Stop using Ansible's cron module

This is mainly to address SSL renewal not working for us due to: - https://github.com/ansible/ansible/issues/71213 - https://github.com/ansible/ansible/pull/71207 Using the cron module was hacky anyway. We shouldn't need an extra level of buggy abstraction to manage a cronjob file.
2020-09-06 10:49:19 +03:00
parent 4ef873ceb0
commit 2a1ec38e3a
4 changed files with 19 additions and 57 deletions
--- a/roles/matrix-coturn/tasks/setup_coturn.yml
+++ b/roles/matrix-coturn/tasks/setup_coturn.yml
@ -91,15 +91,10 @@
 # We optimize for the common use-case though (short-lived Let's Encrypt certificates).
 # Reloading doesn't hurt anyway, so there's no need to make this more flexible.
 - name: Ensure periodic reloading of matrix-coturn is configured for SSL renewal (matrix-coturn-reload)
-  cron:
-    user: root
-    cron_file: matrix-coturn-ssl-reload
-    name: matrix-coturn-ssl-reload
-    state: present
-    hour: "4"
-    minute: "20"
-    day: "*/5"
-    job: "{{ matrix_host_command_systemctl }} reload matrix-coturn.service"
+  template:
+    src: "{{ role_path }}/templates/cron.d/matrix-coturn-ssl-reload.j2"
+    dest: /etc/cron.d/matrix-coturn-ssl-reload
+    mode: 0644
  when: "matrix_coturn_enabled|bool and matrix_coturn_tls_enabled|bool"


@ -108,9 +103,8 @@
 #

 - name: Ensure matrix-coturn-ssl-reload cronjob removed
-  cron:
-    user: root
-    cron_file: matrix-coturn-ssl-reload
+  file:
+    path: /etc/cron.d/matrix-coturn-ssl-reload
    state: absent
  when: "not matrix_coturn_enabled|bool or not matrix_coturn_tls_enabled|bool"

--- a/roles/matrix-coturn/templates/cron.d/matrix-coturn-ssl-reload.j2
+++ b/roles/matrix-coturn/templates/cron.d/matrix-coturn-ssl-reload.j2
@ -0,0 +1 @@
+20 4 */5 * * root {{ matrix_host_command_systemctl }} reload matrix-coturn.service
				`@ -0,0 +1 @@`
				`20 4 /5 * root {{ matrix_host_command_systemctl }} reload matrix-coturn.service`