From 2978ef8177c77311f53670c0fd9a427bafd4743c Mon Sep 17 00:00:00 2001 From: Markus Hauschild Date: Tue, 28 Feb 2017 14:48:03 +0100 Subject: [PATCH] Fix certmgr actions for cron usage. --- roles/certmgr/tasks/main.yml | 1 - roles/gogs/templates/certs.j2 | 4 ++-- roles/mail/templates/certs.j2 | 8 ++++---- roles/mail/templates/mailman/certs.j2 | 4 ++-- roles/owncloud/templates/certs.j2 | 4 ++-- roles/prosody/templates/certs.j2 | 4 ++-- roles/slapd/tasks/main.yml | 2 +- roles/web/files/certs | 8 ++++---- 8 files changed, 17 insertions(+), 18 deletions(-) diff --git a/roles/certmgr/tasks/main.yml b/roles/certmgr/tasks/main.yml index 70bbe34..a362160 100644 --- a/roles/certmgr/tasks/main.yml +++ b/roles/certmgr/tasks/main.yml @@ -42,4 +42,3 @@ - name: Enable acertmgr cronjob cron: name=certmgr special_time=daily job=/opt/acertmgr/acertmgr.py - tags: certmgr diff --git a/roles/gogs/templates/certs.j2 b/roles/gogs/templates/certs.j2 index b130a68..3986848 100644 --- a/roles/gogs/templates/certs.j2 +++ b/roles/gogs/templates/certs.j2 @@ -6,10 +6,10 @@ group: root perm: '400' format: key - action: 'service nginx restart' + action: '/usr/sbin/service nginx restart' - path: /etc/nginx/ssl/{{ gogs_domain }}.crt user: root group: root perm: '400' format: crt,ca - action: 'service nginx restart' + action: '/usr/sbin/service nginx restart' diff --git a/roles/mail/templates/certs.j2 b/roles/mail/templates/certs.j2 index 6ba8dbd..8e58281 100644 --- a/roles/mail/templates/certs.j2 +++ b/roles/mail/templates/certs.j2 @@ -6,22 +6,22 @@ group: postfix perm: '400' format: key - action: 'service postfix restart' + action: '/usr/sbin/service postfix restart' - path: /etc/postfix/ssl/{{ mail_server }}.crt user: postfix group: postfix perm: '400' format: crt,ca - action: 'service postfix restart' + action: '/usr/sbin/service postfix restart' - path: /etc/dovecot/ssl/{{ mail_server }}.key user: dovecot group: dovecot perm: '400' format: key - action: 'service dovecot restart' + action: '/usr/sbin/service dovecot restart' - path: /etc/dovecot/ssl/{{ mail_server }}.crt user: dovecot group: dovecot perm: '400' format: crt,ca - action: 'service dovecot restart' + action: '/usr/sbin/service dovecot restart' diff --git a/roles/mail/templates/mailman/certs.j2 b/roles/mail/templates/mailman/certs.j2 index 1261d46..aa86035 100644 --- a/roles/mail/templates/mailman/certs.j2 +++ b/roles/mail/templates/mailman/certs.j2 @@ -6,10 +6,10 @@ group: root perm: '400' format: key - action: 'service nginx restart' + action: '/usr/sbin/service nginx restart' - path: /etc/nginx/ssl/{{ mailman_domain }}.crt user: root group: root perm: '400' format: crt,ca - action: 'service nginx restart' + action: '/usr/sbin/service nginx restart' diff --git a/roles/owncloud/templates/certs.j2 b/roles/owncloud/templates/certs.j2 index 0926425..8da13fb 100644 --- a/roles/owncloud/templates/certs.j2 +++ b/roles/owncloud/templates/certs.j2 @@ -6,10 +6,10 @@ group: root perm: '400' format: key - action: 'service nginx restart' + action: '/usr/sbin/service nginx restart' - path: /etc/nginx/ssl/{{ owncloud_domain }}.crt user: root group: root perm: '400' format: crt,ca - action: 'service nginx restart' + action: '/usr/sbin/service nginx restart' diff --git a/roles/prosody/templates/certs.j2 b/roles/prosody/templates/certs.j2 index 877750d..ef2c80a 100644 --- a/roles/prosody/templates/certs.j2 +++ b/roles/prosody/templates/certs.j2 @@ -6,10 +6,10 @@ group: prosody perm: '400' format: key - action: 'service prosody restart' + action: '/usr/sbin/service prosody restart' - path: /etc/prosody/certs/{{ prosody_domain }}.crt user: prosody group: prosody perm: '400' format: crt,ca - action: 'service prosody restart' + action: '/usr/sbin/service prosody restart' diff --git a/roles/slapd/tasks/main.yml b/roles/slapd/tasks/main.yml index 37d1481..28c51a0 100644 --- a/roles/slapd/tasks/main.yml +++ b/roles/slapd/tasks/main.yml @@ -40,7 +40,7 @@ - name: Ensure certificates are available command: openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/ldap/ssl/srv.key -out /etc/ldap/ssl/srv.crt -days 730 -subj "/CN={{ slapd_hostname }}" creates=/etc/ldap/ssl/srv.crt notify: Restart slapd - tags: nginx + tags: ldap - name: Start slapd service: name=slapd state=started enabled=yes diff --git a/roles/web/files/certs b/roles/web/files/certs index f4f2769..a8c887f 100644 --- a/roles/web/files/certs +++ b/roles/web/files/certs @@ -6,13 +6,13 @@ www.binary-kitchen.de binary-kitchen.de: group: root perm: '400' format: crt,ca - action: 'service nginx restart' + action: '/usr/sbin/service nginx restart' - path: /etc/nginx/ssl/www.binary-kitchen.de.key user: root group: root perm: '400' format: key - action: 'service nginx restart' + action: '/usr/sbin/service nginx restart' www.ccc-r.de: - path: /etc/nginx/ssl/www.ccc-r.de.crt @@ -20,10 +20,10 @@ www.ccc-r.de: group: root perm: '400' format: crt,ca - action: 'service nginx restart' + action: '/usr/sbin/service nginx restart' - path: /etc/nginx/ssl/www.ccc-r.de.key user: root group: root perm: '400' format: key - action: 'service nginx restart' + action: '/usr/sbin/service nginx restart'