diff options
| author | worldofpeace <worldofpeace@protonmail.ch> | 2020-04-18 13:16:16 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-04-18 13:16:16 -0400 |
| commit | 996ae856b6d9e91096041defde6bb6f7613f0098 (patch) | |
| tree | 5b230a7f0911196829c1b8d695e696b0a9c05a01 /nixos/modules/security/acme.nix | |
| parent | 5fbab6dabbc8f5a74ea65ed87b9755c9598f9648 (diff) | |
| parent | 8e88b8dce2826d4b3a55c9ac182574a69caf26a2 (diff) | |
| download | nixlib-996ae856b6d9e91096041defde6bb6f7613f0098.tar nixlib-996ae856b6d9e91096041defde6bb6f7613f0098.tar.gz nixlib-996ae856b6d9e91096041defde6bb6f7613f0098.tar.bz2 nixlib-996ae856b6d9e91096041defde6bb6f7613f0098.tar.lz nixlib-996ae856b6d9e91096041defde6bb6f7613f0098.tar.xz nixlib-996ae856b6d9e91096041defde6bb6f7613f0098.tar.zst nixlib-996ae856b6d9e91096041defde6bb6f7613f0098.zip | |
Merge pull request #85365 from immae/fix_acme_postrun
nixos/acme: Fix postRun in acme certificate being ran at every run
Diffstat (limited to 'nixos/modules/security/acme.nix')
| -rw-r--r-- | nixos/modules/security/acme.nix | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/nixos/modules/security/acme.nix b/nixos/modules/security/acme.nix index d5fb9b58f2ef..39976380e3b4 100644 --- a/nixos/modules/security/acme.nix +++ b/nixos/modules/security/acme.nix @@ -343,7 +343,9 @@ in # Test that existing cert is older than new cert KEY=${spath}/certificates/${keyName}.key + KEY_CHANGED=no if [ -e $KEY -a $KEY -nt key.pem ]; then + KEY_CHANGED=yes cp -p ${spath}/certificates/${keyName}.key key.pem cp -p ${spath}/certificates/${keyName}.crt fullchain.pem cp -p ${spath}/certificates/${keyName}.issuer.crt chain.pem @@ -354,7 +356,10 @@ in chmod ${fileMode} *.pem chown '${data.user}:${data.group}' *.pem - ${data.postRun} + if [ "$KEY_CHANGED" = "yes" ]; then + : # noop in case postRun is empty + ${data.postRun} + fi ''; in "+${script}"; |