* hydra/modules/sysadmin/services.scm (%certbot-deploy-hook): New
variable.
(%certbot-job): Pass %certbot-deploy-hook to certbot invocation.
---
I think this patch should resolve the certificate issue more
permanently. I haven't tested it at all, but I mostly just stole it
from Guix's certbot service. I know it works there, so I'm just
assuming it will work here, too.
hydra/modules/sysadmin/services.scm | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/hydra/modules/sysadmin/services.scm
b/hydra/modules/sysadmin/services.scm
index 128b0c1..3d996f5 100644
--- a/hydra/modules/sysadmin/services.scm
+++ b/hydra/modules/sysadmin/services.scm
@@ -7,6 +7,7 @@
;;; Copyright © 2023 Andreas Enge <andr...@enge.fr>
;;; Copyright © 2023 Lars-Dominik Braun <l...@leibniz-psychology.org>
;;; Copyright © 2024 Arun Isaac <arunis...@systemreboot.net>
+;;; Copyright © 2024 Carlo Zancanaro <ca...@zancanaro.id.au>
;;;
;;; This program is free software: you can redistribute it and/or modify
;;; it under the terms of the GNU General Public License as published by
@@ -616,11 +617,19 @@ to a selected directory.")
`(("nginx" ,(file-append nginx "/share/nginx/conf")))))
+(define %certbot-deploy-hook
+ ;; Reload nginx after a new certificate is deployed.
+ (with-imported-modules '((gnu services herd))
+ #~(begin
+ (use-modules (gnu services herd))
+ (with-shepherd-action 'nginx ('reload) result result))))
+
+
(define %certbot-job
;; Attempt to renew the Let's Encrypt certificate twice a week.
#~(job "30 0 * * 2,5"
(string-append #$certbot "/bin/certbot renew \
---webroot --webroot-path /var/www")))
+--webroot --webroot-path /var/www --deploy-hook " #$certbot-deploy-hook)))
�
base-commit: 489fc437c7b3aa0af41a40d6090eb4c51ced0028
--
2.41.0
