Template should accept file permissions

[BrianHicks]

These should be templated as well, but user and group should be separate resources.

[langston-barrett]

What were you envisioning for this? Something like the following?

type Template struct {
    TemplateName string
    RawContent string `hcl:"content"`
    RawDestination string `hcl:"destination"`

    // file permissions
    Owner string `hcl:"owner"`
    Group string `hcl:"group"`
    Mode string `hcl:"mode"`
}

Also: why not just accomplish this with something like file/owner, file/group, and file/mode tasks?

[BrianHicks]

Because if we're rendering sensitive information to disk it needs to write a more secure default. Right now it's 0755ing everything, which is not ideal. It could be 0600 by default and then expect the user to specify mode separately, you're right.

In your code sketch, we'd just have mode. Maybe this needs to be a separate issue.

[langston-barrett]

@BrianHicks That makes sense, I guess you never want secrets on disk with loose permissions (even for a second). I prefer the option of documenting the default 0600 and deferring to a file/mode task, but I'm game for anything!

[BrianHicks]

Closing in favor of those referenced above.