restart mosquitto after tls renewal
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
parent
fb51a02eef
commit
1d0ac8ba9d
24
.drone.yml
24
.drone.yml
@ -10,7 +10,8 @@ steps:
|
||||
- pip install ansible ansible-later -q
|
||||
- git clone https://gitea.rknet.org/ansible/ansible-later-policy.git ~/policy
|
||||
- git ls-files *[^LICENSE,.md] | xargs ansible-later -c ~/policy/config.ini
|
||||
depends_on: [ clone ]
|
||||
depends_on:
|
||||
- clone
|
||||
|
||||
- name: ansible-master
|
||||
image: python:2.7
|
||||
@ -19,4 +20,23 @@ steps:
|
||||
- pip install ansible ansible-later -q
|
||||
- git clone https://gitea.rknet.org/ansible/ansible-later-policy.git ~/policy
|
||||
- git ls-files *[^LICENSE,.md] | xargs ansible-later -c ~/policy/config.ini
|
||||
depends_on: [ clone ]
|
||||
depends_on:
|
||||
- clone
|
||||
|
||||
- name: notify
|
||||
image: plugins/matrix
|
||||
settings:
|
||||
homeserver: https://matrix.rknet.org
|
||||
roomid: MtidqQXWWAtQcByBhH:rknet.org
|
||||
template: "Status: **{{ build.status }}**<br/> Build: [{{ repo.Owner }}/{{ repo.Name }}]({{ build.link }}) ({{ build.branch }}) by {{ build.author }}<br/> Message: {{ build.message }}"
|
||||
username:
|
||||
from_secret: matrix_username
|
||||
password:
|
||||
from_secret: matrix_password
|
||||
depends_on:
|
||||
- ansible-latest
|
||||
- ansible-master
|
||||
when:
|
||||
status:
|
||||
- success
|
||||
- failure
|
||||
|
@ -46,13 +46,6 @@ mosquitto_tls_ciphers:
|
||||
- "!SSLv2"
|
||||
- "@STRENGTH"
|
||||
mosquitto_ca_path: /etc/pki/tls/certs/
|
||||
# You can deploy your certificates from a file or from content.
|
||||
# If you enable mosquitto_tls_source_use_content you have to put the content of your cert files into
|
||||
# mosquitto_tls_cert_path and mosquitto_tls_cert_path.
|
||||
mosquitto_tls_source_use_content: False
|
||||
# If you enable mosquitto_tls_source_use_files theses variables have to contain the path to your
|
||||
# certificate files located on the ansible "master" host
|
||||
mosquitto_tls_source_use_files: True
|
||||
mosquitto_tls_cert_source: mycert.pem
|
||||
mosquitto_tls_key_source: mykey.pem
|
||||
mosquitto_tls_cert_path: "{{ mosquitto_base_dir }}/tls/certs/mycert.pem"
|
||||
|
@ -11,7 +11,7 @@
|
||||
- "{{ mosquitto_tls_cert_path | dirname }}"
|
||||
- "{{ mosquitto_tls_key_path | dirname }}"
|
||||
|
||||
- name: Copy certs and private key (file)
|
||||
- name: Copy certs and private key
|
||||
copy:
|
||||
src: "{{ item.src }}"
|
||||
dest: "{{ item.dest }}"
|
||||
@ -21,18 +21,6 @@
|
||||
- { src: "{{ mosquitto_tls_cert_source }}", dest: '{{ mosquitto_tls_cert_path }}', mode: '0750' }
|
||||
loop_control:
|
||||
label: "{{ item.dest }}"
|
||||
when: mosquitto_tls_source_use_files
|
||||
|
||||
- name: Copy certs and private key (content)
|
||||
copy:
|
||||
content: "{{ item.src }}"
|
||||
dest: "{{ item.dest }}"
|
||||
mode: "{{ item.mode }}"
|
||||
with_items:
|
||||
- { src: "{{ mosquitto_tls_key_source }}", dest: '{{ mosquitto_tls_key_path }}', mode: '0600' }
|
||||
- { src: "{{ mosquitto_tls_cert_source }}", dest: '{{ mosquitto_tls_cert_path }}', mode: '0750' }
|
||||
loop_control:
|
||||
label: "{{ item.dest }}"
|
||||
when: mosquitto_tls_source_use_content
|
||||
notify: __mosquitto_restart
|
||||
become: True
|
||||
become_user: root
|
||||
|
Loading…
Reference in New Issue
Block a user