make certs for push-docker role more restricted access

Signed-off-by: Adam Miller <admiller@redhat.com>
author: Adam Miller <admiller@redhat.com> 2017-03-30 21:31:36 +0000
committer: Adam Miller <admiller@redhat.com> 2017-03-30 21:31:36 +0000
commit: a6f01974603f0a3ef1ffa435077979daa86557f5 (patch)
tree: e6adbbc6ddce42bb478f92aa8b8facdc35c2715f /roles/push-docker/tasks
parent: a69c10f94a3391f7599976e84b73d570720b9a29 (diff)
download: ansible-a6f01974603f0a3ef1ffa435077979daa86557f5.tar.gz
ansible-a6f01974603f0a3ef1ffa435077979daa86557f5.tar.xz
ansible-a6f01974603f0a3ef1ffa435077979daa86557f5.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/roles/push-docker/tasks/main.yml b/roles/push-docker/tasks/main.yml
index 9baad7f16..ed7025337 100644
--- a/roles/push-docker/tasks/main.yml
+++ b/roles/push-docker/tasks/main.yml
@@ -13,11 +13,15 @@
   copy:
     src: "{{private}}/files/koji/{{docker_cert_name}}.cert.pem"
     dest: "{{docker_cert_dir}}/client.cert"
+    owner: root
+    mode: 0600
 
 - name: install docker client key for registry
   copy:
     src: "{{private}}/files/koji/{{docker_cert_name}}.key.pem"
     dest: "{{docker_cert_dir}}/client.key"
+    owner: root
+    mode: 0600
 
 - name: start and enable docker
   service: name=docker state=started enabled=yes
author	Adam Miller <admiller@redhat.com>	2017-03-30 21:31:36 +0000
committer	Adam Miller <admiller@redhat.com>	2017-03-30 21:31:36 +0000
commit	a6f01974603f0a3ef1ffa435077979daa86557f5 (patch)
tree	e6adbbc6ddce42bb478f92aa8b8facdc35c2715f /roles/push-docker/tasks
parent	a69c10f94a3391f7599976e84b73d570720b9a29 (diff)
download	ansible-a6f01974603f0a3ef1ffa435077979daa86557f5.tar.gz ansible-a6f01974603f0a3ef1ffa435077979daa86557f5.tar.xz ansible-a6f01974603f0a3ef1ffa435077979daa86557f5.zip