1 files changed, 10 insertions, 4 deletions

diff --git a/roles/x509/uacme/cert/prepare/tasks/main.yml b/roles/x509/uacme/cert/prepare/tasks/main.yml
index 06b9f146..426a5eee 100644
--- a/roles/x509/uacme/cert/prepare/tasks/main.yml
+++ b/roles/x509/uacme/cert/prepare/tasks/main.yml
@@ -12,7 +12,7 @@
     group: "{{ uacme_cert_config.key.group | default(omit) }}"
     type: "{{ uacme_cert_config.key.type | default(omit) }}"
     size: "{{ uacme_cert_config.key.size | default(omit) }}"
-  notify: "{{ x509_notify_on_change | default(omit) }}"
+  notify: reload services for x509 certificates
 
 - name: generate csr for uacme-controlled certificate
   community.crypto.openssl_csr:
@@ -60,7 +60,7 @@
       selfsigned_not_after: "{{ remote_datetime_now.stdout }}"
       return_content: yes
     register: uacme_cert_selfsigned
-    notify: "{{ x509_notify_on_change | default(omit) }}"
+    notify: reload services for x509 certificates
 
   - name: make sure cert-only file exists
     copy:
@@ -69,7 +69,7 @@
       mode: "{{ uacme_cert_config.cert.mode | default('0644') }}"
       owner: "{{ uacme_cert_config.cert.owner | default(omit) }}"
       group: "{{ uacme_cert_config.cert.group | default(omit) }}"
-    notify: "{{ x509_notify_on_change | default(omit) }}"
+    notify: reload services for x509 certificates
 
   - name: make sure the chain file exists
     copy:
@@ -78,7 +78,13 @@
       mode: "{{ uacme_cert_config.cert.mode | default('0644') }}"
       owner: "{{ uacme_cert_config.cert.owner | default(omit) }}"
       group: "{{ uacme_cert_config.cert.group | default(omit) }}"
-    notify: "{{ x509_notify_on_change | default(omit) }}"
+    notify: reload services for x509 certificates
+
+- name: install script to be called when new certificate is generated
+  template:
+    src: updated.sh.j2
+    dest: "/var/lib/uacme.d/{{ uacme_cert_name }}/updated.sh"
+    mode: 0755
 
 - name: export paths to certificate files
   set_fact: