From 142682ce2f7d73ad94bc11ab4e34b7f60a09e436 Mon Sep 17 00:00:00 2001
From: "Dustin C. Hatch" <dustin@hatch.name>
Date: Wed, 17 Sep 2025 06:36:05 -0500
Subject: [PATCH] r/ssh-host-certs: Fix restart handler

The _ssh-host-certs.target_ unit does not exist any more.  It was
provided by the _sshca-cli-systemd_ package to allow machines to
automatically request their SSH host certificates on first boot.  It had
a `ConditionFirstBoot=` requirement, which made it not work at any other
time, so there was no reason to move it into the Ansible configuration
policy.  Instead, we can use the _ssh-host-certs-renew.target_ unit to
trigger requesting or renewing host certificates.
---
 roles/ssh-host-certs/handlers/main.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/ssh-host-certs/handlers/main.yml b/roles/ssh-host-certs/handlers/main.yml
index d481a8e..68df275 100644
--- a/roles/ssh-host-certs/handlers/main.yml
+++ b/roles/ssh-host-certs/handlers/main.yml
@@ -1,6 +1,6 @@
-- name: restart ssh-host-certs.target
+- name: restart ssh-host-certs-renew.target
   systemd:
-    name: ssh-host-certs.target
+    name: ssh-host-certs-renew.target
     state: started
 
 - name: reload sshd