From 94deb71dabc2c2f0cc2a06a517b18a69d5439867 Mon Sep 17 00:00:00 2001
From: Jason Rothstein <fdragon@fdragon.org>
Date: Tue, 26 Oct 2021 22:14:09 -0500
Subject: [PATCH] Reload apache config automatically for Lets Encrypt

---
 .../lib/systemd/system/htcacheclean.service   | 11 +++++++
 .../lib/systemd/system/httpd-reload.service   |  6 ++++
 .../usr/lib/systemd/system/httpd-reload.timer |  5 +++
 .../34/usr/lib/systemd/system/httpd.service   | 33 +++++++++++++++++++
 .../34/usr/lib/systemd/system/httpd.socket    | 13 ++++++++
 .../34/usr/lib/systemd/system/httpd@.service  | 26 +++++++++++++++
 vars/Fedora-34-default.yml                    | 28 ++++++++++++++++
 7 files changed, 122 insertions(+)
 create mode 100644 templates/Fedora/34/usr/lib/systemd/system/htcacheclean.service
 create mode 100644 templates/Fedora/34/usr/lib/systemd/system/httpd-reload.service
 create mode 100644 templates/Fedora/34/usr/lib/systemd/system/httpd-reload.timer
 create mode 100644 templates/Fedora/34/usr/lib/systemd/system/httpd.service
 create mode 100644 templates/Fedora/34/usr/lib/systemd/system/httpd.socket
 create mode 100644 templates/Fedora/34/usr/lib/systemd/system/httpd@.service

diff --git a/templates/Fedora/34/usr/lib/systemd/system/htcacheclean.service b/templates/Fedora/34/usr/lib/systemd/system/htcacheclean.service
new file mode 100644
index 0000000..d1e9d60
--- /dev/null
+++ b/templates/Fedora/34/usr/lib/systemd/system/htcacheclean.service
@@ -0,0 +1,11 @@
+[Unit]
+Description=Disk Cache Cleaning Daemon for the Apache HTTP Server
+After=httpd.service
+Documentation=man:htcacheclean.service(8)
+
+[Service]
+Type=forking
+User=apache
+PIDFile=/run/httpd/htcacheclean/pid
+EnvironmentFile=/etc/sysconfig/htcacheclean
+ExecStart=/usr/sbin/htcacheclean -P /run/httpd/htcacheclean/pid -d $INTERVAL -p $CACHE_ROOT -l $LIMIT $OPTIONS
diff --git a/templates/Fedora/34/usr/lib/systemd/system/httpd-reload.service b/templates/Fedora/34/usr/lib/systemd/system/httpd-reload.service
new file mode 100644
index 0000000..a98c5e5
--- /dev/null
+++ b/templates/Fedora/34/usr/lib/systemd/system/httpd-reload.service
@@ -0,0 +1,6 @@
+[Unit]
+Description=Reload Apache
+
+[Service]
+Type=onshot
+ExecStart=/bin/systemctl reload httpd.service
diff --git a/templates/Fedora/34/usr/lib/systemd/system/httpd-reload.timer b/templates/Fedora/34/usr/lib/systemd/system/httpd-reload.timer
new file mode 100644
index 0000000..b4575b1
--- /dev/null
+++ b/templates/Fedora/34/usr/lib/systemd/system/httpd-reload.timer
@@ -0,0 +1,5 @@
+[Timer]
+OnCalendar=minutely
+
+[Install]
+WantedBy=timer.target
diff --git a/templates/Fedora/34/usr/lib/systemd/system/httpd.service b/templates/Fedora/34/usr/lib/systemd/system/httpd.service
new file mode 100644
index 0000000..c5b5e08
--- /dev/null
+++ b/templates/Fedora/34/usr/lib/systemd/system/httpd.service
@@ -0,0 +1,33 @@
+# See httpd.service(8) for more information on using the httpd service.
+
+# Modifying this file in-place is not recommended, because changes
+# will be overwritten during package upgrades.  To customize the
+# behaviour, run "systemctl edit httpd" to create an override unit.
+
+# For example, to pass additional options (such as -D definitions) to
+# the httpd binary at startup, create an override unit (as is done by
+# systemctl edit) and enter the following:
+
+#	[Service]
+#	Environment=OPTIONS=-DMY_DEFINE
+
+[Unit]
+Description=The Apache HTTP Server
+Wants=httpd-init.service
+After=network.target remote-fs.target nss-lookup.target httpd-init.service
+Documentation=man:httpd.service(8)
+
+[Service]
+Type=notify
+Environment=LANG=C
+
+ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND
+ExecReload=/usr/sbin/httpd $OPTIONS -k graceful
+# Send SIGWINCH for graceful stop
+KillSignal=SIGWINCH
+KillMode=mixed
+PrivateTmp=true
+OOMPolicy=continue
+
+[Install]
+WantedBy=multi-user.target
diff --git a/templates/Fedora/34/usr/lib/systemd/system/httpd.socket b/templates/Fedora/34/usr/lib/systemd/system/httpd.socket
new file mode 100644
index 0000000..074695e
--- /dev/null
+++ b/templates/Fedora/34/usr/lib/systemd/system/httpd.socket
@@ -0,0 +1,13 @@
+# See httpd.socket(8) for more information on using the httpd service.
+
+[Unit]
+Description=Apache httpd Server Socket
+Documentation=man:httpd.socket(8)
+
+[Socket]
+ListenStream=80
+NoDelay=true
+DeferAcceptSec=30
+
+[Install]
+WantedBy=sockets.target
diff --git a/templates/Fedora/34/usr/lib/systemd/system/httpd@.service b/templates/Fedora/34/usr/lib/systemd/system/httpd@.service
new file mode 100644
index 0000000..84424fb
--- /dev/null
+++ b/templates/Fedora/34/usr/lib/systemd/system/httpd@.service
@@ -0,0 +1,26 @@
+# This is a template for httpd instances.
+# See httpd@.service(8) for more information.
+
+[Unit]
+Description=The Apache HTTP Server
+After=network.target remote-fs.target nss-lookup.target
+Documentation=man:httpd@.service(8)
+
+[Service]
+Type=notify
+Environment=LANG=C
+Environment=HTTPD_INSTANCE=%i
+ExecStartPre=/bin/mkdir -m 710 -p /run/httpd/instance-%i
+ExecStartPre=/bin/chown root.apache /run/httpd/instance-%i
+ExecStartPre=/bin/mkdir -m 700 -p /var/lib/httpd/instance-%i
+ExecStartPre=/bin/chown apache.apache /var/lib/httpd/instance-%i
+ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND -f conf/%i.conf
+ExecReload=/usr/sbin/httpd $OPTIONS -k graceful -f conf/%i.conf
+# Send SIGWINCH for graceful stop
+KillSignal=SIGWINCH
+KillMode=mixed
+PrivateTmp=true
+OOMPolicy=continue
+
+[Install]
+WantedBy=multi-user.target
diff --git a/vars/Fedora-34-default.yml b/vars/Fedora-34-default.yml
index 826a3be..70287a1 100644
--- a/vars/Fedora-34-default.yml
+++ b/vars/Fedora-34-default.yml
@@ -28,6 +28,9 @@ service_list:
   - name: 'httpd.service'
     state: 'started'
     enabled: 'yes'
+  - name: 'httpd-reload.timer'
+    state: 'started'
+    enabled: 'yes'
 template_list:
   - dest: '/etc/httpd/conf.d/autoindex.conf'
     group: 'root'
@@ -144,3 +147,28 @@ template_list:
     mode: '0644'
     owner: 'root'
     src: '{{ ansible_distribution }}/{{ ansible_distribution_major_version }}/etc/sysconfig/htcacheclean'
+  - dest: '/usr/lib/systemd/system/htcacheclean.service'
+    group: 'root'
+    mode: '0644'
+    owner: 'root'
+    src: '{{ ansible_distribution }}/{{ ansible_distribution_major_version }}/usr/lib/systemd/system/htcacheclean.service'
+  - dest: '/usr/lib/systemd/system/httpd.service'
+    group: 'root'
+    mode: '0644'
+    owner: 'root'
+    src: '{{ ansible_distribution }}/{{ ansible_distribution_major_version }}/usr/lib/systemd/system/httpd.service'
+  - dest: '/usr/lib/systemd/system/httpd.socket'
+    group: 'root'
+    mode: '0644'
+    owner: 'root'
+    src: '{{ ansible_distribution }}/{{ ansible_distribution_major_version }}/usr/lib/systemd/system/httpd.socket'
+  - dest: '/usr/lib/systemd/system/httpd.timer'
+    group: 'root'
+    mode: '0644'
+    owner: 'root'
+    src: '{{ ansible_distribution }}/{{ ansible_distribution_major_version }}/usr/lib/systemd/system/httpd.timer'
+  - dest: '/usr/lib/systemd/system/httpd@.service'
+    group: 'root'
+    mode: '0644'
+    owner: 'root'
+    src: '{{ ansible_distribution }}/{{ ansible_distribution_major_version }}/usr/lib/systemd/system/httpd@.service'