r/minio: Reload server after changing cert
MinIO is supposed to automatically reload itself when the certificate changes, but this does not appear to happen in all cases. To ensure the updated certificate gets used, we need to send SIGHUP to the MinIO server process.step-ssh
parent
1b63332872
commit
0037a3c281
|
|
@ -6,3 +6,8 @@
|
||||||
systemd:
|
systemd:
|
||||||
name: minio
|
name: minio
|
||||||
state: restarted
|
state: restarted
|
||||||
|
|
||||||
|
- name: reload minio
|
||||||
|
systemd:
|
||||||
|
name: minio
|
||||||
|
state: reloaded
|
||||||
|
|
|
||||||
|
|
@ -56,6 +56,8 @@
|
||||||
mode: u=rw,g=r,o=
|
mode: u=rw,g=r,o=
|
||||||
setype: container_file_t
|
setype: container_file_t
|
||||||
with_fileglob: certs/minio/{{ inventory_hostname }}.cer
|
with_fileglob: certs/minio/{{ inventory_hostname }}.cer
|
||||||
|
notify:
|
||||||
|
- reload minio
|
||||||
tags:
|
tags:
|
||||||
- cert
|
- cert
|
||||||
- name: ensure minio server private key is present
|
- name: ensure minio server private key is present
|
||||||
|
|
@ -68,6 +70,8 @@
|
||||||
setype: container_file_t
|
setype: container_file_t
|
||||||
diff: false
|
diff: false
|
||||||
with_fileglob: certs/minio/{{ inventory_hostname }}.key
|
with_fileglob: certs/minio/{{ inventory_hostname }}.key
|
||||||
|
notify:
|
||||||
|
- reload minio
|
||||||
tags:
|
tags:
|
||||||
- cert
|
- cert
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -15,6 +15,7 @@ Network=host
|
||||||
NoNewPrivileges=yes
|
NoNewPrivileges=yes
|
||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
|
ExecReload=/bin/kill -HUP $MAINPID
|
||||||
MemoryDenyWriteExecute=yes
|
MemoryDenyWriteExecute=yes
|
||||||
PrivateTmp=yes
|
PrivateTmp=yes
|
||||||
ProtectClock=yes
|
ProtectClock=yes
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue