From e5ceab1f7d69757c15aba34f04ec689bb6f9ee1f Mon Sep 17 00:00:00 2001 From: Jeremy Stanley Date: Tue, 14 Jan 2020 20:20:43 +0000 Subject: [PATCH] Gracefully restart Apache after cert replacements Apache doesn't have a reload, but it has something almost as good: a "graceful" restart. This begins accepting connections while existing ones wind down, rather than terminating them prematurely. Most distributions (including the ones we use) map this to the "reload" action of their SysV initscripts or SystemD service units for Apache. As a result, we can be nicer to our users by applying the "reloaded" state to the service module for it in our Ansible role when Let's Encrypt SSL certs are replaced. Change-Id: Iac3fad3d0d8216914d94a42f7705e07cef741847 --- .../letsencrypt-create-certs/handlers/restart_apache.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/playbooks/roles/letsencrypt-create-certs/handlers/restart_apache.yaml b/playbooks/roles/letsencrypt-create-certs/handlers/restart_apache.yaml index 6b643ad236..1359792304 100644 --- a/playbooks/roles/letsencrypt-create-certs/handlers/restart_apache.yaml +++ b/playbooks/roles/letsencrypt-create-certs/handlers/restart_apache.yaml @@ -1,8 +1,8 @@ - name: Populate service facts service_facts: -- name: Restart apache +- name: Reload apache service: name: apache2 - state: restarted - when: "'apache2' in ansible_facts.services" \ No newline at end of file + state: reloaded + when: "'apache2' in ansible_facts.services"