all clients: add permission fixup to make sure that files under their datadirs run with the right users

Author: skylenet

roles/arbitrum_node/tasks/main.yaml

@@ -6,6 +6,9 @@
     state: directory
     mode: "0750"
 
+- name: Set permissions
+  ansible.builtin.shell: "chown -R 1000:1000 {{ arbitrum_node_datadir }}"
+
 - name: Run arbitrum_node container
   community.docker.docker_container:
     name: "{{ arbitrum_node_container_name }}"

roles/besu/tasks/setup.yaml

@@ -11,6 +11,9 @@
     owner: "{{ besu_user }}"
     group: "{{ besu_user }}"
 
+- name: Set permissions
+  ansible.builtin.shell: "chown -R {{ besu_user }}:{{ besu_user }} {{ besu_datadir }}"
+
 - name: Run besu container
   community.docker.docker_container:
     name: "{{ besu_container_name }}"

roles/erigon/tasks/setup.yaml

@@ -11,6 +11,9 @@
     owner: "{{ erigon_user }}"
     group: "{{ erigon_user }}"
 
+- name: Set permissions
+  ansible.builtin.shell: "chown -R {{ erigon_user }}:{{ erigon_user }} {{ erigon_datadir }}"
+
 - name: Init custom network
   when: erigon_init_custom_network
   block:

roles/ethereumjs/tasks/setup.yaml

@@ -11,6 +11,9 @@
     owner: "{{ ethereumjs_user }}"
     group: "{{ ethereumjs_user }}"
 
+- name: Set permissions
+  ansible.builtin.shell: "chown -R {{ ethereumjs_user }}:{{ ethereumjs_user }} {{ ethereumjs_datadir }}"
+
 - name: Run ethereumjs container
   community.docker.docker_container:
     name: "{{ ethereumjs_container_name }}"

roles/geth/tasks/setup.yaml

@@ -11,6 +11,9 @@
     owner: "{{ geth_user }}"
     group: "{{ geth_user }}"
 
+- name: Set permissions
+  ansible.builtin.shell: "chown -R {{ geth_user }}:{{ geth_user }} {{ geth_datadir }}"
+
 - name: Init custom network
   when: geth_init_custom_network
   block:

roles/lighthouse/tasks/setup.yaml

@@ -11,6 +11,9 @@
     owner: "{{ lighthouse_user }}"
     group: "{{ lighthouse_user }}"
 
+- name: Set permissions
+  ansible.builtin.shell: "chown -R {{ lighthouse_user }}:{{ lighthouse_user }} {{ lighthouse_datadir }}"
+
 - name: Run lighthouse container
   community.docker.docker_container:
     name: "{{ lighthouse_container_name }}"
@@ -38,6 +41,10 @@
     - "{{ lighthouse_validator_datadir }}/secrets"
   when: lighthouse_validator_enabled
 
+- name: Set permissions for validator data dir
+  ansible.builtin.shell: "chown -R {{ lighthouse_user }}:{{ lighthouse_user }} {{ lighthouse_validator_datadir }}"
+  when: lighthouse_validator_enabled
+
 - name: Run lighthouse validator container
   community.docker.docker_container:
     name: "{{ lighthouse_validator_container_name }}"

roles/lodestar/tasks/setup.yaml

@@ -11,6 +11,9 @@
     owner: "{{ lodestar_user }}"
     group: "{{ lodestar_user }}"
 
+- name: Set permissions
+  ansible.builtin.shell: "chown -R {{ lodestar_user }}:{{ lodestar_user }} {{ lodestar_datadir }}"
+
 - name: Run lodestar container
   community.docker.docker_container:
     name: "{{ lodestar_container_name }}"
@@ -38,6 +41,10 @@
     - "{{ lodestar_validator_datadir }}/secrets"
   when: lodestar_validator_enabled
 
+- name: Set permissions for validator data dir
+  ansible.builtin.shell: "chown -R {{ lodestar_user }}:{{ lodestar_user }} {{ lodestar_validator_datadir }}"
+  when: lodestar_validator_enabled
+
 - name: Run lodestar validator container
   community.docker.docker_container:
     name: "{{ lodestar_validator_container_name }}"

roles/nethermind/tasks/setup.yaml

@@ -14,6 +14,9 @@
     - "{{ nethermind_datadir }}"
     - "{{ nethermind_datadir }}/nethermind"
 
+- name: Set permissions
+  ansible.builtin.shell: "chown -R {{ nethermind_user }}:{{ nethermind_user }} {{ nethermind_datadir }}"
+
 - name: Run nethermind container
   community.docker.docker_container:
     name: "{{ nethermind_container_name }}"

roles/nimbus/tasks/setup.yaml

@@ -11,6 +11,9 @@
     owner: "{{ nimbus_user }}"
     group: "{{ nimbus_user }}"
 
+- name: Set permissions
+  ansible.builtin.shell: "chown -R {{ nimbus_user }}:{{ nimbus_user }} {{ nimbus_datadir }}"
+
 - name: Create validator data dir
   ansible.builtin.file:
     path: "{{ item }}"
@@ -24,6 +27,10 @@
     - "{{ nimbus_validator_datadir }}/secrets"
   when: nimbus_validator_enabled
 
+- name: Set permissions for validator data dir
+  ansible.builtin.shell: "chown -R {{ nimbus_user }}:{{ nimbus_user }} {{ nimbus_validator_datadir }}"
+  when: nimbus_validator_enabled
+
 - name: Checkpoint sync nimbus node
   when: nimbus_checkpoint_sync_enabled
   community.docker.docker_container:

roles/prysm/tasks/setup.yaml

@@ -11,6 +11,9 @@
     owner: "{{ prysm_user }}"
     group: "{{ prysm_user }}"
 
+- name: Set permissions
+  ansible.builtin.shell: "chown -R {{ prysm_user }}:{{ prysm_user }} {{ prysm_datadir }}"
+
 - name: Run prysm container
   community.docker.docker_container:
     name: "{{ prysm_container_name }}"
@@ -35,6 +38,10 @@
     group: "{{ prysm_user }}"
   when: prysm_validator_enabled
 
+- name: Set permissions for validator data dir
+  ansible.builtin.shell: "chown -R {{ prysm_user }}:{{ prysm_user }} {{ prysm_validator_datadir }}"
+  when: prysm_validator_enabled
+
 - name: Run prysm validator container
   community.docker.docker_container:
     name: "{{ prysm_validator_container_name }}"

roles/teku/tasks/setup.yaml

@@ -11,6 +11,9 @@
     owner: "{{ teku_user }}"
     group: "{{ teku_user }}"
 
+- name: Set permissions
+  ansible.builtin.shell: "chown -R {{ teku_user }}:{{ teku_user }} {{ teku_datadir }}"
+
 - name: Create validator data dir
   ansible.builtin.file:
     path: "{{ item }}"
@@ -24,6 +27,10 @@
     - "{{ teku_validator_datadir }}/secrets"
   when: teku_validator_enabled
 
+- name: Set permissions for validator data dir
+  ansible.builtin.shell: "chown -R {{ teku_user }}:{{ teku_user }} {{ teku_validator_datadir }}"
+  when: teku_validator_enabled
+
 - name: Run teku container
   community.docker.docker_container:
     name: "{{ teku_container_name }}"