Skip to content

Commit

Permalink
fix(domains): check cert exists with desired domains
Browse files Browse the repository at this point in the history 
fixes #57
  • Loading branch information
@javierbertoli
javierbertoli committed Jun 13, 2021
1 parent a73cde0 commit a11fa8b
Showing 1 changed file with 20 additions and 7 deletions.
27 changes: 20 additions & 7 deletions letsencrypt/domains.sls
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,22 +4,22 @@
{% from "letsencrypt/map.jinja" import letsencrypt with context %}
{% if letsencrypt.use_package %}
# Renew checks if the cert exists and needs to be renewed
{% set check_cert_cmd = letsencrypt._cli_path ~ ' renew --dry-run --no-random-sleep-on-renew --cert-name' %}
{% set check_cert_cmd = letsencrypt._cli_path ~ ' certificates --cert-name' %}
{% set renew_cert_cmd = letsencrypt._cli_path ~ ' renew' %}
{% set create_cert_cmd = letsencrypt._cli_path %}
{% set old_check_cert_cmd_state = 'absent' %}
{% set old_renew_cert_cmd_state = 'absent' %}
{% set old_cron_state = 'absent' %}
{% set create_cert_cmd = letsencrypt._cli_path %}
{% else %}
{% set check_cert_cmd = '/usr/local/bin/check_letsencrypt_cert.sh' %}
{% set renew_cert_cmd = '/usr/local/bin/renew_letsencrypt_cert.sh' %}
{% set create_cert_cmd = letsencrypt.cli_install_dir ~ '/letsencrypt-auto' %}
{% set old_check_cert_cmd_state = 'managed' %}
{% set old_renew_cert_cmd_state = 'managed' %}
{% set old_cron_state = 'present' %}
{% set create_cert_cmd = letsencrypt.cli_install_dir ~ '/letsencrypt-auto' %}
{% endif %}
{{ check_cert_cmd }}:
file.{{ old_check_cert_cmd_state }}:
Expand All @@ -35,17 +35,30 @@
- require:
- file: {{ check_cert_cmd }}
{% endif %}
{% for setname, domainlist in letsencrypt.domainsets.items() %}
# domainlist[0] represents the "CommonName", and the rest
# represent SubjectAlternativeNames
create-initial-cert-{{ setname }}-{{ domainlist | join('+') }}:
cmd.run:
- unless: {{ check_cert_cmd }} {{ setname }}
- name: {{ create_cert_cmd }} {{ letsencrypt.create_init_cert_subcmd }} --quiet --cert-name {{ setname }} -d {{ domainlist|join(' -d ') }} --non-interactive
- name: |
{{ create_cert_cmd }} {{ letsencrypt.create_init_cert_subcmd }} \
--quiet \
--non-interactive \
--cert-name {{ setname }} \
-d {{ domainlist|join(' -d ') }}
{% if not letsencrypt.use_package %}
- cwd: {{ letsencrypt.cli_install_dir }}
{% endif %}
- unless:
- fun: cmd.run
python_shell: true
cmd: |
{{ check_cert_cmd }} {{ setname }} \
-d {{ domainlist|join(' -d ') }} | \
/bin/grep -q "Certificate Name: {{ setname }}"
- require:
{% if letsencrypt.use_package %}
- pkg: letsencrypt-client
Expand Down

0 comments on commit a11fa8b

Please sign in to comment.