diff --git a/playbooks/roles/letsencrypt-acme-sh-install/files/driver.sh b/playbooks/roles/letsencrypt-acme-sh-install/files/driver.sh index 1322cc0b7f..d9b3b05638 100644 --- a/playbooks/roles/letsencrypt-acme-sh-install/files/driver.sh +++ b/playbooks/roles/letsencrypt-acme-sh-install/files/driver.sh @@ -23,6 +23,11 @@ fi # Ensure we don't write out files as world-readable umask 027 +function _exit { + echo "--- end --- $(date -u '+%Y-%m-%dT%k:%M:%S%z') ---" >> ${LOG_FILE} +} +trap _exit EXIT + echo -e "\n--- start --- ${1} --- $(date -u '+%Y-%m-%dT%k:%M:%S%z') ---" >> ${LOG_FILE} if [[ ${1} == "issue" ]]; then @@ -49,6 +54,16 @@ if [[ ${1} == "issue" ]]; then # shell magic ^ is # - extract everything between ' ' # - stick every two lines together, separated by a : + _exit_code=${PIPESTATUS[0]} + if [[ ${_exit_code} == 2 ]]; then + echo "Valid and current certificate found" >> ${LOG_FILE} + exit 0 + elif [[ ${_exit_code} == 3 ]]; then + echo "Certificate request issued" >> ${LOG_FILE} + else + echo "Unknown failure: ${_exit_code}" >> ${LOG_FILE} + exit ${_exit_code} + fi done elif [[ ${1} == "issue-selfsign" ]]; then shift; @@ -91,6 +106,16 @@ elif [[ ${1} == "renew" ]]; then --force \ --renew \ $arg 2>&1 | tee -a ${LOG_FILE} + _exit_code=${PIPESTATUS[0]} + if [[ ${_exit_code} == 2 ]]; then + echo "Valid and current certificate found" >> ${LOG_FILE} + exit 0 + elif [[ ${_exit_code} == 0 ]]; then + echo "Certificate renewed" >> ${LOG_FILE} + else + echo "Unknown failure: ${_exit_code}" >> ${LOG_FILE} + exit ${_exit_code} + fi done elif [[ ${1} == "selfsign" ]]; then # For testing, simulate the key generation @@ -160,5 +185,3 @@ else echo "Unknown driver arg: $1" exit 1 fi - -echo "--- end --- $(date -u '+%Y-%m-%dT%k:%M:%S%z') ---" >> ${LOG_FILE}