Ansible: How to recursively set directory and file permissions

file: dest=/foo/bar/somedir owner=root group=apache mode=u=rwX,g=rX,o=rX recurse=yes

will set directories to 755, and files to 644.

The Ansible file/copy modules don't give you the granularity of specifying permissions based on file type so you'd most likely need to do this manually by doing something along these lines:

- name: Ensure directories are 0755
  command: find {{ path }} -type d -exec chmod 0755 {} \;

- name: Ensure files are 0644
  command: find {{ path }} -type f -exec chmod 0644 {} \;

These would have the effect of recursing through {{ path }} and changing the permissions of every file or directory to the specified permissions.

Source: https://stackoverflow.com/a/28782805/1306186

If you want to use the module file in ansible, you can:

file: dest=/foo/bar/somedir owner=root group=apache mode=0644 recurse=yes

file: dest=/foo/bar/somedir owner=root group=apache mode=0775

With this method you first set all the file (recurse=yes) to '644' and then you set /foo/bar/somedir to '775'.

This is not perfect because it will change your directory permission each time you play your playbook. But at least it is idempotent, not like the module command.

If you don't want to have 'changed' status, you can use the module stat. It will list all the files and directory in /foo/bar/somedir so you register the answer and then make a loop on those files only.