Use systemd service instead of service for certbot

To properly reload systemd in case of changes in unit file.
author: Dmitry Ilvokhin <d@ilvokhin.com> 2024-04-20 19:12:44 +0100
committer: Dmitry Ilvokhin <d@ilvokhin.com> 2024-04-20 19:12:44 +0100
commit: 1bd268d1b0921236ab2047c5481dcfb639f688ff (patch)
tree: 26e36d6a7c93c70819c4357de4102223f02d153f
parent: 8f7fe713dba455cd6a2e4eef7da178c457a2e269 (diff)
download: infra-1bd268d1b0921236ab2047c5481dcfb639f688ff.tar.gz
infra-1bd268d1b0921236ab2047c5481dcfb639f688ff.tar.bz2
infra-1bd268d1b0921236ab2047c5481dcfb639f688ff.zip
2 files changed, 5 insertions, 2 deletions
diff --git a/TODO.txt b/TODO.txt
index 23d252b..a0b8f22 100644
--- a/TODO.txt
+++ b/TODO.txt
@@ -48,7 +48,6 @@ LATER
 
 * Install fail2ban.
 * Set correct hostname for each host.
-* Do `systemctl daemon-reload` on unit updates?
 
 
 DOTFILES
diff --git a/roles/certbot/tasks/main.yml b/roles/certbot/tasks/main.yml
index bef7fa6..2db3ffc 100644
--- a/roles/certbot/tasks/main.yml
+++ b/roles/certbot/tasks/main.yml
@@ -36,7 +36,11 @@
     mode: u+rw,g+r,o+r
 
 - name: Enable certbot systemd timer
-  ansible.builtin.service:
+  # `ansible.builtin.systemd_service` used here intentionally instead of
+  # `ansible.builtin.service` to issue `systemctl daemon-reload` in case of
+  # changes in Ansible managed unit file.
+  ansible.builtin.systemd_service:
     name: certbot.timer
     enabled: yes
     state: started
+    daemon_reload: true
author	Dmitry Ilvokhin <d@ilvokhin.com>	2024-04-20 19:12:44 +0100
committer	Dmitry Ilvokhin <d@ilvokhin.com>	2024-04-20 19:12:44 +0100
commit	1bd268d1b0921236ab2047c5481dcfb639f688ff (patch)
tree	26e36d6a7c93c70819c4357de4102223f02d153f
parent	8f7fe713dba455cd6a2e4eef7da178c457a2e269 (diff)
download	infra-1bd268d1b0921236ab2047c5481dcfb639f688ff.tar.gz infra-1bd268d1b0921236ab2047c5481dcfb639f688ff.tar.bz2 infra-1bd268d1b0921236ab2047c5481dcfb639f688ff.zip