Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
S
servers-config
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Gruppo Sistemisti
servers-config
Commits
6ce0c7dd
Commit
6ce0c7dd
authored
Mar 14, 2018
by
Mattia Rizzolo
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
ssl: configure sudo
Signed-off-by:
Mattia Rizzolo
<
mattia@debian.org
>
parent
1a040c86
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
13 additions
and
0 deletions
+13
-0
roles/ssl-keys/tasks/common.yml
roles/ssl-keys/tasks/common.yml
+9
-0
roles/ssl-keys/templates/sudoers
roles/ssl-keys/templates/sudoers
+4
-0
No files found.
roles/ssl-keys/tasks/common.yml
View file @
6ce0c7dd
...
...
@@ -41,3 +41,12 @@
force
:
no
owner
:
root
group
:
ssl-cert
-
name
:
configure sudo so cron can renew certs by itself
template
:
src
:
sudoers
dest
:
/etc/sudoers.d/ssl
owner
:
root
group
:
root
mode
:
0440
validate
:
visudo -cf %s
roles/ssl-keys/templates/sudoers
0 → 100644
View file @
6ce0c7dd
# the SSL auto-renew client should be able to reload services on its own
ssl-keys ALL=(root) NOPASSWD: /usr/sbin/apache2ctl graceful
ssl-keys ALL=(root) NOPASSWD: /usr/sbin/service nginx reload
ssl-keys ALL=(root) NOPASSWD: /usr/sbin/service postfix reload
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
Mattia Rizzolo <mattia@debian.org>
Mattia Rizzolo <mattia@debian.org>