Fix log and cert permissions.sunet-ops-2015-03-31-v17

1 files changed, 17 insertions, 1 deletions

diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp
index 5aa1fe7..f6d3ba8 100644
--- a/global/overlay/etc/puppet/manifests/cosmos-site.pp
+++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp
@@ -709,6 +709,10 @@ node 'sto-tug-kvm2.swamid.se' {
        username => 'postgres',
        group    => 'ssl-cert',
    } ->
+   sunet::system_user {'www-data-system-user':
+       username => 'www-data',
+       group    => 'www-data',
+   } ->
    file {'/var/docker/postgresql_data':
        ensure => 'directory',
        owner  => 'postgres',
@@ -721,9 +725,21 @@ node 'sto-tug-kvm2.swamid.se' {
       group  => 'postgres',
       mode   => '1775',
    } ->
+   file {'/var/log/flog_app':
+      ensure => 'directory',
+      owner  => 'root',
+      group  => 'www-data',
+      mode   => '1775',
+   } ->
+   file {'/var/log/flog_cron':
+      ensure => 'directory',
+      owner  => 'root',
+      group  => 'www-data',
+      mode   => '1775',
+   } ->
    sunet::docker_run {'flog_db':
       image    => 'docker.sunet.se/flog/postgresql-9.3',
-      volumes  => ['/opt/flog/postgres/ssl/ssl-cert-snakeoil.pem:/etc/ssl/cert.pem', '/opt/flog/postgres/ssl/ssl-cert-snakeoil.key:/etc/ssl/cert.key', '/var/docker/postgresql_data/:/var/lib/postgresql/','/var/log/flog_db/:/var/log/postgresql/'],
+      volumes  => ['/opt/flog/postgres/ssl:/etc/ssl', '/var/docker/postgresql_data/:/var/lib/postgresql/','/var/log/flog_db/:/var/log/postgresql/'],
    } ->
    sunet::docker_run {'flog_app':
       image    => 'docker.sunet.se/flog/flog_app',