evoacme: install hooks

evoacme/defaults/main.yml

@@ -5,6 +5,7 @@ evoacme_dhparam_size: 2048
 evoacme_acme_dir: /var/lib/letsencrypt
 evoacme_csr_dir: /etc/ssl/requests
 evoacme_crt_dir: /etc/letsencrypt
+evoacme_hooks_dir: "{{ evoacme_crt_dir }}/hooks"
 evoacme_log_dir: /var/log/evoacme
 evoacme_ssl_minday: 30
 evoacme_ssl_ct: 'FR'

evoacme/tasks/acme.yml

@@ -22,6 +22,38 @@
     group: acme
     state: directory
 
+- name: "Fix hooks directory permissions"
+  file:
+    path: "{{ evoacme_hooks_dir }}"
+    mode: "0700"
+    owner: acme
+    group: acme
+    state: directory
+
+- name: "Search for reload_apache hook"
+  command: "find {{ evoacme_hooks_dir }} -type f \( -name 'reload_apache' -o -name 'reload_apache.*' \)"
+  check_mode: no
+  register: find_apache_hook
+
+- name: "Copy reload_apache hook if missing"
+  copy:
+    src: "hooks/reload_apache"
+    dest: "{{ evoacme_hooks_dir }}/hooks/reload_apache"
+    mode: "0750"
+  when: find_apache_hook.stdout == ""
+
+- name: "Search for reload_nginx hook"
+  command: "find {{ evoacme_hooks_dir }} -type f \( -name 'reload_nginx' -o -name 'reload_nginx.*' \)"
+  check_mode: no
+  register: find_nginx_hook
+
+- name: "Copy reload_nginx hook if missing"
+  copy:
+    src: "hooks/reload_nginx"
+    dest: "{{ evoacme_hooks_dir }}/hooks/reload_nginx"
+    mode: "0750"
+  when: find_nginx_hook.stdout == ""
+
 - name: Fix log dir's right
   file:
     path: "{{ evoacme_log_dir }}"