replace cron job with a systemd timer

Signed-off-by: Jakub Sokołowski <jakub@status.im>

README.md

@@ -30,7 +30,7 @@ To achieve that we run the [`/etc/tinc/status.im/tinc-refresh`](/files/tinc-refr
 5. Generates the files in `hosts` dir with public and VIP IP addresses and public key.
 6. Updates the `/etc/hosts` file with hostnames with the `.tinc` sufix.
 
-This process is configured to be repeated every 30 minutes via cron.
+This process is configured to be repeated hourly via a [systemd timer](https://www.freedesktop.org/software/systemd/man/systemd.timer.html).
 
 # Usage
 

defaults/main.yml

@@ -6,3 +6,9 @@ tinc_config_path: '/etc/tinc'
 tinc_network_path: '{{ tinc_config_path }}/{{ tinc_network_name | mandatory }}'
 tinc_host_filename: '{{ hostname | regex_replace("[.-]", "_") }}'
 tinc_consul_service_path: '/etc/consul/service_tinc.json'
+
+# Timer for refreshing config
+tinc_timer_service_name: 'tinc-refresh'
+tinc_timer_frequency: 'hourly'
+tinc_timer_timeout: 120
+tinc_timer_user: 'root'

tasks/config.yml

@@ -30,14 +30,6 @@
   command: '{{ tinc_network_path }}/tinc-refresh'
   register: generation
 
-- name: Configure a cron job to refresh Tinc peers
-  tags: ['role::tinc', 'role::tinc:config']
-  cron:
-    name: Tinc Peer Refresh
-    minute: '*/30'
-    user: root
-    job: '{{ tinc_network_path }}/tinc-refresh'
-
 - name: Read public key file
   tags: ['role::tinc', 'role::tinc:config']
   slurp:

tasks/main.yml

@@ -3,6 +3,8 @@
   tags: ['role::tinc', 'role::tinc:install']
 - include_tasks: config.yml
   tags: ['role::tinc', 'role::tinc:config']
+- include_tasks: timer.yml
+  tags: ['role::tinc', 'role::tinc:timer']
 - include_tasks: service.yml
   tags: ['role::tinc', 'role::tinc:service']
 - include_tasks: health.yml

tasks/timer.yml

@@ -0,0 +1,33 @@
+---
+- name: Drop old cron job for refreshing Tinc peers
+  tags: ['role::tinc', 'role::tinc:config']
+  cron:
+    name: 'Tinc Peer Refresh'
+    minute: '*/30'
+    state: 'absent'
+
+- name: Create tinc-refresh.service file
+  template:
+    src: 'tinc-refresh.service.j2'
+    dest: '/lib/systemd/system/{{ tinc_timer_service_name }}.service'
+    mode: 0644
+
+- name: Create tinc-refresh.timer file
+  template:
+    src: 'tinc-refresh.timer.j2'
+    dest: '/lib/systemd/system/{{ tinc_timer_service_name }}.timer'
+    mode: 0644
+
+- name: Reload systemctl
+  command: systemctl daemon-reload
+
+- name: (Re)start service
+  service:
+    name: '{{ tinc_timer_service_name }}.service'
+    enabled: true
+
+- name: Enable the timer
+  systemd:
+    name: '{{ tinc_timer_service_name }}.timer'
+    state: 'started'
+    enabled: true

templates/tinc-refresh.service.j2

@@ -0,0 +1,12 @@
+[Unit]
+Description={{ tinc_timer_service_name }}
+Documentation=https://github.com/status-im/infra-role-tinc
+Requires=network.target
+After=network.target
+
+[Service]
+User={{ tinc_timer_user }}
+Type=oneshot
+ExecStart={{ tinc_network_path }}/tinc-refresh
+TimeoutStartSec={{ tinc_timer_timeout }}
+WorkingDirectory={{ tinc_network_path }}

templates/tinc-refresh.timer.j2

@@ -0,0 +1,9 @@
+[Unit]
+After=multi-user.target
+
+[Timer]
+OnCalendar={{ tinc_timer_frequency }}
+Persistent=yes
+
+[Install]
+WantedBy=default.target