From f6a96ffaa6b287efc495da76d41b093e22d83c59 Mon Sep 17 00:00:00 2001
From: Adar Nimrod <nimrod@shore.co.il>
Date: Wed, 24 Mar 2021 00:50:00 +0200
Subject: [PATCH] fixup! Force recreate dhparams if older than 4 weeks.

---
 tasks/renew-cert.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tasks/renew-cert.yaml b/tasks/renew-cert.yaml
index 0be39e8..b2ce185 100644
--- a/tasks/renew-cert.yaml
+++ b/tasks/renew-cert.yaml
@@ -152,7 +152,7 @@
       community.crypto.openssl_dhparam:
         # yamllint disable rule:line-length
         force: |-
-          {{ (ansible_date_time.epoch|int - dhparams_stat.stat.mtime|int)/(60*60*24*7) >= 0 }}
+          {{ (ansible_date_time.epoch|int - dhparams_stat.stat.mtime|int)/(60*60*24*7) >= 4 }}
         # yamllint enable rule:line-length
         mode: 0o0644
         path: *dhparams
-- 
GitLab