restart mosquitto after tls renewal

2019-02-04 19:13:45 +01:00 · 2019-02-04 19:13:45 +01:00 · 1d0ac8ba9d
parent fb51a02eef
commit 1d0ac8ba9d
3 changed files with 24 additions and 23 deletions
--- a/.drone.yml
+++ b/.drone.yml
@ -10,7 +10,8 @@ steps:
      - pip install ansible ansible-later -q
      - git clone https://gitea.rknet.org/ansible/ansible-later-policy.git ~/policy
      - git ls-files *[^LICENSE,.md] | xargs ansible-later -c ~/policy/config.ini
-    depends_on: [ clone ]
+    depends_on:
+      - clone

  - name: ansible-master
    image: python:2.7
@ -19,4 +20,23 @@ steps:
      - pip install ansible ansible-later -q
      - git clone https://gitea.rknet.org/ansible/ansible-later-policy.git ~/policy
      - git ls-files *[^LICENSE,.md] | xargs ansible-later -c ~/policy/config.ini
-    depends_on: [ clone ]
+    depends_on:
+      - clone
+
+  - name: notify
+    image: plugins/matrix
+    settings:
+      homeserver: https://matrix.rknet.org
+      roomid: MtidqQXWWAtQcByBhH:rknet.org
+      template: "Status: **{{ build.status }}**<br/> Build: [{{ repo.Owner }}/{{ repo.Name }}]({{ build.link }}) ({{ build.branch }}) by {{ build.author }}<br/> Message: {{ build.message }}"
+      username:
+        from_secret: matrix_username
+      password:
+        from_secret: matrix_password
+    depends_on:
+      - ansible-latest
+      - ansible-master
+    when:
+      status:
+        - success
+        - failure
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -46,13 +46,6 @@ mosquitto_tls_ciphers:
  - "!SSLv2"
  - "@STRENGTH"
 mosquitto_ca_path: /etc/pki/tls/certs/
-# You can deploy your certificates from a file or from content.
-# If you enable mosquitto_tls_source_use_content you have to put the content of your cert files into
-# mosquitto_tls_cert_path and mosquitto_tls_cert_path.
-mosquitto_tls_source_use_content: False
-# If you enable mosquitto_tls_source_use_files theses variables have to contain the path to your
-# certificate files located on the ansible "master" host
-mosquitto_tls_source_use_files: True
 mosquitto_tls_cert_source: mycert.pem
 mosquitto_tls_key_source: mykey.pem
 mosquitto_tls_cert_path: "{{ mosquitto_base_dir }}/tls/certs/mycert.pem"
--- a/tasks/tls.yml
+++ b/tasks/tls.yml
@ -11,7 +11,7 @@
        - "{{ mosquitto_tls_cert_path | dirname }}"
        - "{{ mosquitto_tls_key_path | dirname }}"

-    - name: Copy certs and private key (file)
+    - name: Copy certs and private key
      copy:
        src: "{{ item.src }}"
        dest: "{{ item.dest }}"
@ -21,18 +21,6 @@
        - { src: "{{ mosquitto_tls_cert_source }}", dest: '{{ mosquitto_tls_cert_path }}', mode: '0750' }
      loop_control:
        label: "{{ item.dest }}"
-      when: mosquitto_tls_source_use_files
-
-    - name: Copy certs and private key (content)
-      copy:
-        content: "{{ item.src }}"
-        dest: "{{ item.dest }}"
-        mode: "{{ item.mode }}"
-      with_items:
-        - { src: "{{ mosquitto_tls_key_source }}", dest: '{{ mosquitto_tls_key_path }}', mode: '0600' }
-        - { src: "{{ mosquitto_tls_cert_source }}", dest: '{{ mosquitto_tls_cert_path }}', mode: '0750' }
-      loop_control:
-        label: "{{ item.dest }}"
-      when: mosquitto_tls_source_use_content
+      notify: __mosquitto_restart
  become: True
  become_user: root