diff options
| author | Christian Pointner <equinox@spreadspace.org> | 2023-10-24 23:43:20 +0200 |
|---|---|---|
| committer | Christian Pointner <equinox@spreadspace.org> | 2023-10-24 23:43:20 +0200 |
| commit | 792ececf6b450ad9588c45d0f4b8652e42145f3d (patch) | |
| tree | 121e22f50e91a552a0067640024997d313c8c16a /roles/x509/selfsigned | |
| parent | add new role docker/registry (WIP) (diff) | |
x509: some daemons can't be reloaded and need to be restarted...
Diffstat (limited to 'roles/x509/selfsigned')
| -rw-r--r-- | roles/x509/selfsigned/cert/prepare/handlers/main.yml | 8 | ||||
| -rw-r--r-- | roles/x509/selfsigned/cert/prepare/tasks/main.yml | 12 |
2 files changed, 17 insertions, 3 deletions
diff --git a/roles/x509/selfsigned/cert/prepare/handlers/main.yml b/roles/x509/selfsigned/cert/prepare/handlers/main.yml index 39f28f73..589d6dde 100644 --- a/roles/x509/selfsigned/cert/prepare/handlers/main.yml +++ b/roles/x509/selfsigned/cert/prepare/handlers/main.yml @@ -6,3 +6,11 @@ service: name: "{{ x509_certificate_reload_service }}" state: reloaded + +- name: restart services for x509 certificates + loop: "{{ x509_certificate_restart_services | default([]) }}" + loop_control: + loop_var: x509_certificate_restart_service + service: + name: "{{ x509_certificate_restart_service }}" + state: restarted diff --git a/roles/x509/selfsigned/cert/prepare/tasks/main.yml b/roles/x509/selfsigned/cert/prepare/tasks/main.yml index a5ac8159..f71acec1 100644 --- a/roles/x509/selfsigned/cert/prepare/tasks/main.yml +++ b/roles/x509/selfsigned/cert/prepare/tasks/main.yml @@ -10,7 +10,9 @@ mode: "{{ selfsigned_cert_config.mode | default('0700') }}" owner: "{{ selfsigned_cert_config.owner | default(omit) }}" group: "{{ selfsigned_cert_config.group | default(omit) }}" - notify: reload services for x509 certificates + notify: + - reload services for x509 certificates + - restart services for x509 certificates - name: generate key for selfsigned certificate openssl_privatekey: @@ -20,7 +22,9 @@ group: "{{ selfsigned_cert_config.key.group | default(omit) }}" type: "{{ selfsigned_cert_config.key.type | default(omit) }}" size: "{{ selfsigned_cert_config.key.size | default(omit) }}" - notify: reload services for x509 certificates + notify: + - reload services for x509 certificates + - restart services for x509 certificates register: _selfsigned_key_ - name: generate csr for selfsigned certificate @@ -74,7 +78,9 @@ selfsigned_not_before: "{{ selfsigned_cert_config.cert.not_before | default(omit) }}" selfsigned_not_after: "{{ selfsigned_cert_config.cert.not_after | default(omit) }}" force: "{{ _selfsigned_cert_file_.stat.exists and (not _selfsigned_cert_info_.valid_at.renew_margin) }}" - notify: reload services for x509 certificates + notify: + - reload services for x509 certificates + - restart services for x509 certificates register: _selfsigned_cert_ - name: export paths to certificate files |