list-certificates: remove possible duplicated entry

Custom certificates have precedence over requested ones. In the case of both being present, due to a bug or because the Traefik configuration has not already reloaded, only the custom ones must be listed.
NethServer · Aug 6, 2024 · e6f7bb3 · e6f7bb3
1 parent cdaea2c
commit e6f7bb3
Showing 1 changed file with 13 additions and 9 deletions.
diff --git a/imageroot/actions/list-certificates/20readconfig b/imageroot/actions/list-certificates/20readconfig
@@ -27,24 +27,28 @@ except urllib.error.URLError as e:
     raise Exception(f'Error reaching traefik daemon: {e.reason}') from e
 certificates= []
 
+# Retrive the list custom certificates fqdn
+certificates_custom = []
+for item in list_custom_certificates():
+    certificates_custom.append(item["fqdn"])
+
 # list routes and retrieve either main for a simple list 
-# or name to use it inside the traefik API and list following type and valid acme cert
+# or name to use it inside the traefik API and list following type and valid acme cert.
+# Filter out custom certificates.
 for route in traefik_routes:
      if "certResolver" in route.get("tls", {}) and route['status'] == 'enabled':
          domains = route["tls"]["domains"]
-         if data != None and data.get('expand_list'):
-             # we do not use fqdn, we use name : certificate-sub.domain.com@file or nextcloud1-https@file
-             certificates.append(get_certificate({'name': route['name']}))
-         else:
-             certificates.append(domains[0]["main"])
+         if route["name"] not in certificates_custom:
+             if data != None and data.get('expand_list'):
+                 # we do not use fqdn, we use name : certificate-sub.domain.com@file or nextcloud1-https@file
+                 certificates.append(get_certificate({'name': route['name']}))
+             else:
+                 certificates.append(domains[0]["main"])
 
 # Retrieve custom certificate
 if data != None and data.get('expand_list'):
     certificates = certificates + list_custom_certificates()
 else:
-    certificates_custom = []
-    for item in list_custom_certificates():
-        certificates_custom.append(item["fqdn"])
     certificates = certificates + certificates_custom
 
 json.dump(certificates, fp=sys.stdout)