From be973340addc998c8eba9720ca35827b3b73e4d3 Mon Sep 17 00:00:00 2001
From: Pablo Escobar <pescobar001@gmail.com>
Date: Sat, 23 May 2020 00:18:10 +0200
Subject: [PATCH] allow elasticsearch to readh the ca file

---
 .../ansible-elasticsearch/tasks/xpack_security.yml          | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
index 1233fde4..47063c4e 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
@@ -149,6 +149,8 @@
   copy:
     src: "{{ item }}"
     dest: "{{ node_certs_destination }}/"
+    owner: root
+    group: elasticsearch
     mode: 0440
   with_items:
     - "{{ master_certs_path }}/{{ elasticsearch_node_name }}/{{ elasticsearch_node_name }}.key"
@@ -164,6 +166,8 @@
   copy:
     src: "{{ item }}"
     dest: "{{ node_certs_destination }}/"
+    owner: root
+    group: elasticsearch
     mode: 0440
   with_items:
     - "{{ master_certs_path }}/{{ elasticsearch_node_name }}/{{ elasticsearch_node_name }}.key"
@@ -178,6 +182,8 @@
 - name: Ensuring folder permissions
   file:
     path: "{{ node_certs_destination }}/"
+    owner: root
+    group: elasticsearch
     mode: 0774
     state: directory
     recurse: no