From b0ca89c2c6fa00d5405e4a6b8e77d198827adff6 Mon Sep 17 00:00:00 2001
From: Bastian de Byl <bastian@bdebyl.net>
Date: Tue, 20 Sep 2022 12:36:41 -0400
Subject: [PATCH] fixed post-hook for permissions on renew SSL

---
 ansible/roles/ssl/tasks/cron.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ansible/roles/ssl/tasks/cron.yml b/ansible/roles/ssl/tasks/cron.yml
index 6c31179..26b61dd 100644
--- a/ansible/roles/ssl/tasks/cron.yml
+++ b/ansible/roles/ssl/tasks/cron.yml
@@ -5,5 +5,5 @@
     name: certbot_renew
     special_time: weekly
     job: >-
-      certbot renew --post-hook "su -s /bin/sh podman -c 'cd; podman restart nginx'"
+      certbot renew --post-hook "chown -R {{ podman_user }}:{{ podman_user }} /etc/letsencrypt && su -s /bin/sh podman -c 'cd; podman restart nginx'"
   tags: cron