From b76bf2fb642e2351b4492fe4d981f5ff623d9658 Mon Sep 17 00:00:00 2001
From: Jelle van der Waa <jelle@archlinux.org>
Date: Thu, 1 Oct 2020 20:45:41 +0200
Subject: [PATCH] Fix archweb vassal permissions and owner/group

---
 roles/archweb/tasks/main.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/archweb/tasks/main.yml b/roles/archweb/tasks/main.yml
index ec0aba9be..7e0154334 100644
--- a/roles/archweb/tasks/main.yml
+++ b/roles/archweb/tasks/main.yml
@@ -259,11 +259,11 @@
   when: archweb_donor_import|bool
 
 - name: deploy archweb
-  template: src=archweb.ini.j2 dest=/etc/uwsgi/vassals/archweb.ini owner=archweb group=http mode=0644
+  template: src=archweb.ini.j2 dest=/etc/uwsgi/vassals/archweb.ini owner=archweb group=http mode=0640
   when: archweb_site|bool
 
 - name: deploy new release
-  file: path=/etc/uwsgi/vassals/archweb.ini state=touch owner=root group=root mode=0644
+  file: path=/etc/uwsgi/vassals/archweb.ini state=touch owner=archweb group=http mode=0640
   when: archweb_site and (release.changed or config.changed or virtualenv.changed or archweb_forced_deploy)
   notify: restart archweb memcached
 
-- 
GitLab