tls: add script to restart slapd when renweing Le certificate

files/le_restart_slapd.sh

@@ -0,0 +1,3 @@
+#! /bin/bash
+
+/bin/systemctl restart slapd

tasks/main.yml

@@ -194,6 +194,13 @@
     ansible.builtin.file:
       path: /root/ssl.ldif
       state: absent
+
+  - name: restart slapd upon certificate renewal
+    ansible.builtin.copy:
+     src: le_restart_slapd.sh
+     dest: /etc/letsencrypt/renewal-hooks/post/service_slapd.sh
+     mode: 0700
+
   when: ldap_have_ssl
 
 - name: configure ldap aliases - 0/1