jadyn/finallycoffee.base
1
0
Fork 0
forked from finallycoffee/base
Code Pull Requests Activity

fix(lego): only start systemd service if certificates are not present or changes occured

Browse Source
This commit is contained in:
transcaffeine 2025-04-23 15:36:18 +02:00
parent 0090baee97
commit 9d4baad491
Signed by untrusted user: transcaffeine
GPG Key ID: 03624C433676E465
1 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
roles/lego/tasks/main.yml
View File

@ -107,6 +107,7 @@
{{ entry.key }}={{ entry.value }} {{ entry.key }}={{ entry.value }}
{% endfor %} {% endfor %}
dest: "{{ lego_base_path }}/{{ lego_instance }}.conf" dest: "{{ lego_base_path }}/{{ lego_instance }}.conf"
register: lego_env_file_info
- name: Ensure timer unit is templated - name: Ensure timer unit is templated
ansible.builtin.template: ansible.builtin.template:
@ -120,6 +121,7 @@
src: "lego_run.sh" src: "lego_run.sh"
dest: "{{ lego_base_path }}/run.sh" dest: "{{ lego_base_path }}/run.sh"
mode: "0755" mode: "0755"
register: lego_handler_script_info
- name: Ensure per-instance base path is created - name: Ensure per-instance base path is created
ansible.builtin.file: ansible.builtin.file:
@ -159,7 +161,18 @@
name: "{{ lego_systemd_timer_name }}" name: "{{ lego_systemd_timer_name }}"
state: "started" state: "started"
- name: Check if certificates are present
ansible.builtin.find:
path: "{{ lego_instance_path }}/certificates"
recurse: false
file_type: "file"
register: lego_certificate_info
- name: Ensure systemd service is started once to obtain the certificate - name: Ensure systemd service is started once to obtain the certificate
ansible.builtin.systemd_service: ansible.builtin.systemd_service:
name: "{{ lego_systemd_service_name }}" name: "{{ lego_systemd_service_name }}"
state: "started" state: "started"
when: >-2
lego_handler_script_info.changed
or lego_env_file_info.changed
or lego_certificate_info.files | default([]) | length == 0