From bc7fc40b34932cc7205cca9dc9fa4d220d062f3c Mon Sep 17 00:00:00 2001
From: Julien Mailleret <julien.mailleret@elastic.co>
Date: Thu, 28 Nov 2019 07:02:33 +0100
Subject: [PATCH] fix files mode syntax From Ansible doc
 (https://docs.ansible.com/ansible/latest/modules/template_module.html#template-module)
 For those used to /usr/bin/chmod remember that modes are actually octal
 numbers. You must either add a leading zero so that Ansible's YAML parser
 knows it is an octal number (like 0644 or 01777) or quote it (like '644' or
 '1777') so Ansible receives a string and can do its own conversion from
 string into number. Giving Ansible a number without following one of these
 rules will end up with a decimal number which will have unexpected results.

---
 tasks/elasticsearch-config.yml   | 18 +++++++++---------
 tasks/elasticsearch-ssl.yml      | 10 +++++-----
 tasks/elasticsearch-template.yml |  2 +-
 3 files changed, 15 insertions(+), 15 deletions(-)

diff --git a/tasks/elasticsearch-config.yml b/tasks/elasticsearch-config.yml
index 0644756..ec81bfa 100644
--- a/tasks/elasticsearch-config.yml
+++ b/tasks/elasticsearch-config.yml
@@ -9,7 +9,7 @@
     state: directory
     owner: root
     group: "{{ es_group }}"
-    mode: 2750
+    mode: "2750"
 
 #Create pid directory
 - name: Create PID Directory
@@ -19,7 +19,7 @@
     state: directory
     owner: "{{ es_user }}"
     group: "{{ es_group }}"
-    mode: 0755
+    mode: "755"
 
 #Create required directories
 - name: Create Others Directories
@@ -29,7 +29,7 @@
     state: directory
     owner: "{{ es_user }}"
     group: "{{ es_group }}"
-    mode: 2750
+    mode: "2750"
   with_items:
     - "{{ es_log_dir }}"
     - "{{ es_data_dirs }}"
@@ -42,7 +42,7 @@
     dest: "{{ es_conf_dir }}/elasticsearch.yml"
     owner: root
     group: "{{ es_group }}"
-    mode: 0660
+    mode: "660"
     force: yes
   register: system_change
   notify: restart elasticsearch
@@ -55,7 +55,7 @@
     dest: "{{ default_file }}"
     owner: root
     group: "{{ es_group }}"
-    mode: 0660
+    mode: "660"
     force: yes
   notify: restart elasticsearch
 
@@ -67,7 +67,7 @@
       file:
         path: "{{ sysd_config_file | dirname }}"
         state: directory
-        mode: 0755
+        mode: "755"
 
     - name: Copy specific ElasticSearch Systemd config file
       ini_file:
@@ -75,7 +75,7 @@
         section: Service
         option: LimitMEMLOCK
         value: infinity
-        mode: 0644
+        mode: "644"
       notify:
        - reload systemd configuration
        - restart elasticsearch
@@ -87,7 +87,7 @@
     dest: "{{ es_conf_dir }}/jvm.options"
     owner: root
     group: "{{ es_group }}"
-    mode: 0660
+    mode: "660"
     force: yes
   notify: restart elasticsearch
 
@@ -98,7 +98,7 @@
     dest: "{{ es_conf_dir }}/log4j2.properties"
     owner: root
     group: "{{ es_group }}"
-    mode: 0660
+    mode: "660"
     force: yes
   notify: restart elasticsearch
   when: es_config_log4j2 != ''
diff --git a/tasks/elasticsearch-ssl.yml b/tasks/elasticsearch-ssl.yml
index b4d2212..70ac7b5 100644
--- a/tasks/elasticsearch-ssl.yml
+++ b/tasks/elasticsearch-ssl.yml
@@ -13,7 +13,7 @@
     state: directory
     owner: root
     group: "{{ es_group }}"
-    mode: 0750
+    mode: "750"
 
 - name: Upload SSL/TLS keystore
   copy:
@@ -21,7 +21,7 @@
     dest: "{{ es_ssl_certificate_path }}/{{ es_ssl_keystore | basename }}"
     owner: "{{ es_user }}"
     group: "{{ es_group }}"
-    mode: 0640
+    mode: "640"
   when: es_ssl_keystore and es_ssl_truststore
   notify: restart elasticsearch
   register: copy_keystore
@@ -32,7 +32,7 @@
     dest: "{{ es_ssl_certificate_path }}/{{ es_ssl_truststore | basename }}"
     owner: "{{ es_user }}"
     group: "{{ es_group }}"
-    mode: 0640
+    mode: "640"
   when: es_ssl_keystore and es_ssl_truststore
   notify: restart elasticsearch
   register: copy_truststore
@@ -43,7 +43,7 @@
     dest: "{{ es_ssl_certificate_path }}/{{ item | basename }}"
     owner: "{{ es_user }}"
     group: "{{ es_group }}"
-    mode: 0640
+    mode: "640"
   with_items:
     - "{{ es_ssl_key }}"
     - "{{ es_ssl_certificate }}"
@@ -58,7 +58,7 @@
     dest: "{{ es_ssl_certificate_path }}/{{ es_ssl_certificate_authority | basename }}"
     owner: "{{ es_user }}"
     group: "{{ es_group }}"
-    mode: 0640
+    mode: "640"
   #Restart if this changes
   notify: restart elasticsearch
   when: es_ssl_certificate_authority | bool
diff --git a/tasks/elasticsearch-template.yml b/tasks/elasticsearch-template.yml
index a04097f..e766932 100644
--- a/tasks/elasticsearch-template.yml
+++ b/tasks/elasticsearch-template.yml
@@ -6,7 +6,7 @@
     state: directory
     owner: root
     group: "{{ es_group }}"
-    mode: 2750
+    mode: "2750"
 
 - name: Copy templates to elasticsearch
   copy: src={{ item }} dest={{ es_conf_dir }}/templates owner=root group={{ es_group }} mode=0660