From 76eb1eac8add099c3399ff1d1e487c82a9db563c Mon Sep 17 00:00:00 2001 From: Ludovic Fernandez Date: Wed, 17 Apr 2024 15:09:06 +0200 Subject: [PATCH] feat: add LEGO_ISSUER_CERT_PATH to hook (#2164) --- cmd/cmd_renew.go | 55 ++++++++++++++++++++++++------------------------ 1 file changed, 27 insertions(+), 28 deletions(-) diff --git a/cmd/cmd_renew.go b/cmd/cmd_renew.go index edbb3098..ed6d728e 100644 --- a/cmd/cmd_renew.go +++ b/cmd/cmd_renew.go @@ -18,12 +18,13 @@ import ( ) const ( - renewEnvAccountEmail = "LEGO_ACCOUNT_EMAIL" - renewEnvCertDomain = "LEGO_CERT_DOMAIN" - renewEnvCertPath = "LEGO_CERT_PATH" - renewEnvCertKeyPath = "LEGO_CERT_KEY_PATH" - renewEnvCertPEMPath = "LEGO_CERT_PEM_PATH" - renewEnvCertPFXPath = "LEGO_CERT_PFX_PATH" + renewEnvAccountEmail = "LEGO_ACCOUNT_EMAIL" + renewEnvCertDomain = "LEGO_CERT_DOMAIN" + renewEnvCertPath = "LEGO_CERT_PATH" + renewEnvCertKeyPath = "LEGO_CERT_KEY_PATH" + renewEnvIssuerCertKeyPath = "LEGO_ISSUER_CERT_PATH" + renewEnvCertPEMPath = "LEGO_CERT_PEM_PATH" + renewEnvCertPFXPath = "LEGO_CERT_PFX_PATH" ) func createRenew() *cli.Command { @@ -212,17 +213,7 @@ func renewForDomains(ctx *cli.Context, client *lego.Client, certsStorage *Certif certsStorage.SaveResource(certRes) - meta[renewEnvCertDomain] = domain - meta[renewEnvCertPath] = certsStorage.GetFileName(domain, ".crt") - meta[renewEnvCertKeyPath] = certsStorage.GetFileName(domain, ".key") - - if certsStorage.pem { - meta[renewEnvCertPEMPath] = certsStorage.GetFileName(domain, ".pem") - } - - if certsStorage.pfx { - meta[renewEnvCertPFXPath] = certsStorage.GetFileName(domain, ".pfx") - } + addPathToMetadata(meta, domain, certRes, certsStorage) return launchHook(ctx.String("renew-hook"), meta) } @@ -292,17 +283,7 @@ func renewForCSR(ctx *cli.Context, client *lego.Client, certsStorage *Certificat certsStorage.SaveResource(certRes) - meta[renewEnvCertDomain] = domain - meta[renewEnvCertPath] = certsStorage.GetFileName(domain, ".crt") - meta[renewEnvCertKeyPath] = certsStorage.GetFileName(domain, ".key") - - if certsStorage.pem { - meta[renewEnvCertPEMPath] = certsStorage.GetFileName(domain, ".pem") - } - - if certsStorage.pfx { - meta[renewEnvCertPFXPath] = certsStorage.GetFileName(domain, ".pfx") - } + addPathToMetadata(meta, domain, certRes, certsStorage) return launchHook(ctx.String("renew-hook"), meta) } @@ -356,6 +337,24 @@ func getARIRenewalTime(ctx *cli.Context, cert *x509.Certificate, domain string, return renewalTime } +func addPathToMetadata(meta map[string]string, domain string, certRes *certificate.Resource, certsStorage *CertificatesStorage) { + meta[renewEnvCertDomain] = domain + meta[renewEnvCertPath] = certsStorage.GetFileName(domain, certExt) + meta[renewEnvCertKeyPath] = certsStorage.GetFileName(domain, keyExt) + + if certRes.IssuerCertificate != nil { + meta[renewEnvIssuerCertKeyPath] = certsStorage.GetFileName(domain, issuerExt) + } + + if certsStorage.pem { + meta[renewEnvCertPEMPath] = certsStorage.GetFileName(domain, pemExt) + } + + if certsStorage.pfx { + meta[renewEnvCertPFXPath] = certsStorage.GetFileName(domain, pfxExt) + } +} + func merge(prevDomains, nextDomains []string) []string { for _, next := range nextDomains { var found bool