Merge pull request #85365 from immae/fix_acme_postrun
nixos/acme: Fix postRun in acme certificate being ran at every run
This commit is contained in:
commit
996ae856b6
@ -343,7 +343,9 @@ in
|
||||
|
||||
# Test that existing cert is older than new cert
|
||||
KEY=${spath}/certificates/${keyName}.key
|
||||
KEY_CHANGED=no
|
||||
if [ -e $KEY -a $KEY -nt key.pem ]; then
|
||||
KEY_CHANGED=yes
|
||||
cp -p ${spath}/certificates/${keyName}.key key.pem
|
||||
cp -p ${spath}/certificates/${keyName}.crt fullchain.pem
|
||||
cp -p ${spath}/certificates/${keyName}.issuer.crt chain.pem
|
||||
@ -354,7 +356,10 @@ in
|
||||
chmod ${fileMode} *.pem
|
||||
chown '${data.user}:${data.group}' *.pem
|
||||
|
||||
${data.postRun}
|
||||
if [ "$KEY_CHANGED" = "yes" ]; then
|
||||
: # noop in case postRun is empty
|
||||
${data.postRun}
|
||||
fi
|
||||
'';
|
||||
in
|
||||
"+${script}";
|
||||
|
Loading…
Reference in New Issue
Block a user