From 0fb059e6bfe8d3f4812282b51fed0aec43091b84 Mon Sep 17 00:00:00 2001 From: June Date: Sun, 28 Jan 2024 04:01:06 +0100 Subject: [PATCH] Add nginx reload command on new cert for all VMs with certbot and nginx --- inventories/chaosknoten/host_vars/grafana.yaml | 2 ++ inventories/chaosknoten/host_vars/hackertours.yaml | 2 ++ inventories/chaosknoten/host_vars/keycloak.yaml | 2 ++ inventories/chaosknoten/host_vars/lists.yaml | 2 ++ inventories/chaosknoten/host_vars/mumble.yaml | 2 ++ inventories/chaosknoten/host_vars/onlyoffice.yaml | 2 ++ inventories/chaosknoten/host_vars/pad.yaml | 2 ++ inventories/chaosknoten/host_vars/wiki.yaml | 2 ++ inventories/chaosknoten/host_vars/zammad.yaml | 2 ++ playbooks/roles/nextcloud/meta/main.yaml | 2 ++ 10 files changed, 20 insertions(+) diff --git a/inventories/chaosknoten/host_vars/grafana.yaml b/inventories/chaosknoten/host_vars/grafana.yaml index afca181..efa34aa 100644 --- a/inventories/chaosknoten/host_vars/grafana.yaml +++ b/inventories/chaosknoten/host_vars/grafana.yaml @@ -11,6 +11,8 @@ certbot__version_spec: "" certbot__acme_account_email_address: le-admin@hamburg.ccc.de certbot__certificate_domains: - "grafana.hamburg.ccc.de" +certbot__new_cert_commands: + - "systemctl reload nginx.service" nginx__version_spec: "" nginx__configurations: diff --git a/inventories/chaosknoten/host_vars/hackertours.yaml b/inventories/chaosknoten/host_vars/hackertours.yaml index 8346e5d..b7d24e0 100644 --- a/inventories/chaosknoten/host_vars/hackertours.yaml +++ b/inventories/chaosknoten/host_vars/hackertours.yaml @@ -5,6 +5,8 @@ certbot__version_spec: "" certbot__acme_account_email_address: le-admin@hamburg.ccc.de certbot__certificate_domains: - "hackertours.hamburg.ccc.de" +certbot__new_cert_commands: + - "systemctl reload nginx.service" nginx__version_spec: "" nginx__configurations: diff --git a/inventories/chaosknoten/host_vars/keycloak.yaml b/inventories/chaosknoten/host_vars/keycloak.yaml index e9b5b70..68f37ba 100644 --- a/inventories/chaosknoten/host_vars/keycloak.yaml +++ b/inventories/chaosknoten/host_vars/keycloak.yaml @@ -6,6 +6,8 @@ certbot__acme_account_email_address: j+letsencrypt-ccchh@jsts.xyz certbot__certificate_domains: - "id.hamburg.ccc.de" - "keycloak-admin.hamburg.ccc.de" +certbot__new_cert_commands: + - "systemctl reload nginx.service" nginx__version_spec: "" nginx__configurations: diff --git a/inventories/chaosknoten/host_vars/lists.yaml b/inventories/chaosknoten/host_vars/lists.yaml index 2175571..b856d49 100644 --- a/inventories/chaosknoten/host_vars/lists.yaml +++ b/inventories/chaosknoten/host_vars/lists.yaml @@ -5,6 +5,8 @@ certbot__version_spec: "" certbot__acme_account_email_address: j+letsencrypt-ccchh@jsts.xyz certbot__certificate_domains: - "lists.hamburg.ccc.de" +certbot__new_cert_commands: + - "systemctl reload nginx.service" nginx__version_spec: "" nginx__configurations: diff --git a/inventories/chaosknoten/host_vars/mumble.yaml b/inventories/chaosknoten/host_vars/mumble.yaml index 5545878..eeeeaeb 100644 --- a/inventories/chaosknoten/host_vars/mumble.yaml +++ b/inventories/chaosknoten/host_vars/mumble.yaml @@ -5,6 +5,8 @@ certbot__version_spec: "" certbot__acme_account_email_address: j+letsencrypt-ccchh@jsts.xyz certbot__certificate_domains: - "mumble.hamburg.ccc.de" +certbot__new_cert_commands: + - "systemctl reload nginx.service" nginx__version_spec: "" nginx__configurations: diff --git a/inventories/chaosknoten/host_vars/onlyoffice.yaml b/inventories/chaosknoten/host_vars/onlyoffice.yaml index 6b9858e..bf43f07 100644 --- a/inventories/chaosknoten/host_vars/onlyoffice.yaml +++ b/inventories/chaosknoten/host_vars/onlyoffice.yaml @@ -7,6 +7,8 @@ certbot__version_spec: "" certbot__acme_account_email_address: j+letsencrypt-ccchh@jsts.xyz certbot__certificate_domains: - "onlyoffice.hamburg.ccc.de" +certbot__new_cert_commands: + - "systemctl reload nginx.service" docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'chaosknoten/configs/onlyoffice/compose.yaml.j2') }}" docker_compose__configuration_files: [ ] diff --git a/inventories/chaosknoten/host_vars/pad.yaml b/inventories/chaosknoten/host_vars/pad.yaml index 768c98f..ea420a9 100644 --- a/inventories/chaosknoten/host_vars/pad.yaml +++ b/inventories/chaosknoten/host_vars/pad.yaml @@ -5,6 +5,8 @@ certbot__version_spec: "" certbot__acme_account_email_address: le-admin@hamburg.ccc.de certbot__certificate_domains: - "pad.hamburg.ccc.de" +certbot__new_cert_commands: + - "systemctl reload nginx.service" nginx__version_spec: "" nginx__configurations: diff --git a/inventories/chaosknoten/host_vars/wiki.yaml b/inventories/chaosknoten/host_vars/wiki.yaml index f1ac980..1a3e1c2 100644 --- a/inventories/chaosknoten/host_vars/wiki.yaml +++ b/inventories/chaosknoten/host_vars/wiki.yaml @@ -10,3 +10,5 @@ certbot__acme_account_email_address: j+letsencrypt-ccchh@jsts.xyz certbot__certificate_domains: - "wiki.ccchh.net" - "wiki.hamburg.ccc.de" +certbot__new_cert_commands: + - "systemctl reload nginx.service" diff --git a/inventories/chaosknoten/host_vars/zammad.yaml b/inventories/chaosknoten/host_vars/zammad.yaml index be2c445..d0e1ea8 100644 --- a/inventories/chaosknoten/host_vars/zammad.yaml +++ b/inventories/chaosknoten/host_vars/zammad.yaml @@ -10,3 +10,5 @@ nginx__version_spec: "" nginx__configurations: - name: zammad.hamburg.ccc.de content: "{{ lookup('ansible.builtin.file', 'chaosknoten/configs/zammad/nginx/zammad.hamburg.ccc.de.conf') }}" +certbot__new_cert_commands: + - "systemctl reload nginx.service" diff --git a/playbooks/roles/nextcloud/meta/main.yaml b/playbooks/roles/nextcloud/meta/main.yaml index a94e578..9138dfe 100644 --- a/playbooks/roles/nextcloud/meta/main.yaml +++ b/playbooks/roles/nextcloud/meta/main.yaml @@ -6,6 +6,8 @@ dependencies: certbot__acme_account_email_address: "{{ nextcloud__certbot_acme_account_email_address }}" certbot__certificate_domains: - "{{ nextcloud__fqdn }}" + certbot__new_cert_commands: + - "systemctl reload nginx.service" - role: nginx vars: nginx__version_spec: "{{ nextcloud__nginx_version_spec }}"