Be sure to check the exit code of certbot
If we use set -e but no -o pipefail with a pipe, the last command exit code is used by set -e. certbot | grep -v something If the grep exit with a non-zero exit code, set -e stop the execution of the script. We don't care about that grep, so we now use the PIPESTATUS.
This commit is contained in:
parent
77cc1cce7d
commit
cdaad871b3
|
@ -204,6 +204,8 @@ main() {
|
||||||
sudo -u acme test -w "${NEW_DIR}" || error "Directory ${NEW_DIR} is not writable by user 'acme'"
|
sudo -u acme test -w "${NEW_DIR}" || error "Directory ${NEW_DIR} is not writable by user 'acme'"
|
||||||
|
|
||||||
# create a certificate with certbot
|
# create a certificate with certbot
|
||||||
|
# we disable the set -e during the certbot call
|
||||||
|
set +e
|
||||||
sudo -u acme \
|
sudo -u acme \
|
||||||
"${CERTBOT_BIN}" \
|
"${CERTBOT_BIN}" \
|
||||||
certonly \
|
certonly \
|
||||||
|
@ -220,6 +222,11 @@ main() {
|
||||||
2>&1 \
|
2>&1 \
|
||||||
| grep -v "certbot.crypto_util"
|
| grep -v "certbot.crypto_util"
|
||||||
|
|
||||||
|
if [ "${PIPESTATUS[0]}" != "0" ]; then
|
||||||
|
error "Certbot has exited with a non-zero exit code"
|
||||||
|
fi
|
||||||
|
set -e
|
||||||
|
|
||||||
if [ "${DRY_RUN}" = "1" ]; then
|
if [ "${DRY_RUN}" = "1" ]; then
|
||||||
debug "In dry-run mode, we stop here. Bye"
|
debug "In dry-run mode, we stop here. Bye"
|
||||||
exit 0
|
exit 0
|
||||||
|
|
Loading…
Reference in a new issue