chore: set exec bit and use shebang (#7)

radiorabe · Dec 18, 2024 · f17d52c · f17d52c
1 parent be9dcbc
commit f17d52c
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 5 deletions.
diff --git a/roles/certbot/tasks/main.yml b/roles/certbot/tasks/main.yml
@@ -15,16 +15,17 @@
 
 - name: Write script for pushing certificates to remote host
   ansible.builtin.template:
-      src: templates/cert_sync.sh.j2
-      dest: "{{ certbot_certsync_script_path }}"
+   src: templates/cert_sync.sh.j2
+   dest: "{{ certbot_certsync_script_path }}"
+   mode: "755"
 
 - name: Add deploy hook to {{ certbot_certbot_sysconfig_path }}
-  ansible.builtin.command: sed -i 's/^DEPLOY_HOOK=""/DEPLOY_HOOK="--deploy-hook \\\"\/usr\/bin\/sh \/usr\/local\/libexec\/cert_sync.sh\\\""/' {{ certbot_certbot_sysconfig_path }}
+  ansible.builtin.command: sed -i 's/^DEPLOY_HOOK=""/DEPLOY_HOOK="--deploy-hook \\\"\/usr\/local\/libexec\/cert_sync.sh\\\""/' {{ certbot_certbot_sysconfig_path }}
 
 - name: Add certificates to certbot
   ansible.builtin.command: "{{ certbot_certbot_binary_path }} certonly \
     --standalone --non-interactive -m {{ certbot_acme_account_mail }} \
-    --deploy-hook '/usr/bin/sh /usr/local/libexec/cert_sync.sh'
+    --deploy-hook '/usr/local/libexec/cert_sync.sh'
     --domains {{ item }} --agree-tos"
   loop: "{{ certbot_certificates }}"
 

diff --git a/roles/certbot/templates/cert_sync.sh.j2 b/roles/certbot/templates/cert_sync.sh.j2
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/usr/bin/sh
 certbot_certificates_src={{ certbot_certificates_src }}
 certbot_remote_user={{ certbot_remote_user }}
 certbot_certificates_dest={{ certbot_certificates_dest }}