diff --git a/roles/certbot/handlers/main.yml b/roles/certbot/handlers/main.yml new file mode 100644 index 0000000..82d2202 --- /dev/null +++ b/roles/certbot/handlers/main.yml @@ -0,0 +1,8 @@ +--- +- name: Reload nginx + service: + name: nginx + state: reloaded + +- name: Generate certificates + command: "certbot certonly --non-interactive --config /etc/letsencrypt/conf.d/{{ certbot.certname }}.ini" diff --git a/roles/certbot/tasks/main.yml b/roles/certbot/tasks/main.yml index f29d557..cbce286 100644 --- a/roles/certbot/tasks/main.yml +++ b/roles/certbot/tasks/main.yml @@ -20,20 +20,6 @@ src: "letsencrypt/conf.d/certname.ini.j2" dest: "/etc/letsencrypt/conf.d/{{ certbot.certname }}.ini" mode: 0644 - register: certbot_config - -- name: Stop services to allow certbot to generate a cert. - service: - name: nginx - state: stopped - when: certbot_config.changed - -- name: Generate new certificate if the configuration changed - shell: "certbot certonly --non-interactive --config /etc/letsencrypt/conf.d/{{ certbot.certname }}.ini" - when: certbot_config.changed - -- name: Restart services to allow certbot to generate a cert. - service: - name: nginx - state: started - when: certbot_config.changed + notify: + - Generate certificates + - Reload nginx