diff --git a/roles/docker-mailu/handlers/main.yml b/roles/docker-mailu/handlers/main.yml index d2d0703e..3d53542a 100644 --- a/roles/docker-mailu/handlers/main.yml +++ b/roles/docker-mailu/handlers/main.yml @@ -9,3 +9,9 @@ state: restarted enabled: yes daemon_reload: yes +- name: "restart deploy-letsencrypt-mailu.timer" + systemd: + name: deploy-letsencrypt-mailu.timer + state: restarted + enabled: yes + daemon_reload: yes diff --git a/roles/docker-mailu/tasks/main.yml b/roles/docker-mailu/tasks/main.yml index 6c760221..a17a9c6a 100644 --- a/roles/docker-mailu/tasks/main.yml +++ b/roles/docker-mailu/tasks/main.yml @@ -14,7 +14,7 @@ path: "/etc/mailu" state: directory mode: 0755 - + - name: "create /etc/mailu/certs" file: path: "/etc/mailu/certs" @@ -41,3 +41,7 @@ - name: configure deploy-letsencrypt-mailu.service template: src=deploy-letsencrypt-mailu.service.j2 dest=/etc/systemd/system/deploy-letsencrypt-mailu.service notify: restart deploy-letsencrypt-mailu.service + +- name: configure deploy-letsencrypt-mailu.timer + template: src=deploy-letsencrypt-mailu.timer.j2 dest=/etc/systemd/system/deploy-letsencrypt-mailu.timer + notify: restart deploy-letsencrypt-mailu.timer diff --git a/roles/docker-mailu/templates/deploy-letsencrypt-mailu.service.j2 b/roles/docker-mailu/templates/deploy-letsencrypt-mailu.service.j2 index 702186b3..7ae5370a 100644 --- a/roles/docker-mailu/templates/deploy-letsencrypt-mailu.service.j2 +++ b/roles/docker-mailu/templates/deploy-letsencrypt-mailu.service.j2 @@ -1,7 +1,6 @@ [Unit] Description=Let's Encrypt Mailu Deploy OnFailure=systemd-email@%n.service -After=nginx.service [Service] Type=oneshot diff --git a/roles/docker-mailu/templates/deploy-letsencrypt-mailu.sh.j2 b/roles/docker-mailu/templates/deploy-letsencrypt-mailu.sh.j2 index 4a18a3fa..59cce521 100644 --- a/roles/docker-mailu/templates/deploy-letsencrypt-mailu.sh.j2 +++ b/roles/docker-mailu/templates/deploy-letsencrypt-mailu.sh.j2 @@ -1,5 +1,4 @@ #!/bin/sh cp /etc/letsencrypt/live/{{domain}}/privkey.pem /etc/mailu/certs/key.pem || exit 1 cp /etc/letsencrypt/live/{{domain}}/fullchain.pem /etc/mailu/certs/cert.pem || exit 1 -sudo cp /etc/letsencrypt/live/{{domain}} /etc/mailu/letsencrypt/ || exit 1 docker exec mailu_front_1 nginx -s reload diff --git a/roles/docker-mailu/templates/deploy-letsencrypt-mailu.timer.j2 b/roles/docker-mailu/templates/deploy-letsencrypt-mailu.timer.j2 new file mode 100644 index 00000000..4436b0a4 --- /dev/null +++ b/roles/docker-mailu/templates/deploy-letsencrypt-mailu.timer.j2 @@ -0,0 +1,10 @@ +[Unit] +Description=Twice daily deployment of Let's Encrypt's certificates + +[Timer] +OnCalendar=0/12:00:00 +RandomizedDelaySec=1h +Persistent=true + +[Install] +WantedBy=timers.target