From 47399bfa9f5f32c26040e1b3030a65a70b93c40f Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Mon, 5 Feb 2018 13:57:53 +0100 Subject: [PATCH] Add --renew-hook param to letsencrypt_cert type. --- cdist/conf/type/__letsencrypt_cert/man.rst | 13 +++++++++++-- cdist/conf/type/__letsencrypt_cert/manifest | 9 ++++++++- .../__letsencrypt_cert/parameter/optional_multiple | 1 + docs/changelog | 1 + 4 files changed, 21 insertions(+), 3 deletions(-) create mode 100644 cdist/conf/type/__letsencrypt_cert/parameter/optional_multiple diff --git a/cdist/conf/type/__letsencrypt_cert/man.rst b/cdist/conf/type/__letsencrypt_cert/man.rst index 14dbac7b..9b487d01 100644 --- a/cdist/conf/type/__letsencrypt_cert/man.rst +++ b/cdist/conf/type/__letsencrypt_cert/man.rst @@ -25,23 +25,32 @@ OPTIONAL PARAMETERS ------------------- None. + +OPTIONAL MULTIPLE PARAMETERS +---------------------------- +renew-hook + Renew hook command directly passed to certbot in cron job. + EXAMPLES -------- .. code-block:: sh - __letsencrypt_cert example.com --webroot /data/letsencrypt/root + __letsencrypt_cert example.com --admin-email root@example.com --webroot /data/letsencrypt/root + + __letsencrypt_cert example.com --admin-email root@example.com --webroot /data/letsencrypt/root --renew-hook "service nginx reload" AUTHORS ------- Nico Schottelius Kamila Součková +Darko Poljak COPYING ------- -Copyright \(C) 2017 Nico Schottelius, Kamila Součková. You can redistribute it +Copyright \(C) 2017 Nico Schottelius, Kamila Součková, Darko Poljak. You can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. diff --git a/cdist/conf/type/__letsencrypt_cert/manifest b/cdist/conf/type/__letsencrypt_cert/manifest index c9a688ca..800e5e18 100644 --- a/cdist/conf/type/__letsencrypt_cert/manifest +++ b/cdist/conf/type/__letsencrypt_cert/manifest @@ -64,9 +64,16 @@ case "$os" in ;; esac +renew_hook_param="$__object/parameter/renew-hook" +renew_hook="" +if [ -f "$renew_hook_param" ]; then + while read hook; do + renew_hook="$renew_hook --renew-hook \"$hook\"" + done < "$renew_hook_param" +fi __cron letsencrypt-certbot \ --user root \ - --command "$certbot_fullpath renew -q" \ + --command "$certbot_fullpath renew -q $renew_hook" \ --hour 0 \ --minute 47 diff --git a/cdist/conf/type/__letsencrypt_cert/parameter/optional_multiple b/cdist/conf/type/__letsencrypt_cert/parameter/optional_multiple new file mode 100644 index 00000000..3384c74f --- /dev/null +++ b/cdist/conf/type/__letsencrypt_cert/parameter/optional_multiple @@ -0,0 +1 @@ +renew-hook diff --git a/docs/changelog b/docs/changelog index e00d01bc..d030d43a 100644 --- a/docs/changelog +++ b/docs/changelog @@ -19,6 +19,7 @@ next: * Type __motd: Support reading from stdin (Jonas Weber) * Type __issue: Support reading from stdin (Jonas Weber) * Type __package_apt: Add support for --version parameter (Darko Poljak) + * Type __letsencrypt_cert: Add --renew-hook parameter(Darko Poljak) 4.7.3: 2017-11-10 * Type __ccollect_source: Add create destination parameter (Dominique Roux)