stabify/infrastructure
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

modified: ../../setup_vault_secrets.sh

Browse Source
This commit is contained in:
Nick Adam
2026-01-20 12:39:00 +01:00
parent bfaf52d980
commit 908cac0022
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
infrastructure/ansible/deploy_logic_push.yml
View File

@@ -115,13 +115,13 @@
compress: yes
rsync_opts:
- "--chmod=Du=rwx,Dgo=rx,Fu=rw,Fgo=r" # directory_mode='0755', mode='0644'
- "--rsync-path=sudo rsync" # Nutze sudo auf Remote-Host für Schreibrechte
# Für Vault: Exkludiere Container-verwaltete Verzeichnisse
- "--exclude=file/" # Vault-Daten (werden vom Container verwaltet)
- "--exclude=logs/" # Vault-Logs (werden vom Container verwaltet)
- "--exclude=certs/" # Vault-Zertifikate (werden vom Container generiert)
delegate_to: localhost # rsync läuft von localhost (Source) zu remote (Destination)
become: true # Benötigt sudo für Schreibrechte in /opt/vault/
become_user: root
become: false # Kein sudo auf localhost, sondern auf Remote-Host via --rsync-path
register: file_sync_result
# 7. Docker Compose Deployment