feat: add LEGO_ISSUER_CERT_PATH to hook (#2164)

This commit is contained in:
Ludovic Fernandez 2024-04-17 15:09:06 +02:00 committed by GitHub
parent d60c335cc0
commit 76eb1eac8a
No known key found for this signature in database
GPG key ID: B5690EEEBB952194

View file

@ -18,12 +18,13 @@ import (
) )
const ( const (
renewEnvAccountEmail = "LEGO_ACCOUNT_EMAIL" renewEnvAccountEmail = "LEGO_ACCOUNT_EMAIL"
renewEnvCertDomain = "LEGO_CERT_DOMAIN" renewEnvCertDomain = "LEGO_CERT_DOMAIN"
renewEnvCertPath = "LEGO_CERT_PATH" renewEnvCertPath = "LEGO_CERT_PATH"
renewEnvCertKeyPath = "LEGO_CERT_KEY_PATH" renewEnvCertKeyPath = "LEGO_CERT_KEY_PATH"
renewEnvCertPEMPath = "LEGO_CERT_PEM_PATH" renewEnvIssuerCertKeyPath = "LEGO_ISSUER_CERT_PATH"
renewEnvCertPFXPath = "LEGO_CERT_PFX_PATH" renewEnvCertPEMPath = "LEGO_CERT_PEM_PATH"
renewEnvCertPFXPath = "LEGO_CERT_PFX_PATH"
) )
func createRenew() *cli.Command { func createRenew() *cli.Command {
@ -212,17 +213,7 @@ func renewForDomains(ctx *cli.Context, client *lego.Client, certsStorage *Certif
certsStorage.SaveResource(certRes) certsStorage.SaveResource(certRes)
meta[renewEnvCertDomain] = domain addPathToMetadata(meta, domain, certRes, certsStorage)
meta[renewEnvCertPath] = certsStorage.GetFileName(domain, ".crt")
meta[renewEnvCertKeyPath] = certsStorage.GetFileName(domain, ".key")
if certsStorage.pem {
meta[renewEnvCertPEMPath] = certsStorage.GetFileName(domain, ".pem")
}
if certsStorage.pfx {
meta[renewEnvCertPFXPath] = certsStorage.GetFileName(domain, ".pfx")
}
return launchHook(ctx.String("renew-hook"), meta) return launchHook(ctx.String("renew-hook"), meta)
} }
@ -292,17 +283,7 @@ func renewForCSR(ctx *cli.Context, client *lego.Client, certsStorage *Certificat
certsStorage.SaveResource(certRes) certsStorage.SaveResource(certRes)
meta[renewEnvCertDomain] = domain addPathToMetadata(meta, domain, certRes, certsStorage)
meta[renewEnvCertPath] = certsStorage.GetFileName(domain, ".crt")
meta[renewEnvCertKeyPath] = certsStorage.GetFileName(domain, ".key")
if certsStorage.pem {
meta[renewEnvCertPEMPath] = certsStorage.GetFileName(domain, ".pem")
}
if certsStorage.pfx {
meta[renewEnvCertPFXPath] = certsStorage.GetFileName(domain, ".pfx")
}
return launchHook(ctx.String("renew-hook"), meta) return launchHook(ctx.String("renew-hook"), meta)
} }
@ -356,6 +337,24 @@ func getARIRenewalTime(ctx *cli.Context, cert *x509.Certificate, domain string,
return renewalTime return renewalTime
} }
func addPathToMetadata(meta map[string]string, domain string, certRes *certificate.Resource, certsStorage *CertificatesStorage) {
meta[renewEnvCertDomain] = domain
meta[renewEnvCertPath] = certsStorage.GetFileName(domain, certExt)
meta[renewEnvCertKeyPath] = certsStorage.GetFileName(domain, keyExt)
if certRes.IssuerCertificate != nil {
meta[renewEnvIssuerCertKeyPath] = certsStorage.GetFileName(domain, issuerExt)
}
if certsStorage.pem {
meta[renewEnvCertPEMPath] = certsStorage.GetFileName(domain, pemExt)
}
if certsStorage.pfx {
meta[renewEnvCertPFXPath] = certsStorage.GetFileName(domain, pfxExt)
}
}
func merge(prevDomains, nextDomains []string) []string { func merge(prevDomains, nextDomains []string) []string {
for _, next := range nextDomains { for _, next := range nextDomains {
var found bool var found bool