TLS everywhere: Set post-save command for httpd
The default command wasn't working, so here we set one that will
actually work.
httpd is a fairly simple instance, since the certs are mounted from the
directory (and not the individual certs). So there is no need to copy
anything to the container or do any post-processing. All we need to do
is tell httpd to load the new certs.
Related-Bug: #1811401
Depends-On: I642f48aa0e66ca57de2ecee921c798747ba41e1a
Change-Id: I862f0d15f769167c8b5d27cf302b7087b8fad0ab
(cherry picked from commit 514f99c575
)
This commit is contained in:
parent
c9dbc7d6bd
commit
7620f63f8a
|
@ -111,6 +111,7 @@ outputs:
|
|||
service_key: '/etc/pki/tls/private/httpd/httpd-NETWORK.key'
|
||||
hostname: "%{hiera('fqdn_NETWORK')}"
|
||||
principal: "HTTP/%{hiera('fqdn_NETWORK')}"
|
||||
postsave_cmd: "pkill -USR1 httpd"
|
||||
for_each:
|
||||
NETWORK: {get_attr: [ApacheNetworks, value]}
|
||||
- {}
|
||||
|
|
Loading…
Reference in New Issue