certsync changes

- run weekly
- preserve modification times
- reload nginx conditionally

roles/certsync/tasks/main.yml

@@ -19,6 +19,6 @@
     name: TLS Zertifikate synchronisieren
     job: "{{ certsync_script }}"
     minute: "0"
-    hour: "6"
-    day: "2"
+    hour: "7"
+    weekday: "1"
   tags: certsync

roles/certsync/templates/certsync.j2

@@ -9,7 +9,7 @@ if [ ! -d $CERT_DIR ]; then
   chmod 750 $CERT_DIR
 fi
 
-sftp -q -i {{ certsync_key }} certsync@{{ certsync_host }}:* "$CERT_DIR/" > /dev/null 2>&1
+sftp -p -q -i {{ certsync_key }} certsync@{{ certsync_host }}:* "$CERT_DIR/" > /dev/null 2>&1
 if [ $? -ne 0 ]; then
   echo "Error getting certificates"
   exit 1
@@ -17,4 +17,7 @@ fi
 chown root.root $CERT_DIR/*
 chmod 440 $CERT_DIR/*
 
-service nginx reload > /dev/null
+COUNT=$(find $CERT_DIR -mtime -7 | wc -l)
+if [ $COUNT -gt 0 ]; then
+  service nginx reload > /dev/null
+fi