From b0efecdd53eb89744c52dbb33d8cb0f82fd72db0 Mon Sep 17 00:00:00 2001
From: Gabriel Augendre <gabriel@augendre.info>
Date: Fri, 11 Oct 2024 19:17:28 +0200
Subject: [PATCH] restrict permissions on docker template files

---
 roles/docker/tasks/main.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/docker/tasks/main.yaml b/roles/docker/tasks/main.yaml
index e6dd85c..20474b8 100644
--- a/roles/docker/tasks/main.yaml
+++ b/roles/docker/tasks/main.yaml
@@ -18,7 +18,7 @@
   ansible.builtin.template:
     src: "{{ item }}"
     dest: "{{ docker_dir }}/{{ item | basename | regex_replace('\\.j2$', '') }}"
-    mode: preserve
+    mode: "0600"
   with_fileglob:
     - templates/{{ docker_app_name }}/*.j2
     - templates/{{ docker_app_name }}/.*.j2