diff options
| author | Guilhem Moulin <guilhem@fripost.org> | 2016-03-05 14:55:40 +0100 |
|---|---|---|
| committer | Guilhem Moulin <guilhem@fripost.org> | 2016-03-05 14:55:40 +0100 |
| commit | 06f4a2e56948f0b2e2842a5ba5b9fe0d21bc8ba8 (patch) | |
| tree | 9c3da4ff98ce40873d39ffee0cfd5c7bb22e9661 /roles | |
| parent | 6c7e35dafb99880942e69b510c60cdb5b6b69098 (diff) | |
Let's Encrypt: Only reload (as opposed to restart) postfix/nginx after renewing the cert
Diffstat (limited to 'roles')
| -rw-r--r-- | roles/letsencrypt/templates/etc/letsencrypt-tiny/letsencrypt-certs.conf.j2 | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/roles/letsencrypt/templates/etc/letsencrypt-tiny/letsencrypt-certs.conf.j2 b/roles/letsencrypt/templates/etc/letsencrypt-tiny/letsencrypt-certs.conf.j2 index fef5c62..ca3415a 100644 --- a/roles/letsencrypt/templates/etc/letsencrypt-tiny/letsencrypt-certs.conf.j2 +++ b/roles/letsencrypt/templates/etc/letsencrypt-tiny/letsencrypt-certs.conf.j2 @@ -1,63 +1,63 @@ hash = sha512 keyusage = digitalSignature, keyEncipherment {% if 'IMAP' in group_names %} [imap] certificate-key = /etc/dovecot/ssl/imap.fripost.org.key certificate-chain = /etc/dovecot/ssl/imap.fripost.org.pem subject = /O=Fripost/CN=imap.fripost.org subjectAltName = DNS:imap.fripost.org,DNS:sieve.fripost.org notify = /bin/systemctl restart dovecot {% endif %} {% if 'MSA' in group_names %} [smtp] certificate-key = /etc/postfix/ssl/smtp.fripost.org.key certificate-chain = /etc/postfix/ssl/smtp.fripost.org.pem subject = /O=Fripost/CN=smtp.fripost.org -notify = /bin/systemctl restart postfix +notify = /bin/systemctl reload postfix {% endif %} {% if 'MX' in group_names %} [mx] certificate-key = /etc/postfix/ssl/mx.fripost.org.key certificate-chain = /etc/postfix/ssl/mx.fripost.org.pem subject = /O=Fripost/CN=mx{{ mxno }}.fripost.org -notify = /bin/systemctl restart postfix +notify = /bin/systemctl reload postfix {% endif %} {% if 'lists' in group_names %} [lists] certificate-key = /etc/nginx/ssl/lists.fripost.org.key certificate-chain = /etc/nginx/ssl/lists.fripost.org.pem subject = /O=Fripost/CN=lists.fripost.org -notify = /bin/systemctl restart nginx +notify = /bin/systemctl reload nginx {% endif %} {% if 'wiki' in group_names %} [www] certificate-key = /etc/nginx/ssl/www.fripost.org.key certificate-chain = /etc/nginx/ssl/www.fripost.org.pem subject = /O=Fripost/CN=fripost.org subjectAltName = DNS:fripost.org,DNS:www.fripost.org,DNS:wiki.fripost.org -notify = /bin/systemctl restart nginx +notify = /bin/systemctl reload nginx {% endif %} {% if 'webmail' in group_names %} [webmail] certificate-key = /etc/nginx/ssl/mail.fripost.org.key certificate-chain = /etc/nginx/ssl/mail.fripost.org.pem subject = /O=Fripost/CN=mail.fripost.org subjectAltName = DNS:mail.fripost.org,DNS:webmail.fripost.org -notify = /bin/systemctl restart nginx +notify = /bin/systemctl reload nginx {% endif %} {% if 'git' in group_names %} [git] certificate-key = /etc/nginx/ssl/git.fripost.org.key certificate-chain = /etc/nginx/ssl/git.fripost.org.pem subject = /O=Fripost/CN=git.fripost.org -notify = /bin/systemctl restart nginx +notify = /bin/systemctl reload nginx {% endif %} ; vim:ft=dosini |