From 775492cc28346ea86396a947e1371b8aa0784380 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Thu, 17 Aug 2023 00:23:01 +0200
Subject: revamp x509 service reloading

---
 roles/nginx/vhost/tasks/main.yml | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

(limited to 'roles/nginx')

diff --git a/roles/nginx/vhost/tasks/main.yml b/roles/nginx/vhost/tasks/main.yml
index 55544733..2c1f0f29 100644
--- a/roles/nginx/vhost/tasks/main.yml
+++ b/roles/nginx/vhost/tasks/main.yml
@@ -1,13 +1,14 @@
 ---
 - name: ensure certificate exists (fake it, until you make it)
   when: "'tls' in nginx_vhost"
-  include_role:
-    name: "x509/{{ nginx_vhost.tls.certificate_provider }}/cert/prepare"
-    public: true
   vars:
     x509_certificate_name: "{{ nginx_vhost.name }}"
     x509_certificate_hostnames: "{{ nginx_vhost.hostnames }}"
-    x509_notify_on_change: reload nginx
+    x509_certificate_reload_services:
+    - nginx
+  include_role:
+    name: "x509/{{ nginx_vhost.tls.certificate_provider }}/cert/prepare"
+    public: true
 
 - name: install nginx configs from template
   when: "'template' in nginx_vhost"
@@ -39,9 +40,10 @@
     meta: flush_handlers
 
   - name: actually request the certificate
-    include_role:
-      name: "x509/{{ nginx_vhost.tls.certificate_provider }}/cert/finalize"
     vars:
       x509_certificate_name: "{{ nginx_vhost.name }}"
       x509_certificate_hostnames: "{{ nginx_vhost.hostnames }}"
-      x509_notify_on_change: reload nginx
+      x509_certificate_reload_services:
+      - nginx
+    include_role:
+      name: "x509/{{ nginx_vhost.tls.certificate_provider }}/cert/finalize"
-- 
cgit v1.2.3