---
- block:
  - name: Create the service data dirs
    file: name={{ item }} state=directory owner={{ service_user }} group={{ service_group }} mode=0750
    with_items: '{{ service_other_directories }}'

  - name: Set the read/write permissions on the service data dirs
    acl: name={{ item }} entity={{ service_group }} etype=group permissions=rwX state=present recursive=yes
    with_items: '{{ service_other_directories | default([]) }}'

  - name: Set the default read/write permissions on the service data dirs
    acl: name={{ item }} entity={{ service_group }} etype=group permissions=rwX state=present default=yes recursive=yes
    with_items: '{{ service_other_directories | default([]) }}'

  - name: Set the read permissions on the service log dirs
    acl: name={{ item }} entity={{ service_group }} etype=group permissions=rX state=present recursive=yes
    with_items: '{{ service_log_directories }}'

  - name: Set the default read permissions on the service log dirs
    acl: name={{ item }} entity={{ service_group }} etype=group permissions=rX state=present default=yes recursive=yes
    with_items: '{{ service_log_directories }}'

  tags: [ 'service', 'users' ]