freifunk/ansible-config
8
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

certsync changes

Browse source 
- run weekly
- preserve modification times
- reload nginx conditionally
This commit is contained in:
Alexander Dietrich 2017-06-30 22:24:56 +02:00
parent 42b013c2c1
commit d24285cfc3
2 changed files with 7 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
roles/certsync/tasks/main.yml
View file

@ -19,6 +19,6 @@
name: TLS Zertifikate synchronisieren name: TLS Zertifikate synchronisieren
job: "{{ certsync_script }}" job: "{{ certsync_script }}"
minute: "0" minute: "0"
hour: "6" hour: "7"
day: "2" weekday: "1"
tags: certsync tags: certsync

7
roles/certsync/templates/certsync.j2
View file

@ -9,7 +9,7 @@ if [ ! -d $CERT_DIR ]; then
chmod 750 $CERT_DIR chmod 750 $CERT_DIR
fi fi
sftp -q -i {{ certsync_key }} certsync@{{ certsync_host }}:* "$CERT_DIR/" > /dev/null 2>&1 sftp -p -q -i {{ certsync_key }} certsync@{{ certsync_host }}:* "$CERT_DIR/" > /dev/null 2>&1
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
echo "Error getting certificates" echo "Error getting certificates"
exit 1 exit 1
@ -17,4 +17,7 @@ fi
chown root.root $CERT_DIR/* chown root.root $CERT_DIR/*
chmod 440 $CERT_DIR/* chmod 440 $CERT_DIR/*
service nginx reload > /dev/null COUNT=$(find $CERT_DIR -mtime -7 | wc -l)
if [ $COUNT -gt 0 ]; then
service nginx reload > /dev/null
fi