From 3c49e608756b93154a46b11df951a728b2826bad Mon Sep 17 00:00:00 2001
From: Fabien COMBERNOUS <fabien.combernous@adullact.org>
Date: Thu, 1 Dec 2022 10:36:45 +0100
Subject: [PATCH] timer never used if service remains

---
 manifests/ca/gencrl.pp             | 2 +-
 templates/cfssl-gencrl.service.epp | 1 -
 templates/cfssl-gencrl.timer.epp   | 1 +
 3 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/manifests/ca/gencrl.pp b/manifests/ca/gencrl.pp
index cdafa92..8026de5 100644
--- a/manifests/ca/gencrl.pp
+++ b/manifests/ca/gencrl.pp
@@ -30,7 +30,7 @@ define cfssl::ca::gencrl (
       content => epp('cfssl/cfssl-gencrl.service.epp', { 'ca' => $_ca }),
     }
     ~> service { "cfssl-gencrl-${_ca}.service":
-      ensure   => 'running',
+      ensure   => 'stopped',
       enable   => true,
       provider => 'systemd',
     }
diff --git a/templates/cfssl-gencrl.service.epp b/templates/cfssl-gencrl.service.epp
index 3c38182..ea1cb5e 100644
--- a/templates/cfssl-gencrl.service.epp
+++ b/templates/cfssl-gencrl.service.epp
@@ -7,7 +7,6 @@ After=cfssl.service
 
 [Service]
 Type=oneshot
-RemainAfterExit=yes
 Environment=CRL=<%= $cfssl::crldir %>/crl-<%= $ca %>.<%= $cfssl::crl_extension %>
 ExecStart=sh -c 'echo "-----BEGIN X509 CRL-----" > $CRL ; cfssl crl -db-config <%= $cfssl::confdir %>/<%= $cfssl::params::db_config_json %> -ca <%= $cfssl::confdir %>/ca/<%= $ca %>.pem -ca-key <%= $cfssl::confdir %>/ca/<%= $ca %>-key.pem | fold -w 64 >> $CRL ; echo "-----END X509 CRL-----" >> $CRL'
 
diff --git a/templates/cfssl-gencrl.timer.epp b/templates/cfssl-gencrl.timer.epp
index 70d7415..efd2f94 100644
--- a/templates/cfssl-gencrl.timer.epp
+++ b/templates/cfssl-gencrl.timer.epp
@@ -6,6 +6,7 @@ Description=CFSSL CRL generator for CA <%= $ca %>
 [Timer]
 OnCalendar=*-*-* <%= $cfssl::crl_gentimer %>
 Persistent=true
+OnActiveSec=10
 
 [Install]
 WantedBy=timers.target
-- 
GitLab