Difuse/packages
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

uacme: do not override production state dir variable

Browse source 
With this commit, issue_cert() can be called multiple times alternating
between staging and production certificates within a script.

Before this commit, the production state dir was stored in $STATE_DIR.
But in the case of $use_staging=1, this variable was overwritten in
issue_cert() with $STAGING_STATE_DIR. This made it impossible to call
issue_cert() with $use_staging=0 afterwards. Now the production state
dir is stored in $PRODUCTION_STATE_DIR. This way it is not overridden
anymore and issue_cert() can be called multiple times alternating with
production and staging.

Signed-off-by: Leonardo Mörlein <git@irrelefant.net>
This commit is contained in:
Leonardo Mörlein 2021-04-12 01:30:39 +02:00 committed by Rosen Penev
parent da3be62a9f
commit b80781150b
1 changed files with 14 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
net/uacme/files/run.sh
View file

@ -28,7 +28,7 @@ export CURL_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt
export NO_TIMESTAMP=1 export NO_TIMESTAMP=1
UHTTPD_LISTEN_HTTP= UHTTPD_LISTEN_HTTP=
STATE_DIR='/etc/acme' PRODUCTION_STATE_DIR='/etc/acme'
STAGING_STATE_DIR='/etc/acme/staging' STAGING_STATE_DIR='/etc/acme/staging'
ACCOUNT_EMAIL= ACCOUNT_EMAIL=
@ -219,6 +219,8 @@ issue_cert()
local staging= local staging=
local HOOK= local HOOK=
# reload uci values, as the value of use_staging may have changed
config_load acme
config_get_bool enabled "$section" enabled 0 config_get_bool enabled "$section" enabled 0
config_get_bool use_staging "$section" use_staging config_get_bool use_staging "$section" use_staging
config_get_bool update_uhttpd "$section" update_uhttpd config_get_bool update_uhttpd "$section" update_uhttpd
@ -243,7 +245,13 @@ issue_cert()
elif [ "$APP" = "acme" ]; then elif [ "$APP" = "acme" ]; then
[ "$DEBUG" -eq "1" ] && acme_args="$acme_args --debug" [ "$DEBUG" -eq "1" ] && acme_args="$acme_args --debug"
fi fi
[ "$use_staging" -eq "1" ] && STATE_DIR="$STAGING_STATE_DIR" && staging="--staging" if [ "$use_staging" -eq "1" ]; then
STATE_DIR="$STAGING_STATE_DIR";
staging="--staging";
else
STATE_DIR="$PRODUCTION_STATE_DIR";
staging="";
fi
set -- $domains set -- $domains
main_domain=$1 main_domain=$1
@ -443,8 +451,8 @@ load_vars()
{ {
local section="$1" local section="$1"
STATE_DIR=$(config_get "$section" state_dir) PRODUCTION_STATE_DIR=$(config_get "$section" state_dir)
STAGING_STATE_DIR=$STATE_DIR/staging STAGING_STATE_DIR=$PRODUCTION_STATE_DIR/staging
ACCOUNT_EMAIL=$(config_get "$section" account_email) ACCOUNT_EMAIL=$(config_get "$section" account_email)
DEBUG=$(config_get "$section" debug) DEBUG=$(config_get "$section" debug)
} }
@ -458,12 +466,12 @@ fi
config_load acme config_load acme
config_foreach load_vars acme config_foreach load_vars acme
if [ -z "$STATE_DIR" ] || [ -z "$ACCOUNT_EMAIL" ]; then if [ -z "$PRODUCTION_STATE_DIR" ] || [ -z "$ACCOUNT_EMAIL" ]; then
err "state_dir and account_email must be set" err "state_dir and account_email must be set"
exit 1 exit 1
fi fi
[ -d "$STATE_DIR" ] || mkdir -p "$STATE_DIR" [ -d "$PRODUCTION_STATE_DIR" ] || mkdir -p "$PRODUCTION_STATE_DIR"
[ -d "$STAGING_STATE_DIR" ] || mkdir -p "$STAGING_STATE_DIR" [ -d "$STAGING_STATE_DIR" ] || mkdir -p "$STAGING_STATE_DIR"
trap err_out HUP TERM trap err_out HUP TERM