Have gobby reload its config when we change its ssl cert

author Julien Cristau <jcristau@debian.org>

Tue, 3 Oct 2017 10:42:35 +0000 (12:42 +0200)

committer Julien Cristau <jcristau@debian.org>

Tue, 3 Oct 2017 10:42:35 +0000 (12:42 +0200)
author Julien Cristau <jcristau@debian.org>
Tue, 3 Oct 2017 10:42:35 +0000 (12:42 +0200)
committer Julien Cristau <jcristau@debian.org>
Tue, 3 Oct 2017 10:42:35 +0000 (12:42 +0200)
diff --git a/modules/roles/manifests/init.pp b/modules/roles/manifests/init.pp

index 8ccca49..43dec32 100644 (file)
--- a/modules/roles/manifests/init.pp
+++ b/modules/roles/manifests/init.pp
@@ -246,13 +246,22 @@ class roles {
         }
  
         if has_role('gobby_debian_org') {
-               ssl::service { 'gobby.debian.org': notify  => Exec['service apache2 reload'], key => true, tlsaport => [443, 6523], }
+               ssl::service { 'gobby.debian.org':
+                       notify  => [ Exec['service apache2 reload'], Exec['reload gobby'] ],
+                       key => true,
+                       tlsaport => [443, 6523],
+               }
                 file { '/etc/ssl/debian-local/other-keys/gobby.debian.org.key':
                         ensure => present,
                         mode => '0440',
                         group => 'gobby',
                         content => inline_template('<%= File.read(scope().call_function("hiera", ["paths.letsencrypt_dir"]) + "/gobby.debian.org.key") %>'),
                         links => follow,
+                       notify => Exec['reload gobby'],
+               }
+               exec { 'reload gobby':
+                       command => 'pkill -u gobby -HUP -x infinoted',
+                       refreshonly => true,
                 }
         }
author	Julien Cristau <jcristau@debian.org>
	Tue, 3 Oct 2017 10:42:35 +0000 (12:42 +0200)
committer	Julien Cristau <jcristau@debian.org>
	Tue, 3 Oct 2017 10:42:35 +0000 (12:42 +0200)