3 files changed, 18 insertions, 1 deletions

diff --git a/roles/acmetool/base/templates/acme-reload.j2 b/roles/acmetool/base/templates/acme-reload.j2
new file mode 100644
index 00000000..a679bc7d
--- /dev/null
+++ b/roles/acmetool/base/templates/acme-reload.j2
@@ -0,0 +1,7 @@
+# This should contain a space-seperated list of services to be
+# reloaded after new certificates are generated. An empty list
+# disables reloading of any service
+#
+# example: SERVICES="apache2 nginx postfix"
+
+SERVICES="{{ acmetool_reload_services | join(' ') }}"
diff --git a/roles/acmetool/base/templates/responses.j2 b/roles/acmetool/base/templates/responses.j2
index a7bf2504..411455b8 100644
--- a/roles/acmetool/base/templates/responses.j2
+++ b/roles/acmetool/base/templates/responses.j2
@@ -2,7 +2,7 @@
 "acme-agreement:https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf": true
 "acmetool-quickstart-choose-server": {{ acmetool_directory_server }}
 "acmetool-quickstart-choose-method": webroot
-"acmetool-quickstart-webroot-path": "/var/run/acme/acme-challenge"
+"acmetool-quickstart-webroot-path": "{{ acmetool_challenge_webroot_path | default('/var/run/acme/acme-challenge') }}"
 "acmetool-quickstart-complete": true
 "acmetool-quickstart-install-cronjob": false
 "acmetool-quickstart-install-haproxy-script": true
diff --git a/roles/acmetool/base/templates/systemd-override.conf.j2 b/roles/acmetool/base/templates/systemd-override.conf.j2
new file mode 100644
index 00000000..aec6f034
--- /dev/null
+++ b/roles/acmetool/base/templates/systemd-override.conf.j2
@@ -0,0 +1,10 @@
+[Service]
+{% if acmetool_http_proxy is defined %}
+Environment=http_proxy={{ acmetool_http_proxy }}
+{% endif %}
+{% if acmetool_https_proxy is defined %}
+Environment=https_proxy={{ acmetool_https_proxy }}
+{% endif %}
+{% if acmetool_challenge_webroot_path is defined %}
+ReadWritePaths={{ acmetool_challenge_webroot_path }}
+{% endif %}