OCSP file update not triggering notify

bzed / bzed-dehydrated

Puppet module for centralized CSR signing using Let’s Encrypt™ and lukas2511/dehydrated - keeping your keys safe on the host they belong to.

9 stars 11 forks source link

OCSP file update not triggering notify #19

Closed dpisano closed 4 years ago

dpisano commented 4 years ago

For some reason when my OCSP files are updated nginx is not getting notified to restart. When that cert is updated the servers is notified and restarts. Bellow is config that I'm using.

  dehydrated::certificate { "${myhostname}" : 
      notify  => Service['nginx'],
  }

dpisano commented 4 years ago

I found the fix for this. It looks like I need to have the notify in both dehydrated::certificate and on the class.

class { 'dehydrated' :
    notify  => Service['nginx'],
}

bzed commented 4 years ago

I found the fix for this. It looks like I need to have the notify in both dehydrated::certificate and on the class.
class { 'dehydrated' :
    notify  => Service['nginx'],
}

I think that one should be enough. If I remember right, dehydrated::certificate notifies dehydrated. But I might bw wrong.

dpisano commented 4 years ago

I just ran a test and it looks like that one should be enough. Thanks.