summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--roles/certbot/files/certbot.service2
-rw-r--r--roles/nginx/files/nginx.sh3
-rw-r--r--roles/nginx/tasks/main.yml8
3 files changed, 12 insertions, 1 deletions
diff --git a/roles/certbot/files/certbot.service b/roles/certbot/files/certbot.service
index bea307c..26cf2fd 100644
--- a/roles/certbot/files/certbot.service
+++ b/roles/certbot/files/certbot.service
@@ -3,4 +3,4 @@ Description=Let's Encrypt renewal
[Service]
Type=oneshot
-ExecStart=/usr/bin/certbot renew --agree-tos --deploy-hook "systemctl reload nginx"
+ExecStart=/usr/bin/certbot renew --agree-tos
diff --git a/roles/nginx/files/nginx.sh b/roles/nginx/files/nginx.sh
new file mode 100644
index 0000000..ca022f8
--- /dev/null
+++ b/roles/nginx/files/nginx.sh
@@ -0,0 +1,3 @@
+#! /bin/sh
+
+systemctl reload nginx
diff --git a/roles/nginx/tasks/main.yml b/roles/nginx/tasks/main.yml
index acfb8c1..8c32be3 100644
--- a/roles/nginx/tasks/main.yml
+++ b/roles/nginx/tasks/main.yml
@@ -48,3 +48,11 @@
name: nginx
enabled: yes
state: started
+
+- name: Copy nginx certificate renewal hook
+ ansible.builtin.copy:
+ src: files/nginx.sh
+ dest: /etc/letsencrypt/renewal-hooks/deploy/nginx.sh
+ owner: root
+ group: root
+ mode: u+rwx,g+r,o+r
generated by cgit v1.2.3-70-g09d2 (git 2.49.0) at 2025-04-28 11:29:42 +0000