From 514f99c575151489bdfef0cde01a0ebd57e5e131 Mon Sep 17 00:00:00 2001
From: Juan Antonio Osorio Robles <jaosorior@redhat.com>
Date: Fri, 25 Jan 2019 11:18:15 +0200
Subject: [PATCH] TLS everywhere: Set post-save command for httpd

The default command wasn't working, so here we set one that will
actually work.

httpd is a fairly simple instance, since the certs are mounted from the
directory (and not the individual certs). So there is no need to copy
anything to the container or do any post-processing. All we need to do
is tell httpd to load the new certs.

Related-Bug: #1811401
Depends-On: I642f48aa0e66ca57de2ecee921c798747ba41e1a
Change-Id: I862f0d15f769167c8b5d27cf302b7087b8fad0ab
---
 puppet/services/apache.j2.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/puppet/services/apache.j2.yaml b/puppet/services/apache.j2.yaml
index 28456fc1c9..e92f090159 100644
--- a/puppet/services/apache.j2.yaml
+++ b/puppet/services/apache.j2.yaml
@@ -114,6 +114,7 @@ outputs:
                         service_key: '/etc/pki/tls/private/httpd/httpd-NETWORK.key'
                         hostname: "%{hiera('fqdn_NETWORK')}"
                         principal: "HTTP/%{hiera('fqdn_NETWORK')}"
+                        postsave_cmd: "pkill -USR1 httpd"
                     for_each:
                       NETWORK: {get_attr: [ApacheNetworks, value]}
             - {}