evolix/ansible-roles
22
2
Fork 2
Code Issues 61 Pull requests 19 Releases 33 Wiki Activity

redis: Don't set the owner of /var/{lib,log}/redis to a redis instance account

Browse source
This commit is contained in:
Ludovic Poujol 2018-12-17 14:43:42 +01:00
parent f46f5ccbde
commit fa49f249e7
2 changed files with 12 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
CHANGELOG.md
View file

@ -18,6 +18,7 @@ The **patch** part changes incrementally at each release.
### Fixed ### Fixed
* nginx: Munin url config is now a template to insert the server-status prefix * nginx: Munin url config is now a template to insert the server-status prefix
* redis: In instance mode, ensure to replace the nrpe check_redis with the instance check script * redis: In instance mode, ensure to replace the nrpe check_redis with the instance check script
* redis: Don't set the owner of /var/{lib,log}/redis to a redis instance account
* nagios-nrpe: check_process now return the error code (making the check more usefull than /bin/true) * nagios-nrpe: check_process now return the error code (making the check more usefull than /bin/true)
### Security ### Security

13
redis/tasks/instances.yml
View file

@ -52,6 +52,17 @@
tags: tags:
- redis - redis
- name: Ensure redis base folders will be accessible for all instances
file:
dest: "{{ item }}"
state: directory
mode: "0755"
owner: "redis"
group: "redis"
with_items:
- "/var/lib/redis"
- "/var/log/redis"
- name: Instances directories are present - name: Instances directories are present
file: file:
dest: "{{ item }}" dest: "{{ item }}"
@ -60,9 +71,7 @@
owner: "redis-{{ redis_instance_name }}" owner: "redis-{{ redis_instance_name }}"
group: "redis-{{ redis_instance_name }}" group: "redis-{{ redis_instance_name }}"
with_items: with_items:
- "/var/lib/redis"
- "{{ redis_dbdir }}" - "{{ redis_dbdir }}"
- "/var/log/redis"
- "{{ redis_logfile | dirname }}" - "{{ redis_logfile | dirname }}"
tags: tags:
- redis - redis