@@ -50,6 +50,8 @@ function create_links {
50
50
}
51
51
52
52
function cleanup_links {
53
+ local -a LETSENCRYPT_CONTAINERS
54
+ local -a LETSENCRYPT_STANDALONE_CERTS
53
55
local -a ENABLED_DOMAINS
54
56
local -a SYMLINKED_DOMAINS
55
57
local -a DISABLED_DOMAINS
@@ -65,9 +67,10 @@ function cleanup_links {
65
67
[[ " $DEBUG " == true ]] && echo " Symlinked domains: ${SYMLINKED_DOMAINS[*]} "
66
68
67
69
# Create an array containing domains that are considered
68
- # enabled (ie present on /app/letsencrypt_service_data).
69
- # shellcheck source=/dev/null
70
- source /app/letsencrypt_service_data
70
+ # enabled (ie present on /app/letsencrypt_service_data or /app/letsencrypt_user_data).
71
+ [[ -f /app/letsencrypt_service_data ]] && source /app/letsencrypt_service_data
72
+ [[ -f /app/letsencrypt_user_data ]] && source /app/letsencrypt_user_data
73
+ LETSENCRYPT_CONTAINERS+=( " ${LETSENCRYPT_STANDALONE_CERTS[@]} " )
71
74
for cid in " ${LETSENCRYPT_CONTAINERS[@]} " ; do
72
75
host_varname=" LETSENCRYPT_${cid} _HOST"
73
76
hosts_array=" ${host_varname} [@]"
@@ -80,7 +83,7 @@ function cleanup_links {
80
83
81
84
# Create an array containing only domains for which a symlinked private key exists
82
85
# in /etc/nginx/certs but that no longer have a corresponding LETSENCRYPT_HOST set
83
- # on an active container.
86
+ # on an active container or on /app/letsencrypt_user_data
84
87
if [[ ${# SYMLINKED_DOMAINS[@]} -gt 0 ]]; then
85
88
mapfile -t DISABLED_DOMAINS < <( echo " ${SYMLINKED_DOMAINS[@]} " \
86
89
" ${ENABLED_DOMAINS[@]} " \
@@ -120,15 +123,34 @@ function cleanup_links {
120
123
}
121
124
122
125
function update_certs {
126
+ local -a LETSENCRYPT_CONTAINERS
127
+ local -a LETSENCRYPT_STANDALONE_CERTS
123
128
124
129
check_nginx_proxy_container_run || return
125
130
126
- [[ -f /app/letsencrypt_service_data ]] || return
127
-
128
131
# Load relevant container settings
129
- unset LETSENCRYPT_CONTAINERS
130
- # shellcheck source=/dev/null
131
- source /app/letsencrypt_service_data
132
+ if [[ -f /app/letsencrypt_service_data ]]; then
133
+ source /app/letsencrypt_service_data
134
+ else
135
+ echo " Warning: /app/letsencrypt_service_data not found, skipping data from containers."
136
+ fi
137
+
138
+ # Load settings for standalone certs
139
+ if [[ -f /app/letsencrypt_user_data ]]; then
140
+ if source /app/letsencrypt_user_data; then
141
+ for cid in " ${LETSENCRYPT_STANDALONE_CERTS[@]} " ; do
142
+ host_varname=" LETSENCRYPT_${cid} _HOST"
143
+ hosts_array=" ${host_varname} [@]"
144
+ for domain in " ${! hosts_array} " ; do
145
+ add_standalone_configuration " $domain "
146
+ done
147
+ done
148
+ reload_nginx
149
+ LETSENCRYPT_CONTAINERS+=( " ${LETSENCRYPT_STANDALONE_CERTS[@]} " )
150
+ else
151
+ echo " Warning: could not source /app/letsencrypt_user_data, skipping user data"
152
+ fi
153
+ fi
132
154
133
155
should_reload_nginx=' false'
134
156
for cid in " ${LETSENCRYPT_CONTAINERS[@]} " ; do
@@ -145,15 +167,15 @@ function update_certs {
145
167
146
168
# Use container's LETSENCRYPT_EMAIL if set, fallback to DEFAULT_EMAIL
147
169
email_varname=" LETSENCRYPT_${cid} _EMAIL"
148
- email_address=" ${! email_varname} "
170
+ email_address=" ${! email_varname:- " <no value> " } "
149
171
if [[ " $email_address " != " <no value>" ]]; then
150
172
params_d_arr+=(--email " $email_address " )
151
173
elif [[ -n " ${DEFAULT_EMAIL:- } " ]]; then
152
174
params_d_arr+=(--email " $DEFAULT_EMAIL " )
153
175
fi
154
176
155
177
keysize_varname=" LETSENCRYPT_${cid} _KEYSIZE"
156
- cert_keysize=" ${! keysize_varname} "
178
+ cert_keysize=" ${! keysize_varname:- " <no value> " } "
157
179
if [[ " $cert_keysize " == " <no value>" ]]; then
158
180
cert_keysize=$DEFAULT_KEY_SIZE
159
181
fi
@@ -173,7 +195,7 @@ function update_certs {
173
195
fi
174
196
175
197
account_varname=" LETSENCRYPT_${cid} _ACCOUNT_ALIAS"
176
- account_alias=" ${! account_varname} "
198
+ account_alias=" ${! account_varname:- " <no value> " } "
177
199
if [[ " $account_alias " == " <no value>" ]]; then
178
200
account_alias=default
179
201
fi
@@ -182,7 +204,7 @@ function update_certs {
182
204
[[ $REUSE_PRIVATE_KEYS == true ]] && params_d_arr+=(--reuse_key)
183
205
184
206
min_validity=" LETSENCRYPT_${cid} _MIN_VALIDITY"
185
- min_validity=" ${! min_validity} "
207
+ min_validity=" ${! min_validity:- " <no value> " } "
186
208
if [[ " $min_validity " == " <no value>" ]]; then
187
209
min_validity=$DEFAULT_MIN_VALIDITY
188
210
fi
@@ -310,6 +332,13 @@ function update_certs {
310
332
docker_restart " ${cid} "
311
333
fi
312
334
335
+ for domain in " ${! hosts_array} " ; do
336
+ if [[ -f " /etc/nginx/conf.d/standalone-cert-$domain .conf" ]]; then
337
+ [[ $DEBUG == true ]] && echo " Debug: removing standalone configuration file /etc/nginx/conf.d/standalone-cert-$domain .conf"
338
+ rm -f " /etc/nginx/conf.d/standalone-cert-$domain .conf" && should_reload_nginx=' true'
339
+ fi
340
+ done
341
+
313
342
done
314
343
315
344
cleanup_links && should_reload_nginx=' true'
0 commit comments