diff options
| -rw-r--r-- | domains.conf.5 | 5 | ||||
| -rw-r--r-- | init.sh | 15 | ||||
| -rw-r--r-- | lfacme-renew.sh | 3 |
3 files changed, 18 insertions, 5 deletions
diff --git a/domains.conf.5 b/domains.conf.5 index 0f587e7..ba65610 100644 --- a/domains.conf.5 +++ b/domains.conf.5 @@ -106,6 +106,11 @@ A certificate has been issued or renewed. .Pp The following environment variables will be set when running the hook script: .Bl -tag -width LFACME_CERTFILE +.It Sy LFACME_CONFDIR +The +.Nm lfacme +configuration directory, e.g. +.Pa /usr/local/etc/lfacme . .It Sy LFACME_CERT The identifier of the certificate, i.e. the first field in .Nm . @@ -27,10 +27,16 @@ _BASEDIR="/usr/local" _SHARE="${_BASEDIR}/share/lfacme" _CHALLENGE="${_SHARE}/challenge" -# Our configuration directory. This might be overridden by command-line -# arguments. +# Our configuration directory. If $_CONFDIR is already set, then the script +# wants to provide its own config directory, probably from a command line +# argument. Otherwise if $LFACME_CONFDIR is set, we're running in a hook +# script, so use that as the config directory. Otherwise, use the default. if [ -z "$_CONFDIR" ]; then - _CONFDIR="${_BASEDIR}/etc/lfacme" + if ! [ -z "$LFACME_CONFDIR" ]; then + _CONFDIR="$LFACME_CONFDIR" + else + _CONFDIR="${_BASEDIR}/etc/lfacme" + fi fi # Our configuration file. @@ -70,7 +76,8 @@ _UACME_DIR="${ACME_DATADIR}/certs" _UACME=/usr/local/bin/uacme _uacme() { - "$_UACME" -a "$ACME_URL" -c "$_UACME_DIR" "$@" + env "LFACME_CONFDIR=${_CONFDIR}" \ + "$_UACME" -a "$ACME_URL" -c "$_UACME_DIR" "$@" } # Find a challenge script and make sure it's valid. If the challenge name diff --git a/lfacme-renew.sh b/lfacme-renew.sh index b9ebb38..f7878e6 100644 --- a/lfacme-renew.sh +++ b/lfacme-renew.sh @@ -214,7 +214,8 @@ _docert() { # otherwise, exit code is 0 which means we (re)issued the cert, # so run the hooks. for hook in $_rhooks; do - env "LFACME_CERT=${identifier}" \ + env "LFACME_CONFDIR=${_CONFDIR}" \ + "LFACME_CERT=${identifier}" \ "LFACME_KEYFILE=${keyfile}" \ "LFACME_CERTFILE=${certfile}" \ $hook newcert |