diff options
Diffstat (limited to 'roles/x509/static/cert/prepare')
-rw-r--r-- | roles/x509/static/cert/prepare/handlers/main.yml | 8 | ||||
-rw-r--r-- | roles/x509/static/cert/prepare/tasks/main.yml | 24 |
2 files changed, 26 insertions, 6 deletions
diff --git a/roles/x509/static/cert/prepare/handlers/main.yml b/roles/x509/static/cert/prepare/handlers/main.yml index 39f28f73..589d6dde 100644 --- a/roles/x509/static/cert/prepare/handlers/main.yml +++ b/roles/x509/static/cert/prepare/handlers/main.yml @@ -6,3 +6,11 @@ service: name: "{{ x509_certificate_reload_service }}" state: reloaded + +- name: restart services for x509 certificates + loop: "{{ x509_certificate_restart_services | default([]) }}" + loop_control: + loop_var: x509_certificate_restart_service + service: + name: "{{ x509_certificate_restart_service }}" + state: restarted diff --git a/roles/x509/static/cert/prepare/tasks/main.yml b/roles/x509/static/cert/prepare/tasks/main.yml index 03df7542..e8848743 100644 --- a/roles/x509/static/cert/prepare/tasks/main.yml +++ b/roles/x509/static/cert/prepare/tasks/main.yml @@ -10,7 +10,9 @@ mode: "{{ static_cert_config.mode | default('0700') }}" owner: "{{ static_cert_config.owner | default(omit) }}" group: "{{ static_cert_config.group | default(omit) }}" - notify: reload services for x509 certificates + notify: + - reload services for x509 certificates + - restart services for x509 certificates - name: install key for static certificate copy: @@ -19,7 +21,9 @@ mode: "{{ static_cert_config.key.mode | default('0600') }}" owner: "{{ static_cert_config.key.owner | default(omit) }}" group: "{{ static_cert_config.key.group | default(omit) }}" - notify: reload services for x509 certificates + notify: + - reload services for x509 certificates + - restart services for x509 certificates - name: install static certificate copy: @@ -28,7 +32,9 @@ mode: "{{ static_cert_config.cert.mode | default('0644') }}" owner: "{{ static_cert_config.cert.owner | default(omit) }}" group: "{{ static_cert_config.cert.group | default(omit) }}" - notify: reload services for x509 certificates + notify: + - reload services for x509 certificates + - restart services for x509 certificates - name: export paths to basic certificate files set_fact: @@ -46,7 +52,9 @@ mode: "{{ static_cert_config.chain.mode | default('0644') }}" owner: "{{ static_cert_config.chain.owner | default(omit) }}" group: "{{ static_cert_config.chain.group | default(omit) }}" - notify: reload services for x509 certificates + notify: + - reload services for x509 certificates + - restart services for x509 certificates - name: install fullchain for static certificate copy: @@ -57,7 +65,9 @@ mode: "{{ static_cert_config.cert.mode | default('0644') }}" owner: "{{ static_cert_config.cert.owner | default(omit) }}" group: "{{ static_cert_config.cert.group | default(omit) }}" - notify: reload services for x509 certificates + notify: + - reload services for x509 certificates + - restart services for x509 certificates - name: export paths to additional certificate files set_fact: @@ -74,7 +84,9 @@ file: path: "{{ static_cert_path }}/{{ static_cert_name }}-{{ item }}.pem" state: absent - notify: reload services for x509 certificates + notify: + - reload services for x509 certificates + - restart services for x509 certificates - name: make sure variable that points to the chain certificate file is unset set_fact: |