runner

1---
2# Runner Services - Fix Directory Permissions
3# This task file fixes existing directory permissions to ensure proper group ownership and inheritance
4
5- name: Fix ownership and permissions for all runner directories
6  file:
7    path: "{{ item }}"
8    state: directory
9    owner: "{{ runner_user }}"
10    group: "{{ runner_group }}"
11    mode: '2775'  # 2 sets the setgid bit
12    recurse: yes
13  loop: "{{ runner_config_directories }}"
14  become: yes
15  ignore_errors: yes  # In case some directories don't exist yet
16
17- name: Create NFS mount directories (no permission changes on NFS mounts)
18  file:
19    path: "{{ item }}"
20    state: directory
21    # DO NOT set ownership/permissions on NFS mount points - managed by NFS server
22  loop: "{{ runner_nfs_directories }}"
23  become: yes
24  ignore_errors: yes
25
26- name: Set special permissions for Frigate config file
27  file:
28    path: "{{ frigate_config_dir }}/config/config.yml"
29    owner: "{{ runner_user }}"
30    group: "{{ runner_group }}"
31    mode: '0777'
32  become: yes
33  when: frigate_enabled
34  ignore_errors: yes  # In case file doesn't exist yet
35
36- name: Display permission fix results
37  debug:
38    msg: |
39      Directory Permission Fix Results:
40      - Service directories checked: {{ runner_config_directories | length }} directories
41      - All service-specific directories under /docker/[service] pattern
42      
43      Expected results:
44      - All directories should be owned by {{ runner_user }}:{{ runner_group }}
45      - All directories should have mode 2775 (group sticky bit set)
46      - Frigate config should have mode 777 if enabled