Cert renewal must bounce nginx

lobsters / lobsters-ansible

Ansible playbook for lobste.rs

ISC License

78 stars 25 forks source link

Cert renewal must bounce nginx #42

Closed pushcx closed 11 months ago

pushcx commented 5 years ago

I noticed our cert was due to expire. @alanpost diagnosed that the cert had correctly renewed but we needed to restart nginx for it to replace the old one.

We need cert renewal to signal/restart nginx to promptly start using the new cert.

Tenzer commented 4 years ago

I believe using the Nginx plugin for Certbot should solve this, alternatively manual hooks can be specified to be run before and after the certificate renewals.

The Let's Encrypt installation and configuration doesn't seem to be part of this repository, so not really possible to contribute to.

pushcx commented 11 months ago

The certbot ansible module I added now handles this correctly.