From 7a2394e1e03196ab6dee2d4c637693652a4b5fa3 Mon Sep 17 00:00:00 2001
From: Benjamin Graillot <graillot@crans.org>
Date: Fri, 23 Apr 2021 17:36:00 +0200
Subject: [PATCH] [inspircd] Refresh certificate every month

---
 roles/inspircd/tasks/main.yml                      | 6 ++++++
 roles/inspircd/templates/cron.monthly/irc-certs.j2 | 7 +++++++
 2 files changed, 13 insertions(+)
 create mode 100644 roles/inspircd/templates/cron.monthly/irc-certs.j2

diff --git a/roles/inspircd/tasks/main.yml b/roles/inspircd/tasks/main.yml
index 375d81c1..b90cd16f 100644
--- a/roles/inspircd/tasks/main.yml
+++ b/roles/inspircd/tasks/main.yml
@@ -16,3 +16,9 @@
     - { dest: modules.conf, mode: "0600" }
     - { dest: inspircd.motd, mode: "0644" }
   notify: Reload InspIRCd
+
+- name: Deploy certificate refresh CRON
+  template:
+    src: "cron.monthly/irc-certs.j2"
+    dest: "/etc/cron.monthly/irc-certs"
+    mode: 0755
diff --git a/roles/inspircd/templates/cron.monthly/irc-certs.j2 b/roles/inspircd/templates/cron.monthly/irc-certs.j2
new file mode 100644
index 00000000..3fcad2ca
--- /dev/null
+++ b/roles/inspircd/templates/cron.monthly/irc-certs.j2
@@ -0,0 +1,7 @@
+#!/bin/sh
+{{ ansible_header | comment }}
+
+cp /etc/letsencrypt/live/crans.org/fullchain.pem /etc/inspircd/fullchain.pem
+cp /etc/letsencrypt/live/crans.org/privkey.pem /etc/inspircd/privkey.pem
+chown irc:irc /etc/inspircd/fullchain.pem /etc/inspircd/privkey.pem
+kill -USR1 $(cat /var/run/inspircd/inspircd.pid)