From 7e2770f6704b7e0d1f1c9cb14a8e898471785e5f Mon Sep 17 00:00:00 2001
From: "James E. Blair" <jim@acmegating.com>
Date: Thu, 4 Apr 2024 17:22:09 -0700
Subject: [PATCH] Restrict permissions on mariadb compose file

This file has passwords templated in, so make it root-only.

Change-Id: I7fa438acfa91be9794d505dc7bf0d88af6bb25c9
---
 playbooks/roles/mariadb/tasks/main.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/playbooks/roles/mariadb/tasks/main.yaml b/playbooks/roles/mariadb/tasks/main.yaml
index 142be28de3..80d8b075cd 100644
--- a/playbooks/roles/mariadb/tasks/main.yaml
+++ b/playbooks/roles/mariadb/tasks/main.yaml
@@ -8,7 +8,7 @@
   template:
     src: docker-compose.yaml.j2
     dest: /etc/mariadb-compose/docker-compose.yaml
-    mode: 0644
+    mode: 0600
 
 - name: Ensure database volume exists
   file: