "644"
+    mode: "0644"
--- a/evoacme/tasks/nginx.yml
+++ b/evoacme/tasks/nginx.yml
@ -4,4 +4,4 @@
    dest: /etc/nginx/letsencrypt.conf
    owner: root
    group: root
-    mode: "644"
+    mode: "0644"
--- a/evoacme/tasks/scripts.yml
+++ b/evoacme/tasks/scripts.yml
@ -5,7 +5,7 @@
    state: directory
    owner: root
    group: root
-    mode: "755"
+    mode: "0755"
 - name: Copy make-csr.sh script
  copy:
@ -13,7 +13,7 @@
    dest: /usr/local/bin/make-csr
    owner: root
    group: root
-    mode: "755"
+    mode: "0755"
 - name: Copy evoacme script
  copy:
@ -21,4 +21,4 @@
    dest: /usr/local/bin/evoacme
    owner: root
    group: root
-    mode: "755"
+    mode: "0755"
--- a/evolinux-base/tasks/apt.yml
+++ b/evolinux-base/tasks/apt.yml
@ -6,7 +6,7 @@
    line: "{{ item }}"
    create: yes
    state: present
-    mode: "640"
+    mode: "0640"
  with_items:
  - "APT::Install-Recommends \"0\";"
  - "APT::Install-Suggests \"0\";"
@ -18,7 +18,7 @@
    line: "{{ item }}"
    create: yes
    state: present
-    mode: "640"
+    mode: "0640"
  with_items:
  - "DPkg::Pre-Invoke { \"mount -oremount,exec /tmp && mount -oremount,rw /usr || true\"; };"
  - "DPkg::Post-Invoke { \"mount -oremount /tmp && mount -oremount /usr || exit 0\"; };"
@ -57,7 +57,7 @@
    dest: /etc/apt/sources.list.d/evolix_public.list
    force: yes
    backup: yes
-    mode: "640"
+    mode: "0640"
  when: evolinux_apt_public_sources
 - name: Remove Aptitude
--- a/evolinux-base/tasks/default_www.yml
+++ b/evolinux-base/tasks/default_www.yml
@ -40,7 +40,7 @@
      path: /etc/ssl/private/{{ ansible_fqdn }}.key
      owner: root
      group: ssl-cert
-      mode: "640"
+      mode: "0640"
  - name: Create certificate for default site
    command: openssl x509 -req -days 3650 -sha256 -in /etc/ssl/{{ ansible_fqdn }}.csr -signkey /etc/ssl/private/{{ ansible_fqdn }}.key -out /etc/ssl/certs/{{ ansible_fqdn }}.crt
@ -62,7 +62,7 @@
    template:
      src: default_www/nginx_default_site.j2
      dest: /etc/nginx/sites-available/000-default
-      mode: "640"
+      mode: "0640"
      # force: yes
    notify: reload nginx
    tags:
@ -95,7 +95,7 @@
    template:
      src: default_www/apache_default_site.j2
      dest: /etc/apache2/sites-available/000-default
-      mode: "640"
+      mode: "0640"
      # force: yes
    notify: reload apache
    tags:
--- a/evolinux-base/tasks/hardware.yml
+++ b/evolinux-base/tasks/hardware.yml
@ -43,7 +43,7 @@
    template:
      src: hardware/cciss-vol-statusd.j2
      dest: /etc/init.d/cciss-vol-statusd
-      mode: "755"
+      mode: "0755"
  - name: Enable HP hardware in systemd
    service:
@ -70,7 +70,7 @@
    template:
      src: hardware/megaclisas-statusd.j2
      dest: /etc/default/megaclisas-statusd
-      mode: "755"
+      mode: "0755"
  - name: Enable DELL/LSI hardware in systemd
    service:
--- a/evolinux-base/tasks/logs.yml
+++ b/evolinux-base/tasks/logs.yml
@ -6,7 +6,7 @@
  copy:
    src: logs/rsyslog.conf
    dest: /etc/rsyslog.conf
-    mode: "644"
+    mode: "0644"
  notify: restart rsyslog
  when: evolinux_logs_rsyslog_conf
--- a/evolinux-base/tasks/root.yml
+++ b/evolinux-base/tasks/root.yml
@ -4,7 +4,7 @@
  file:
    path: /root
    state: directory
-    mode: "700"
+    mode: "0700"
  when: evolinux_root_chmod
 - name: "Customize root's bashrc..."
--- a/evolinux-base/tasks/system.yml
+++ b/evolinux-base/tasks/system.yml
@ -119,7 +119,7 @@
    src: system/init_alert5.j2
    dest: /etc/init.d/alert5
    force: no
-    mode: "755"
+    mode: "0755"
  when: evolinux_system_alert5_init
--- a/fail2ban/tasks/main.yml
+++ b/fail2ban/tasks/main.yml
@ -10,7 +10,7 @@
  copy:
    src: "{{ item }}"
    dest: /etc/fail2ban/filter.d/
-    mode: "644"
+    mode: "0644"
  with_items:
    - dovecot-evolix.conf
    - sasl-evolix.conf
@ -20,5 +20,5 @@
  template:
    src: jail.local.j2
    dest: /etc/fail2ban/jail.local
-    mode: "644"
+    mode: "0644"
  notify: restart fail2ban
--- a/kibana/tasks/main.yml
+++ b/kibana/tasks/main.yml
@ -18,6 +18,6 @@
  copy:
    src: logrotate
    dest: /etc/logrotate.d/kibana
-    mode: "644"
+    mode: "0644"
    owner: root
    group: root
--- a/kvm-host/tasks/munin.yml
+++ b/kvm-host/tasks/munin.yml
@ -4,7 +4,7 @@
  get_url:
    url: "https://raw.githubusercontent.com/munin-monitoring/contrib/master/plugins/virtualization/{{ item }}"
    dest: "/etc/munin/plugins/"
-    mode: "755"
+    mode: "0755"
  with_items:
  - kvm_cpu
  - kvm_io
--- a/listupgrade/tasks/main.yml
+++ b/listupgrade/tasks/main.yml
@ -3,13 +3,13 @@
  file:
    path: "/usr/share/scripts"
    state: directory
-    mode: "700"
+    mode: "0700"
 - name: Copy listupgrade script
  template:
    src: listupgrade.sh.j2
    dest: "/usr/share/scripts/listupgrade.sh"
-    mode: "700"
+    mode: "0700"
    owner: root
    group: root
    force: yes
@ -19,13 +19,13 @@
  file:
    path: /etc/evolinux
    state: directory
-    mode: "600"
+    mode: "0600"
 - name: Copy listupgrade config
  template:
    src: listupgrade.cnf.j2
    dest: /etc/evolinux/listupgrade.cnf
-    mode: "600"
+    mode: "0600"
    owner: root
    group: root
    force: no
@ -34,6 +34,6 @@
  template:
    src: listupgrade_cron.j2
    dest: /etc/cron.d/listupgrade
-    mode: "600"
+    mode: "0600"
    owner: root
    group: root
--- a/monit/tasks/main.yml
+++ b/monit/tasks/main.yml
@ -12,7 +12,7 @@
  template:
    src: evolinux-defaults.conf.j2
    dest: /etc/monit/conf.d/z-evolinux-defaults.conf
-    mode: "640"
+    mode: "0640"
    force: yes
  notify: restart monit
  tags:
--- a/mysql/tasks/config.yml
+++ b/mysql/tasks/config.yml
@ -5,7 +5,7 @@
    dest: /etc/mysql/conf.d/z-evolinux-defaults.cnf
    owner: root
    group: root
-    mode: "644"
+    mode: "0644"
    force: yes
  tags:
    - mysql
@ -16,7 +16,7 @@
    dest: /etc/mysql/conf.d/zzz-evolinux-custom.cnf
    owner: root
    group: root
-    mode: "640"
+    mode: "0640"
    force: no
  tags:
    - mysql
--- a/mysql/tasks/log2mail.yml
+++ b/mysql/tasks/log2mail.yml
@ -14,7 +14,7 @@
  template:
    src: log2mail.j2
    dest: /etc/log2mail/config/mysql.conf
-    mode: "640"
+    mode: "0640"
  when: log2mail_config_dir.stat.exists
  tags:
    - mysql
--- a/mysql/tasks/tmpdir.yml
+++ b/mysql/tasks/tmpdir.yml
@ -6,7 +6,7 @@
      path: "{{ mysql_custom_tmpdir }}"
      owner: mysql
      group: mysql
-      mode: "700"
+      mode: "0700"
      state: directory
    tags:
      - mysql
--- a/mysql/tasks/users.yml
+++ b/mysql/tasks/users.yml
@ -42,7 +42,7 @@
 - name: mysqladmin is the default user
  ini_file:
    dest: /root/.my.cnf
-    mode: "600"
+    mode: "0600"
    section: client
    option: '{{ item.option }}'
