From 57edf2947862bf73afd8df1162ed031af82ce35e Mon Sep 17 00:00:00 2001 From: Dmitry Tantsur Date: Thu, 27 Aug 2020 17:38:07 +0200 Subject: [PATCH] Make /var/lib/ironic/{,images,master_images} readable by nginx These directories contain images that are symlinked to /httpboot and have to be readable by the web server. We haven't had any problems with it only because the direct deploy does not use /var/lib/ironic with HTTP images. Change-Id: Idbcc7ed583234ba5d8fd48913146e288e1096bdf --- playbooks/roles/bifrost-ironic-install/tasks/bootstrap.yml | 2 +- releasenotes/notes/images-permissions-2042490e3ca13656.yaml | 5 +++++ 2 files changed, 6 insertions(+), 1 deletion(-) create mode 100644 releasenotes/notes/images-permissions-2042490e3ca13656.yaml diff --git a/playbooks/roles/bifrost-ironic-install/tasks/bootstrap.yml b/playbooks/roles/bifrost-ironic-install/tasks/bootstrap.yml index c815ba055..a91886e56 100644 --- a/playbooks/roles/bifrost-ironic-install/tasks/bootstrap.yml +++ b/playbooks/roles/bifrost-ironic-install/tasks/bootstrap.yml @@ -224,7 +224,7 @@ state: directory mode: 0750 owner: "ironic" - group: "ironic" + group: "{{ nginx_user }}" loop: - "/var/lib/ironic" - "/var/lib/ironic/master_images" diff --git a/releasenotes/notes/images-permissions-2042490e3ca13656.yaml b/releasenotes/notes/images-permissions-2042490e3ca13656.yaml new file mode 100644 index 000000000..ef4051e6c --- /dev/null +++ b/releasenotes/notes/images-permissions-2042490e3ca13656.yaml @@ -0,0 +1,5 @@ +--- +fixes: + - | + Makes ``/var/lib/ironic`` and its images subdirectories readable by nginx. + This is required for using the images cache.