diff options
author | Micah Anderson <micah@riseup.net> | 2022-06-14 11:14:57 -0400 |
---|---|---|
committer | Micah Anderson <micah@riseup.net> | 2022-06-14 11:18:16 -0400 |
commit | 470fbcbce59c4c4f6183e1c19ef645347a25ca9a (patch) | |
tree | 213d9b839b8b546e5371dc75abed3cff6704c3d5 | |
parent | 6d579242df315671252c38a183bce44551ee4cb5 (diff) |
Make sure openvpn is restarted when the gw certificate changes.
-rw-r--r-- | config/roles/openvpn/handlers/main.yml | 2 | ||||
-rw-r--r-- | config/roles/openvpn/tasks/credentials.yml | 6 |
2 files changed, 7 insertions, 1 deletions
diff --git a/config/roles/openvpn/handlers/main.yml b/config/roles/openvpn/handlers/main.yml index 2c3168a..8178e77 100644 --- a/config/roles/openvpn/handlers/main.yml +++ b/config/roles/openvpn/handlers/main.yml @@ -5,7 +5,7 @@ name: firewall.service state: restarted -- listen: "restart docker-openvpn-openvpn" +- listen: "restart openvpn" systemd: name: "docker-openvpn-openvpn.service" state: restarted diff --git a/config/roles/openvpn/tasks/credentials.yml b/config/roles/openvpn/tasks/credentials.yml index 0559455..35632d2 100644 --- a/config/roles/openvpn/tasks/credentials.yml +++ b/config/roles/openvpn/tasks/credentials.yml @@ -9,6 +9,12 @@ ca: "{{ credentials_dir }}/common/api_ca.crt" ca_key: "{{ credentials_dir }}/common/api_ca.key" +- name: Restart openvpn because gateway certificate has changed + systemd: + name: docker-openvpn-openvpn.service + state: restarted + when: sspki_sign.changed + - name: Add the docker-openvpn user to the openvpn-sspki group user: name: docker-openvpn |