x509: some daemons can't be reloaded and need to be restarted...

1 files changed, 9 insertions, 3 deletions

diff --git a/roles/x509/ownca/cert/prepare/tasks/main.yml b/roles/x509/ownca/cert/prepare/tasks/main.yml
index 7f81d125..00d19c59 100644
--- a/roles/x509/ownca/cert/prepare/tasks/main.yml
+++ b/roles/x509/ownca/cert/prepare/tasks/main.yml
@@ -10,7 +10,9 @@
     mode: "{{ ownca_cert_config.mode | default('0700') }}"
     owner: "{{ ownca_cert_config.owner | default(omit) }}"
     group: "{{ ownca_cert_config.group | default(omit) }}"
-  notify: reload services for x509 certificates
+  notify:
+  - reload services for x509 certificates
+  - restart services for x509 certificates
 
 - name: generate key for ownca certificate
   openssl_privatekey:
@@ -20,7 +22,9 @@
     group: "{{ ownca_cert_config.key.group | default(omit) }}"
     type: "{{ ownca_cert_config.key.type | default(omit) }}"
     size: "{{ ownca_cert_config.key.size | default(omit) }}"
-  notify: reload services for x509 certificates
+  notify:
+  - reload services for x509 certificates
+  - restart services for x509 certificates
   register: _ownca_key_
 
 - name: generate csr for ownca certificate
@@ -75,7 +79,9 @@
     ownca_not_before: "{{ ownca_cert_config.cert.not_before | default(omit) }}"
     ownca_not_after: "{{ ownca_cert_config.cert.not_after | default(omit) }}"
     force: "{{ _ownca_cert_file_.stat.exists and (not _ownca_cert_info_.valid_at.renew_margin) }}"
-  notify: reload services for x509 certificates
+  notify:
+  - reload services for x509 certificates
+  - restart services for x509 certificates
   register: _ownca_cert_
 
 - name: export paths to certificate files