bastian/deploy_home
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ff8c73cf98958df715bcef61f77a9ad7d9ea602f
deploy_home/ansible/roles/ssl/tasks/cron.yml
Bastian de Byl ff8c73cf98 noticket - updated ansible, letsencrypt crontab
2025-08-01 15:12:46 -04:00

19 lines
795 B
YAML
Raw Blame History

---
- name: renew certbot ssl certificates weekly
become: true
ansible.builtin.cron:
name: certbot_renew
special_time: weekly
job: >-
certbot renew --post-hook "chown -R {{ podman_user }}:{{ podman_user }} /etc/letsencrypt && su -s /bin/sh podman -c 'cd; podman restart nginx'"
tags: cron
- name: monitor and fix letsencrypt permissions
become: true
ansible.builtin.cron:
name: letsencrypt_permission_monitor
minute: "*/5"
job: >-
if [ "$(stat -c '%U:%G' /etc/letsencrypt)" != "{{ podman_user }}:{{ podman_user }}" ]; then chown -R {{ podman_user }}:{{ podman_user }} /etc/letsencrypt && logger "Fixed letsencrypt permissions for podman user" && sudo -H -u {{ podman_user }} bash -c 'cd; podman restart nginx' 2>/dev/null || true; fi
tags: cron
Reference in New Issue View Git Blame Copy Permalink