r/minio: Reload server after changing cert
MinIO is supposed to automatically reload itself when the certificate changes, but this does not appear to happen in all cases. To ensure the updated certificate gets used, we need to send SIGHUP to the MinIO server process.
This commit is contained in:
@@ -6,3 +6,8 @@
|
|||||||
systemd:
|
systemd:
|
||||||
name: minio
|
name: minio
|
||||||
state: restarted
|
state: restarted
|
||||||
|
|
||||||
|
- name: reload minio
|
||||||
|
systemd:
|
||||||
|
name: minio
|
||||||
|
state: reloaded
|
||||||
|
|||||||
@@ -56,6 +56,8 @@
|
|||||||
mode: u=rw,g=r,o=
|
mode: u=rw,g=r,o=
|
||||||
setype: container_file_t
|
setype: container_file_t
|
||||||
with_fileglob: certs/minio/{{ inventory_hostname }}.cer
|
with_fileglob: certs/minio/{{ inventory_hostname }}.cer
|
||||||
|
notify:
|
||||||
|
- reload minio
|
||||||
tags:
|
tags:
|
||||||
- cert
|
- cert
|
||||||
- name: ensure minio server private key is present
|
- name: ensure minio server private key is present
|
||||||
@@ -68,6 +70,8 @@
|
|||||||
setype: container_file_t
|
setype: container_file_t
|
||||||
diff: false
|
diff: false
|
||||||
with_fileglob: certs/minio/{{ inventory_hostname }}.key
|
with_fileglob: certs/minio/{{ inventory_hostname }}.key
|
||||||
|
notify:
|
||||||
|
- reload minio
|
||||||
tags:
|
tags:
|
||||||
- cert
|
- cert
|
||||||
|
|
||||||
|
|||||||
@@ -15,6 +15,7 @@ Network=host
|
|||||||
NoNewPrivileges=yes
|
NoNewPrivileges=yes
|
||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
|
ExecReload=/bin/kill -HUP $MAINPID
|
||||||
MemoryDenyWriteExecute=yes
|
MemoryDenyWriteExecute=yes
|
||||||
PrivateTmp=yes
|
PrivateTmp=yes
|
||||||
ProtectClock=yes
|
ProtectClock=yes
|
||||||
|
|||||||
Reference in New Issue
Block a user