    value: '{{ item.value }}'
--- a/mysql/tasks/utils.yml
+++ b/mysql/tasks/utils.yml
@ -22,7 +22,7 @@
  template:
    src: mytop.j2
    dest: /root/.mytop
-    mode: "600"
+    mode: "0600"
    force: yes
  tags:
    - mytop
@ -34,7 +34,7 @@
  copy:
    src: mysqltuner.pl
    dest: "{{ mysql_scripts_dir or general_scripts_dir | mandatory }}/mysqltuner.pl"
-    mode: "700"
+    mode: "0700"
  tags:
    - mysql
    - mysqltuner
@ -51,7 +51,7 @@
  copy:
    src: mysql-optimize.sh
    dest: "{{ mysql_scripts_dir or general_scripts_dir | mandatory }}/mysql-optimize.sh"
-    mode: "700"
+    mode: "0700"
  tags:
    - mysql
@ -84,7 +84,7 @@
 - name: Ensure /usr/share/scripts exists
  file:
    dest: /usr/share/scripts
-    mode: "700"
+    mode: "0700"
    state: directory
  tags:
    - mysql
@ -93,6 +93,6 @@
  copy:
    src: my-add.sh
    dest: "{{ mysql_scripts_dir or general_scripts_dir | mandatory }}/my-add.sh"
-    mode: "700"
+    mode: "0700"
  tags:
    - mysql
--- a/nginx/tasks/main.yml
+++ b/nginx/tasks/main.yml
@ -33,7 +33,7 @@
  copy:
    src: nginx/evolinux-defaults.conf
    dest: /etc/nginx/conf.d/z-evolinux-defaults.conf
-    mode: "640"
+    mode: "0640"
    # force: yes
  notify: reload nginx
  tags:
@ -49,8 +49,8 @@
    dest: /etc/nginx/snippets/private_ipaddr_whitelist
    owner: www-data
    group: www-data
-    directory_mode: "640"
+    directory_mode: "0640"
-    mode: "640"
+    mode: "0640"
    force: no
  notify: reload nginx
  tags:
@ -82,8 +82,8 @@
    dest: /etc/nginx/snippets/private_htpasswd
    owner: www-data
    group: www-data
-    directory_mode: "640"
+    directory_mode: "0640"
-    mode: "640"
+    mode: "0640"
    force: no
  notify: reload nginx
  tags:
--- a/nginx/tasks/munin_graphs.yml
+++ b/nginx/tasks/munin_graphs.yml
@ -4,7 +4,7 @@
  copy:
    src: munin/evolinux.nginx
    dest: /etc/munin/plugin-conf.d/
-    mode: "644"
+    mode: "0644"
  notify: restart munin
 - name: Enable Munin plugins for Nginx
--- a/nginx/tasks/munin_vhost.yml
+++ b/nginx/tasks/munin_vhost.yml
@ -26,7 +26,7 @@
  copy:
    src: init.d/spawn-fcgi-munin-graph
    dest: /etc/init.d/
-    mode: "755"
+    mode: "0755"
  register: install_spawn_fcgi_munin_graph
 - name: Reload systemd
--- a/postfix/tasks/main.yml
+++ b/postfix/tasks/main.yml
@ -19,7 +19,7 @@
    dest: /etc/postfix/main.cf
    owner: root
    group: root
-    mode: "644"
+    mode: "0644"
    force: yes
  when: default_main_cf.stdout == "5450c05d65878e99dad696c7c722e511  -"
  notify: restart postfix
--- a/postgresql/tasks/config.yml
+++ b/postgresql/tasks/config.yml
@ -11,7 +11,7 @@
    state: directory
    owner: postgres
    group: postgres
-    mode: "755"
+    mode: "0755"
 - name: Copy PostgreSQL config file
  template:
@ -19,5 +19,5 @@
    dest: /etc/postgresql/9.4/main/conf.d/evolinux.conf
    owner: postgres
    group: postgres
-    mode: "644"
+    mode: "0644"
  notify: restart postgresql
--- a/proftpd/tasks/main.yml
+++ b/proftpd/tasks/main.yml
@ -19,7 +19,7 @@
  template:
    src: evolinux.conf.j2
    dest: /etc/proftpd/conf.d/z-evolinux.conf
-    mode: "644"
+    mode: "0644"
  notify: restart proftpd
  tags:
  - proftpd
--- a/rabbitmq/tasks/main.yml
+++ b/rabbitmq/tasks/main.yml
@ -11,7 +11,7 @@
    dest: /etc/rabbitmq/rabbitmq-env.conf
    owner: rabbitmq
    group: rabbitmq
-    mode: "600"
+    mode: "0600"
    force: no
 - name: Create rabbitmq.config
@ -20,7 +20,7 @@
    dest: /etc/rabbitmq/rabbitmq.config
    owner: rabbitmq
    group: rabbitmq
-    mode: "600"
+    mode: "0600"
    force: no
 - name: Adjust ulimit
--- a/redis/tasks/main.yml
+++ b/redis/tasks/main.yml
@ -11,7 +11,7 @@
  template:
    src: redis.conf.j2
    dest: "{{ redis_conf_path }}"
-    mode: "644"
+    mode: "0644"
  notify: restart redis
  tags:
  - redis
--- a/squid/tasks/log2mail.yml
+++ b/squid/tasks/log2mail.yml
@ -12,7 +12,7 @@
    template:
      src: log2mail.j2
      dest: /etc/log2mail/config/squid.conf
-      mode: "640"
+      mode: "0640"
      owner: log2mail
      group: adm
    notify: restart log2mail
--- a/tomcat-instance/tasks/alias.yml
+++ b/tomcat-instance/tasks/alias.yml
@ -3,7 +3,7 @@
  file:
    path: "{{ tomcat_instance_root }}/{{ tomcat_instance_name }}/bin"
    state: directory
-    mode: "770"
+    mode: "0770"
    owner: "{{ tomcat_instance_name }}"
    group: "{{ tomcat_instance_name }}"
@ -11,7 +11,7 @@
  template:
    src: "{{ item }}"
    dest: "{{ tomcat_instance_root }}/{{ tomcat_instance_name }}/bin/"
-    mode: "770"
+    mode: "0770"
    owner: "{{ tomcat_instance_name }}"
    group: "{{ tomcat_instance_name }}"
  with_fileglob:
--- a/tomcat-instance/tasks/bootstrap.yml
+++ b/tomcat-instance/tasks/bootstrap.yml
@ -18,7 +18,7 @@
  template:
    src: 'templates/server.xml.j2'
    dest: "{{ tomcat_instance_root }}/{{ tomcat_instance_name }}/conf/server.xml"
-    mode: "660"
+    mode: "0660"
    owner: "{{ tomcat_instance_name }}"
    group: "{{ tomcat_instance_name }}"
    force: no
@ -32,7 +32,7 @@
  template:
    src: 'templates/env.j2'
    dest: "{{ tomcat_instance_root }}/{{ tomcat_instance_name }}/conf/env"
-    mode: "660"
+    mode: "0660"
    owner: "{{ tomcat_instance_name }}"
    group: "{{ tomcat_instance_name }}"
    force: no
--- a/tomcat-instance/tasks/systemd.yml
+++ b/tomcat-instance/tasks/systemd.yml
@ -7,6 +7,6 @@
  lineinfile:
    dest: "{{ tomcat_instance_root }}/{{ tomcat_instance_name }}/.profile"
    state: present
-    mode: "640"
+    mode: "0640"
    create: yes
    line: 'export XDG_RUNTIME_DIR=/run/user/$UID'
--- a/tomcat-instance/tasks/tomcat.yml
+++ b/tomcat-instance/tasks/tomcat.yml
@ -14,11 +14,11 @@
    state: directory
    owner: 'root'
    group: 'root'
-    mode: "755"
+    mode: "0755"
 - name: Copy systemd unit
  copy:
    src: 'files/tomcat.service'
    dest: "/etc/systemd/user/tomcat.service"
-    mode: "755"
+    mode: "0755"
  notify: systemd reload
--- a/tomcat-instance/tasks/user.yml
+++ b/tomcat-instance/tasks/user.yml
@ -31,7 +31,7 @@
  lineinfile:
    dest: '/etc/sudoers.d/tomcat'
    state: present
-    mode: "440"
+    mode: "0440"
    create: yes
    line: "%{{ tomcat_instance_name }} ALL = ({{ tomcat_instance_name }}) SETENV: ALL"
    validate: 'visudo -cf %s'
@ -40,7 +40,7 @@
  lineinfile:
    dest: '/etc/sudoers.d/tomcat'
    state: present
-    mode: "440"
+    mode: "0440"
    create: yes
    line: "{{ tomcat_instance_deploy_user }} ALL = ({{ tomcat_instance_name }}) NOPASSWD: SETENV: ALL"
    validate: 'visudo -cf %s'
--- a/varnish/tasks/main.yml
+++ b/varnish/tasks/main.yml
@ -14,7 +14,7 @@
  copy:
    src: "reload-vcl.sh"
    dest: "/etc/varnish/reload-vcl.sh"
-    mode: "700"
+    mode: "0700"
    owner: root
    group: root