From 948c4111069f2d7689eeb23d261b1062bcd38bd0 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 30 Dec 2021 10:47:06 +0200 Subject: [PATCH] Remove sudo requirement for generating SSL certificates Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1492 --- .../ssl/setup_ssl_self_signed_obtain_for_domain.yml | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed_obtain_for_domain.yml b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed_obtain_for_domain.yml index aea17cc0..ff7fa2d8 100644 --- a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed_obtain_for_domain.yml +++ b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed_obtain_for_domain.yml @@ -37,6 +37,13 @@ -keyout {{ matrix_ssl_certificate_cert_key_path }} \ -out {{ matrix_ssl_certificate_cert_path }} \ -days 3650 - become: true - become_user: "{{ matrix_user_username }}" when: "not matrix_ssl_certificate_cert_path_stat_result.stat.exists" + +- name: Adjust SSL certificate file ownership + file: + path: "{{ item }}" + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + with_items: + - "{{ matrix_ssl_certificate_cert_key_path }}" + - "{{ matrix_ssl_certificate_cert_path }}"