fix: certbot not reload nginx

2025-05-03 14:48:00 +08:00 · 2025-05-03 14:48:00 +08:00 · f5ba45b20c
commit f5ba45b20c
parent c24da9bea1
4 changed files with 22 additions and 7 deletions
--- a/system/modules/certbot.nix
+++ b/system/modules/certbot.nix
@ -18,7 +18,6 @@
      "nginx.service"
      "network.target"
    ];
-    wantedBy = [ "multi-user.target" ];
    environment = {
      "REQUESTS_CA_BUNDLE" = ../extra/ca.crt;
    };
@ -26,5 +25,16 @@
      ExecStart = ''${pkgs.certbot}/bin/certbot renew'';
      ExecStartPost = "${pkgs.busybox}/bin/chown nginx:nginx -R /etc/letsencrypt";
    };
+    unitConfig = {
+      OnSuccess = "nginx-reload-after-certbot.service";
+    };
+  };
+
+  systemd.services."nginx-reload-after-certbot" = {
+    serviceConfig = {
+      User = "nginx";
+      # This config file path refers to "services.nginx.enableReload"
+      ExecStart = ''${pkgs.nginx}/bin/nginx -s reload -c /etc/nginx/nginx.conf'';
+    };
  };
 }