Remove the old letsencrypt cron script, now we randomise the time inside the cron job definition itself.

This commit is contained in:
Andrea Dell'Amico 2018-07-17 18:11:56 +02:00
parent 86b8d03a17
commit 5dedaab7c0
2 changed files with 5 additions and 17 deletions

View File

@ -110,7 +110,7 @@
- name: Install a script that requests the certificates and manage the self signed certificate
template: src=acme-cert-request.sh.j2 dest=/usr/local/bin/acme-cert-request owner=root group=root mode=0755
when: letsencrypt_acme_install
tags: letsencrypt
tags: [ 'letsencrypt', 'letsencrypt_cron' ]
- name: Set certificates as to be revoked
become: True
@ -122,15 +122,15 @@
- letsencrypt_certs_revoke_list is defined
tags: letsencrypt
- name: Install a script that will be used to renew the certificate when needed
template: src=cron-acme-cert-request.j2 dest=/usr/local/bin/cron-acme-cert-request mode=0755
- name: Remove the old cron script
file: dest=/usr/local/bin/cron-acme-cert-request state=absent
when: letsencrypt_acme_install
tags: [ 'letsencrypt', 'letsencrypt_cron' ]
- name: Install a daily cron job to renew the certificates when needed
become: True
become_user: '{{ letsencrypt_acme_user }}'
cron: name="Letsencrypt certificate renewal" day={{ letsencrypt_acme_cron_day_of_month }} hour={{ letsencrypt_acme_cron_hour }} minute={{ letsencrypt_acme_cron_minute }} job="/usr/local/bin/cron-acme-cert-request > {{ letsencrypt_acme_log_dir }}/acme-cron.log 2>&1"
cron: name="Letsencrypt certificate renewal" day={{ letsencrypt_acme_cron_day_of_month }} hour={{ letsencrypt_acme_cron_hour }} minute={{ letsencrypt_acme_cron_minute }} job="/usr/local/bin/acme-cert-request > {{ letsencrypt_acme_log_dir }}/acme-cron.log 2>&1"
when: letsencrypt_acme_install
tags: [ 'letsencrypt', 'letsencrypt_cron' ]
@ -138,7 +138,7 @@
become: True
become_user: '{{ letsencrypt_acme_user }}'
command: '/usr/local/bin/acme-cert-request'
when: ( letsencrypt_new_desired_file | changed )
when: letsencrypt_new_desired_file is changed
ignore_errors: True
tags: letsencrypt

View File

@ -1,12 +0,0 @@
#!/bin/bash
CMD=/usr/local/bin/acme-cert-request
SLEEP_SECONDS=$(echo $[($RANDOM %1200)])
sleep ${SLEEP_SECONDS}
/usr/local/bin/acme-cert-request
RETVAL=$?
exit $RETVAL