ansible-roles/roles/openxpki/templates/perms.sh.j2

#!/bin/bash

chown -R {{ pki_user }}:{{ pki_user }} {{ pki_root_dir }}/etc/ssl
chmod 700 {{ pki_root_dir }}/etc/ssl
# The root key is not used by OpenXPKI itself, protect it
chown root:root {{ pki_root_dir }}/etc/ssl/root/signer-key-1.pem
# Restrict access to the different keys
chmod 600 {{ pki_root_dir }}/etc/ssl/*/*key*.pem
Update to 2021-12-01 19:13 2021-12-01 19:13:34 +01:00			`#!/bin/bash`

			`chown -R {{ pki_user }}:{{ pki_user }} {{ pki_root_dir }}/etc/ssl`
			`chmod 700 {{ pki_root_dir }}/etc/ssl`
			`# The root key is not used by OpenXPKI itself, protect it`
			`chown root:root {{ pki_root_dir }}/etc/ssl/root/signer-key-1.pem`
			`# Restrict access to the different keys`
			`chmod 600 {{ pki_root_dir }}/etc/ssl//key*.pem`