certbot: detect domains if missing
continuous-integration/drone/push Build is passing Details

This commit is contained in:
Jérémy Lecour 2020-12-24 13:56:11 +01:00 committed by Jérémy Lecour
parent 442e9bcda8
commit 7ec0748383
2 changed files with 11 additions and 1 deletions

View File

@ -12,6 +12,7 @@ The **patch** part changes incrementally at each release.
### Added ### Added
* certbot: detect domains if missing
* certbot: new "sync_remote.sh" hook to sync certificates and execute hooks on remote servers * certbot: new "sync_remote.sh" hook to sync certificates and execute hooks on remote servers
* varnish: variable for jail configuration * varnish: variable for jail configuration

View File

@ -9,6 +9,13 @@ debug() {
>&2 echo "${PROGNAME}: $1" >&2 echo "${PROGNAME}: $1"
fi fi
} }
domain_from_cert() {
if [ -f "${RENEWED_LINEAGE}/fullchain.pem" ]; then
openssl x509 -noout -subject -in "${RENEWED_LINEAGE}/fullchain.pem" | sed 's/^.*CN\ *=\ *//'
else
debug "Unable to find \`${RENEWED_LINEAGE}/fullchain.pem', skip domain detection."
fi
}
main() { main() {
export GIT_DIR="/etc/.git" export GIT_DIR="/etc/.git"
export GIT_WORK_TREE="/etc" export GIT_WORK_TREE="/etc"
@ -17,6 +24,9 @@ main() {
changed_lines=$(${git_bin} status --porcelain | wc -l | tr -d ' ') changed_lines=$(${git_bin} status --porcelain | wc -l | tr -d ' ')
if [ "${changed_lines}" != "0" ]; then if [ "${changed_lines}" != "0" ]; then
if [ -z "${RENEWED_DOMAINS}" ] && [ -n "${RENEWED_LINEAGE}" ]; then
RENEWED_DOMAINS=$(domain_from_cert)
fi
debug "Committing for ${RENEWED_DOMAINS}" debug "Committing for ${RENEWED_DOMAINS}"
${git_bin} add --all ${git_bin} add --all
message="[letsencrypt] certificates renewal (${RENEWED_DOMAINS})" message="[letsencrypt] certificates renewal (${RENEWED_DOMAINS})"
@ -32,6 +42,5 @@ readonly VERBOSE=${VERBOSE:-"0"}
readonly QUIET=${QUIET:-"0"} readonly QUIET=${QUIET:-"0"}
readonly git_bin=$(command -v git) readonly git_bin=$(command -v git)
readonly letsencrypt_dir=/etc/letsencrypt
main main