ssl handler fix for ssl role

alphanodes · Nov 1, 2023 · 585a4cf · 585a4cf
1 parent f713e6f
commit 585a4cf
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 10 deletions.
diff --git a/roles/ssl/handlers/main.yml b/roles/ssl/handlers/main.yml
@@ -1,13 +1,16 @@
 ---
 # handlers file for ssl
 
-- name: Check for Reload nginx
-  ansible.builtin.command: /bin/true
-  when:
-    - nginx_with_ssl is defined
-    - nginx_with_ssl
-  notify: Reload nginx
-
 - name: Update ca certificates
   ansible.builtin.command: update-ca-certificates
   notify: Restart nginx
+
+- name: Restart nginx
+  ansible.builtin.command: nginx -t -c /etc/nginx/nginx.conf
+  changed_when: false
+  notify: Real restart nginx
+
+- name: Real restart nginx
+  ansible.builtin.systemd:
+    name: nginx
+    state: restarted
diff --git a/roles/ssl/tasks/setup_certs_and_key.yml b/roles/ssl/tasks/setup_certs_and_key.yml
@@ -90,7 +90,7 @@
     owner: '{{ ssl_cert_owner }}'
     group: '{{ ssl_cert_group }}'
     mode: 0644
-  notify: Check for Reload nginx
+  notify: Restart nginx
   when: ssl_cert.provider is undefined
 
 - name: Check trusted TLS cert - {{ ssl_cert.name }}
@@ -109,7 +109,7 @@
   when:
     - ssl_cert.provider is undefined
     - trusted_cert.stat.exists
-  notify: Check for Reload nginx
+  notify: Restart nginx
 
 - name: Remove obsolete trusted ssl certificates - {{ ssl_cert.name }}
   ansible.builtin.file:
@@ -126,5 +126,5 @@
     owner: '{{ ssl_cert_owner }}'
     group: '{{ ssl_cert_group }}'
     mode: 0640
-  notify: Check for Reload nginx
+  notify: Restart nginx
   when: ssl_cert.provider is undefined