__uacme_obtain: allow use of stdin with the --renew-hook parameter

This commit is contained in:
fnux 2022-04-25 17:10:50 +02:00
parent 151dc32fb5
commit 67bc8aa02b
No known key found for this signature in database
GPG key ID: 4502C902C00A1E12
2 changed files with 7 additions and 2 deletions

View file

@ -38,7 +38,8 @@ install-key-to
Installation path of the certificate's private key. Installation path of the certificate's private key.
renew-hook renew-hook
Renew hook executed on certificate renewal (e.g. `service nginx reload`). Renew hook executed on certificate renewal (e.g. `service nginx reload`, `-`
for the standard input).
force-cert-ownership-to force-cert-ownership-to
Override default ownership for TLS certificate, passed as argument to chown. Override default ownership for TLS certificate, passed as argument to chown.

View file

@ -109,8 +109,12 @@ export CERT_TARGET
RENEW_HOOK= RENEW_HOOK=
if [ -f "${__object:?}/parameter/renew-hook" ]; if [ -f "${__object:?}/parameter/renew-hook" ];
then then
if [ "$(cat "${__object:?}/parameter/renew-hook")" = "-" ]; then
RENEW_HOOK="$(cat ${__object:?}/stdin)"
else
RENEW_HOOK="$(cat "${__object:?}/parameter/renew-hook")" RENEW_HOOK="$(cat "${__object:?}/parameter/renew-hook")"
fi fi
fi
export RENEW_HOOK export RENEW_HOOK
if [ -n "$KEY_TARGET" ] && [ -z "$CERT_TARGET" ]; then if [ -n "$KEY_TARGET" ] && [ -z "$CERT_TARGET" ]; then