Reload apache config automatically for Lets Encrypt

2021-10-26 22:14:09 -05:00 · 2021-10-26 22:14:09 -05:00 · 94deb71dab
commit 94deb71dab
parent e1d048dd8d
7 changed files with 122 additions and 0 deletions
--- a/templates/Fedora/34/usr/lib/systemd/system/htcacheclean.service
+++ b/templates/Fedora/34/usr/lib/systemd/system/htcacheclean.service
@ -0,0 +1,11 @@
+[Unit]
+Description=Disk Cache Cleaning Daemon for the Apache HTTP Server
+After=httpd.service
+Documentation=man:htcacheclean.service(8)
+
+[Service]
+Type=forking
+User=apache
+PIDFile=/run/httpd/htcacheclean/pid
+EnvironmentFile=/etc/sysconfig/htcacheclean
+ExecStart=/usr/sbin/htcacheclean -P /run/httpd/htcacheclean/pid -d $INTERVAL -p $CACHE_ROOT -l $LIMIT $OPTIONS
--- a/templates/Fedora/34/usr/lib/systemd/system/httpd-reload.service
+++ b/templates/Fedora/34/usr/lib/systemd/system/httpd-reload.service
@ -0,0 +1,6 @@
+[Unit]
+Description=Reload Apache
+
+[Service]
+Type=onshot
+ExecStart=/bin/systemctl reload httpd.service
--- a/templates/Fedora/34/usr/lib/systemd/system/httpd-reload.timer
+++ b/templates/Fedora/34/usr/lib/systemd/system/httpd-reload.timer
@ -0,0 +1,5 @@
+[Timer]
+OnCalendar=minutely
+
+[Install]
+WantedBy=timer.target
--- a/templates/Fedora/34/usr/lib/systemd/system/httpd.service
+++ b/templates/Fedora/34/usr/lib/systemd/system/httpd.service
@ -0,0 +1,33 @@
+# See httpd.service(8) for more information on using the httpd service.
+
+# Modifying this file in-place is not recommended, because changes
+# will be overwritten during package upgrades.  To customize the
+# behaviour, run "systemctl edit httpd" to create an override unit.
+
+# For example, to pass additional options (such as -D definitions) to
+# the httpd binary at startup, create an override unit (as is done by
+# systemctl edit) and enter the following:
+
+#	[Service]
+#	Environment=OPTIONS=-DMY_DEFINE
+
+[Unit]
+Description=The Apache HTTP Server
+Wants=httpd-init.service
+After=network.target remote-fs.target nss-lookup.target httpd-init.service
+Documentation=man:httpd.service(8)
+
+[Service]
+Type=notify
+Environment=LANG=C
+
+ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND
+ExecReload=/usr/sbin/httpd $OPTIONS -k graceful
+# Send SIGWINCH for graceful stop
+KillSignal=SIGWINCH
+KillMode=mixed
+PrivateTmp=true
+OOMPolicy=continue
+
+[Install]
+WantedBy=multi-user.target
--- a/templates/Fedora/34/usr/lib/systemd/system/httpd.socket
+++ b/templates/Fedora/34/usr/lib/systemd/system/httpd.socket
@ -0,0 +1,13 @@
+# See httpd.socket(8) for more information on using the httpd service.
+
+[Unit]
+Description=Apache httpd Server Socket
+Documentation=man:httpd.socket(8)
+
+[Socket]
+ListenStream=80
+NoDelay=true
+DeferAcceptSec=30
+
+[Install]
+WantedBy=sockets.target
--- a/templates/Fedora/34/usr/lib/systemd/system/httpd@.service
+++ b/templates/Fedora/34/usr/lib/systemd/system/httpd@.service
@ -0,0 +1,26 @@
+# This is a template for httpd instances.
+# See httpd@.service(8) for more information.
+
+[Unit]
+Description=The Apache HTTP Server
+After=network.target remote-fs.target nss-lookup.target
+Documentation=man:httpd@.service(8)
+
+[Service]
+Type=notify
+Environment=LANG=C
+Environment=HTTPD_INSTANCE=%i
+ExecStartPre=/bin/mkdir -m 710 -p /run/httpd/instance-%i
+ExecStartPre=/bin/chown root.apache /run/httpd/instance-%i
+ExecStartPre=/bin/mkdir -m 700 -p /var/lib/httpd/instance-%i
+ExecStartPre=/bin/chown apache.apache /var/lib/httpd/instance-%i
+ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND -f conf/%i.conf
+ExecReload=/usr/sbin/httpd $OPTIONS -k graceful -f conf/%i.conf
+# Send SIGWINCH for graceful stop
+KillSignal=SIGWINCH
+KillMode=mixed
+PrivateTmp=true
+OOMPolicy=continue
+
+[Install]
+WantedBy=multi-user.target
--- a/vars/Fedora-34-default.yml
+++ b/vars/Fedora-34-default.yml
@ -28,6 +28,9 @@ service_list:
  - name: 'httpd.service'
    state: 'started'
    enabled: 'yes'
+  - name: 'httpd-reload.timer'
+    state: 'started'
+    enabled: 'yes'
 template_list:
  - dest: '/etc/httpd/conf.d/autoindex.conf'
    group: 'root'
@ -144,3 +147,28 @@ template_list:
    mode: '0644'
    owner: 'root'
    src: '{{ ansible_distribution }}/{{ ansible_distribution_major_version }}/etc/sysconfig/htcacheclean'
+  - dest: '/usr/lib/systemd/system/htcacheclean.service'
+    group: 'root'
+    mode: '0644'
+    owner: 'root'
+    src: '{{ ansible_distribution }}/{{ ansible_distribution_major_version }}/usr/lib/systemd/system/htcacheclean.service'
+  - dest: '/usr/lib/systemd/system/httpd.service'
+    group: 'root'
+    mode: '0644'
+    owner: 'root'
+    src: '{{ ansible_distribution }}/{{ ansible_distribution_major_version }}/usr/lib/systemd/system/httpd.service'
+  - dest: '/usr/lib/systemd/system/httpd.socket'
+    group: 'root'
+    mode: '0644'
+    owner: 'root'
+    src: '{{ ansible_distribution }}/{{ ansible_distribution_major_version }}/usr/lib/systemd/system/httpd.socket'
+  - dest: '/usr/lib/systemd/system/httpd.timer'
+    group: 'root'
+    mode: '0644'
+    owner: 'root'
+    src: '{{ ansible_distribution }}/{{ ansible_distribution_major_version }}/usr/lib/systemd/system/httpd.timer'
+  - dest: '/usr/lib/systemd/system/httpd@.service'
+    group: 'root'
+    mode: '0644'
+    owner: 'root'
+    src: '{{ ansible_distribution }}/{{ ansible_distribution_major_version }}/usr/lib/systemd/system/httpd@.service'