From: lschuermann Date: Tue, 1 Mar 2016 21:29:15 +0000 (+0100) Subject: Add hook for unchanged certificates. X-Git-Tag: v0.1.0~6^2~2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=705fb54e927e1df4515e99639e90095f0863470b;p=thirdparty%2Fdehydrated.git Add hook for unchanged certificates. --- diff --git a/hook.sh.example b/hook.sh.example index 41d32a0..3381682 100644 --- a/hook.sh.example +++ b/hook.sh.example @@ -52,4 +52,24 @@ function deploy_cert { # The path of the file containing the intermediate certificate(s). } +function unchanged_cert { + local DOMAIN="${1}" KEYFILE="${2}" CERTFILE="${3}" FULLCHAINFILE="${4}" CHAINFILE="${5}" + + # This hook is called once for each certificate that is still + # valid and therefore wasn't reissued. + # + # Parameters: + # - DOMAIN + # The primary domain name, i.e. the certificate common + # name (CN). + # - KEYFILE + # The path of the file containing the private key. + # - CERTFILE + # The path of the file containing the signed certificate. + # - FULLCHAINFILE + # The path of the file containing the full certificate chain. + # - CHAINFILE + # The path of the file containing the intermediate certificate(s). +} + HANDLER=$1; shift; $HANDLER $@ diff --git a/letsencrypt.sh b/letsencrypt.sh index 99f5592..fe90145 100755 --- a/letsencrypt.sh +++ b/letsencrypt.sh @@ -598,7 +598,9 @@ command_sign_domains() { if [[ "${force_renew}" = "yes" ]]; then echo "Ignoring because renew was forced!" else - echo "Skipping!" + # Certificate-Names unchanged and cert is still valid + echo "Skipping renew! Calling unchanged-hook." + [[ -n "${HOOK}" ]] && "${HOOK}" "unchanged_cert" "${domain}" "${BASEDIR}/certs/${domain}/privkey.pem" "${BASEDIR}/certs/${domain}/cert.pem" "${BASEDIR}/certs/${domain}/fullchain.pem" "${BASEDIR}/certs/${domain}/chain.pem" continue fi else