Compare commits

..

4 commits

Author SHA1 Message Date
f
e3bd62e6bd
fix: exit with the error code
All checks were successful
ci/woodpecker/push/woodpecker/1 Pipeline was successful
ci/woodpecker/push/woodpecker/2 Pipeline was successful
2024-06-14 18:00:13 -03:00
f
d39cd11605
fix: remove lock after synchronization 2024-06-14 18:00:00 -03:00
f
fb40860f31
fix: check for file 2024-06-14 17:18:43 -03:00
f
e428837559
fix: syntax error 2024-06-14 17:18:34 -03:00

View file

@ -11,10 +11,7 @@ updated=/tmp/certbot.updated
ensure() {
test -n "$1" && echo "ok - $1 received, exiting gracefully..." >&2
rm -f "${lock}"
test -f "${updated}" || exit 0
if test -f "${updated}" ; then
rm -f "${updated}"
# Fix permissions, users in group ssl have read access
@ -22,18 +19,21 @@ ensure() {
find /etc/letsencrypt -type f | xargs -r chmod 640
chgrp -R ssl /etc/letsencrypt
${SINGLE_NODE:-false} && exit 0
# Push certificates to nodes, we use SSH as a secure transport
# but this means we're synchronizing from container to host which is
# awkward. A restricted rsync treats / as the remote location for the
# certificates.
if ! ${SINGLE_NODE:-false}; then
for NODE in ${NODES}; do
rsync -avHAXL --delete-after /etc/letsencrypt/live/ ${NODE}/ || continue
done
fi
fi
# Remove the lock after synchronization
rm -f "${lock}"
# Exit with the error code
exit $1
}
for SIG in TERM QUIT INT HUP; do
for SIG in 1 2 3 6 9 14 15; do
trap "ensure ${SIG}" ${SIG}
done
@ -92,7 +92,7 @@ case $1 in
| jq --raw-output .[] \
| while read domain; do
# Skip already existing domains
if test -d "/etc/letsencrypt/renewal/${domain}.conf"
if test -f "/etc/letsencrypt/renewal/${domain}.conf"; then
echo "ok - ${domain} already issued" >&2
continue
fi
@ -115,4 +115,4 @@ case $1 in
done
esac
ensure
ensure 0