From 1d0ac8ba9d0b47a4754c8f2205233f662354e089 Mon Sep 17 00:00:00 2001
From: Robert Kaussow <mail@geeklabor.de>
Date: Mon, 4 Feb 2019 19:13:45 +0100
Subject: [PATCH] restart mosquitto after tls renewal

---
 .drone.yml        | 24 ++++++++++++++++++++++--
 defaults/main.yml |  7 -------
 tasks/tls.yml     | 16 ++--------------
 3 files changed, 24 insertions(+), 23 deletions(-)

diff --git a/.drone.yml b/.drone.yml
index 289d224..53d816a 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -10,7 +10,8 @@ steps:
       - pip install ansible ansible-later -q
       - git clone https://gitea.rknet.org/ansible/ansible-later-policy.git ~/policy
       - git ls-files *[^LICENSE,.md] | xargs ansible-later -c ~/policy/config.ini
-    depends_on: [ clone ]
+    depends_on:
+      - clone
 
   - name: ansible-master
     image: python:2.7
@@ -19,4 +20,23 @@ steps:
       - pip install ansible ansible-later -q
       - git clone https://gitea.rknet.org/ansible/ansible-later-policy.git ~/policy
       - git ls-files *[^LICENSE,.md] | xargs ansible-later -c ~/policy/config.ini
-    depends_on: [ clone ]
+    depends_on:
+      - clone
+
+  - name: notify
+    image: plugins/matrix
+    settings:
+      homeserver: https://matrix.rknet.org
+      roomid: MtidqQXWWAtQcByBhH:rknet.org
+      template: "Status: **{{ build.status }}**<br/> Build: [{{ repo.Owner }}/{{ repo.Name }}]({{ build.link }}) ({{ build.branch }}) by {{ build.author }}<br/> Message: {{ build.message }}"
+      username:
+        from_secret: matrix_username
+      password:
+        from_secret: matrix_password
+    depends_on:
+      - ansible-latest
+      - ansible-master
+    when:
+      status:
+        - success
+        - failure
diff --git a/defaults/main.yml b/defaults/main.yml
index 56f4e7c..c49a335 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -46,13 +46,6 @@ mosquitto_tls_ciphers:
   - "!SSLv2"
   - "@STRENGTH"
 mosquitto_ca_path: /etc/pki/tls/certs/
-# You can deploy your certificates from a file or from content.
-# If you enable mosquitto_tls_source_use_content you have to put the content of your cert files into
-# mosquitto_tls_cert_path and mosquitto_tls_cert_path.
-mosquitto_tls_source_use_content: False
-# If you enable mosquitto_tls_source_use_files theses variables have to contain the path to your
-# certificate files located on the ansible "master" host
-mosquitto_tls_source_use_files: True
 mosquitto_tls_cert_source: mycert.pem
 mosquitto_tls_key_source: mykey.pem
 mosquitto_tls_cert_path: "{{ mosquitto_base_dir }}/tls/certs/mycert.pem"
diff --git a/tasks/tls.yml b/tasks/tls.yml
index 5aff4c5..dfd1cfb 100644
--- a/tasks/tls.yml
+++ b/tasks/tls.yml
@@ -11,7 +11,7 @@
         - "{{ mosquitto_tls_cert_path | dirname }}"
         - "{{ mosquitto_tls_key_path | dirname }}"
 
-    - name: Copy certs and private key (file)
+    - name: Copy certs and private key
       copy:
         src: "{{ item.src }}"
         dest: "{{ item.dest }}"
@@ -21,18 +21,6 @@
         - { src: "{{ mosquitto_tls_cert_source }}", dest: '{{ mosquitto_tls_cert_path }}', mode: '0750' }
       loop_control:
         label: "{{ item.dest }}"
-      when: mosquitto_tls_source_use_files
-
-    - name: Copy certs and private key (content)
-      copy:
-        content: "{{ item.src }}"
-        dest: "{{ item.dest }}"
-        mode: "{{ item.mode }}"
-      with_items:
-        - { src: "{{ mosquitto_tls_key_source }}", dest: '{{ mosquitto_tls_key_path }}', mode: '0600' }
-        - { src: "{{ mosquitto_tls_cert_source }}", dest: '{{ mosquitto_tls_cert_path }}', mode: '0750' }
-      loop_control:
-        label: "{{ item.dest }}"
-      when: mosquitto_tls_source_use_content
+      notify: __mosquitto_restart
   become: True
   become_user: root