Merge pull request #85365 from immae/fix_acme_postrun

nixos/acme: Fix postRun in acme certificate being ran at every run
This commit is contained in:
worldofpeace 2020-04-18 13:16:16 -04:00 committed by GitHub
commit 996ae856b6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -343,7 +343,9 @@ in
# Test that existing cert is older than new cert
KEY=${spath}/certificates/${keyName}.key
KEY_CHANGED=no
if [ -e $KEY -a $KEY -nt key.pem ]; then
KEY_CHANGED=yes
cp -p ${spath}/certificates/${keyName}.key key.pem
cp -p ${spath}/certificates/${keyName}.crt fullchain.pem
cp -p ${spath}/certificates/${keyName}.issuer.crt chain.pem
@ -354,7 +356,10 @@ in
chmod ${fileMode} *.pem
chown '${data.user}:${data.group}' *.pem
${data.postRun}
if [ "$KEY_CHANGED" = "yes" ]; then
: # noop in case postRun is empty
${data.postRun}
fi
'';
in
"+${script}";