From 3a39f61c5ebd56f322639fb90b36a7062858fadf Mon Sep 17 00:00:00 2001
From: Joachim Desroches <joachim.desroches@epfl.ch>
Date: Tue, 28 Jun 2022 10:46:34 +0200
Subject: [PATCH] __uacme_obtain: allow RENEW_HOOK to be specified from stdin.

---
 type/__uacme_obtain/man.rst  | 1 +
 type/__uacme_obtain/manifest | 6 +++++-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/type/__uacme_obtain/man.rst b/type/__uacme_obtain/man.rst
index f1db899..5b4a836 100644
--- a/type/__uacme_obtain/man.rst
+++ b/type/__uacme_obtain/man.rst
@@ -39,6 +39,7 @@ install-key-to
 
 renew-hook
   Renew hook executed on certificate renewal (e.g. `service nginx reload`).
+  If this is '-', then the type's standard input will be used instead.
 
 force-cert-ownership-to
   Override default ownership for TLS certificate, passed as argument to chown.
diff --git a/type/__uacme_obtain/manifest b/type/__uacme_obtain/manifest
index b41ddde..46cdcdb 100644
--- a/type/__uacme_obtain/manifest
+++ b/type/__uacme_obtain/manifest
@@ -109,7 +109,11 @@ export CERT_TARGET
 RENEW_HOOK=
 if [ -f "${__object:?}/parameter/renew-hook" ];
 then
-	RENEW_HOOK="$(cat "${__object:?}/parameter/renew-hook")"
+	if [ "$(cat "${__object:?}/parameter/renew-hook")" = "-" ]; then
+		RENEW_HOOK="$(cat "${__object:?}/stdin")"
+	else
+		RENEW_HOOK="$(cat "${__object:?}/parameter/renew-hook")"
+	fi
 fi
 export RENEW_HOOK