diff --git a/CHANGELOG.md b/CHANGELOG.md index bea9e19..94d7da8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,7 @@ This project adheres to [Semantic Versioning](http://semver.org/). Which is based on [Keep A Changelog](http://keepachangelog.com/) ## [Unreleased] +- fix: replace inline module to cron for renew cron - test: use new docker images ## [2.0.0] 2018-07-07 diff --git a/tasks/base.yml b/tasks/base.yml index bd39d7f..7f9ce57 100644 --- a/tasks/base.yml +++ b/tasks/base.yml @@ -35,12 +35,17 @@ mode: 0644 tags: certbot -- name: add certbot renew cron - lineinfile: +- name: remove old cerbot renew cron + file: path: /etc/cron.d/certbot - owner: root - group: root - mode: 0644 - regexp: '^0 */12 * * * root' - line: "0 */12 * * * root perl -e 'sleep int(rand(3600))' && certbot -q renew --renew-hook /usr/local/bin/certbot-renew" + state: absent + tags: certbot + +- name: add certbot renew cron + cron: + name: certbot-renew + user: root + hour: '*/12' + minute: 0 + job: perl -e 'sleep int(rand(3600))' && certbot -q renew --renew-hook /usr/local/bin/certbot-renew tags: certbot diff --git a/test/integration/certbot/serverspec/certbot_spec.rb b/test/integration/certbot/serverspec/certbot_spec.rb index 6c9f021..ede171d 100644 --- a/test/integration/certbot/serverspec/certbot_spec.rb +++ b/test/integration/certbot/serverspec/certbot_spec.rb @@ -15,11 +15,15 @@ describe file('/var/www/acme') do end describe file('/etc/cron.d/certbot') do + it { should_not exist } +end + +describe file('/var/spool/cron/crontabs/root') do it { should exist } it { should be_file } - it { should be_mode 644 } + it { should be_mode 600 } it { should be_owned_by 'root' } - it { should be_grouped_into 'root' } + it { should be_grouped_into 'crontab' } it { should contain '--renew-hook /usr/local/bin/certbot-renew' } end