Created
April 8, 2026 17:20
-
-
Save sajith/65af04ad3dd0840ae9ef31d62fabdeb3 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| From 2d7ee5319f0d7ae72cc08db49f36b7a6eb2cc89f Mon Sep 17 00:00:00 2001 | |
| From: Sajith Sasidharan <sajith@hcoop.net> | |
| Date: Wed, 8 Apr 2026 12:10:43 -0500 | |
| Subject: [PATCH] Pause nginx during certbot execution | |
| --- | |
| ansible/roles/nginx/tasks/main.yml | 25 +++++++++++++++++++++++++ | |
| 1 file changed, 25 insertions(+) | |
| diff --git a/ansible/roles/nginx/tasks/main.yml b/ansible/roles/nginx/tasks/main.yml | |
| index 5d3b5fe..0e17abb 100644 | |
| --- a/ansible/roles/nginx/tasks/main.yml | |
| +++ b/ansible/roles/nginx/tasks/main.yml | |
| @@ -76,6 +76,31 @@ | |
| when: use_ssl | default(true) and media_domain_name is defined and not ssl_cert_media.stat.exists | |
| register: cert_generation_media | |
| +- name: Configure certbot renewal for main domain | |
| + copy: | |
| + dest: /etc/letsencrypt/renewal/{{ domain_name }}.conf | |
| + content: | | |
| + # Renewal configuration for {{ domain_name }} | |
| + [renewalparams] | |
| + authenticator = standalone | |
| + pre_hook = systemctl stop nginx | |
| + post_hook = systemctl start nginx | |
| + mode: 0644 | |
| + when: use_ssl | default(true) | |
| + | |
| +- name: Configure certbot renewal for media domain | |
| + copy: | |
| + dest: /etc/letsencrypt/renewal/{{ media_domain_name }}.conf | |
| + content: | | |
| + # Renewal configuration for {{ media_domain_name }} | |
| + [renewalparams] | |
| + authenticator = standalone | |
| + pre_hook = systemctl stop nginx | |
| + post_hook = systemctl start nginx | |
| + mode: 0644 | |
| + when: use_ssl | default(true) and media_domain_name is defined | |
| + | |
| + | |
| - name: Enable Mastodon Nginx site | |
| file: | |
| src: /etc/nginx/sites-available/{{ domain_name }} | |
| -- | |
| 2.53.0 | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment