fix: [letsencrypt] certificate renewal error upon ``crt create`` with ``http`` auth method

The renewal was not properly anticipated, and port 80 was not exposed as a consequence, leading to a failure to renew the certificate.
6 years ago · 365511be93
2 changed files with 7 additions and 3 deletions
--- a/letsencrypt/hooks/dc-pre-run
+++ b/letsencrypt/hooks/dc-pre-run
@ -59,7 +59,7 @@ if ! challenge_type=$(printf "%s" "$service_def" | shyaml get-value "options.cha
 fi
 config+=$(echo -en "\n    CHALLENGE_TYPE: $challenge_type")

-if will_need_http_access ;then
+if will_need_http_access; then
    while read container_id; do
        info "Attempting to clear port 80 by stopping $container_id"
        docker stop -t 5 "$container_id"
--- a/letsencrypt/lib/common
+++ b/letsencrypt/lib/common
@ -25,7 +25,7 @@ yaml_opt_bash_env_ignore_first_level() {


 will_need_http_access() {
-    local domains args_domains
+    local domains args_domains remaining
    [ "$challenge_type" == "http" ] || return 1
    [ "${remainder_args[0]}" == "crt" ] || return 1
    [ "${remainder_args[1]}" == "create" ] || return 1
@ -40,5 +40,9 @@ will_need_http_access() {
    args_domains=$(printf "%s " ${remainder_args[*]:2} | tr " " "\n" | sort)
    info domains: "$domains"
    info args_domain: "$args_domains"
-    [ "$domains" != "$args_domains" ]
+    remaining=$(printf "%s" "$out" | shyaml get-value remaining) || return 0
+    ## XXXvlab: not using the variables to decide number of max days remaining
+    ## for asking new certificate
+    [ "$domains" != "$args_domains" ] || [ "$remaining" -lt 30 ]
+
 }