cleanup: also do cleanup if symlink is broken (closes #667)

The cleanup command skips filetypes for which the symlink is broken or doesn't exist. However, if dehydrated fails, we may end up in exactly the situation that the symlink doesn't exist (yet). If dehydrated fails repeatedly, we may end up with a lot of old cert.csr, cert.pem and privkey.pem files, so we really want to be able to clean them up. Remove all files if the symlink is broken/missing, instead of skipping those files. Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2026-04-11 03:06:49 +02:00 · 2019-08-30 17:02:56 +02:00
parent 835963fa6e
commit 129ec851ed
1 changed files with 7 additions and 5 deletions
--- a/12
+++ b/12
@@ -1879,11 +1879,13 @@ command_cleanup() {

    # Loop over file-types (certificates, keys, signing-requests, ...)
    for filetype in cert.csr cert.pem chain.pem fullchain.pem privkey.pem ocsp.der; do
-      # Skip if symlink is broken
-      [[ -r "${certdir}/${filetype}" ]] || continue
-
-      # Look up current file in use
-      current="$(basename "$(readlink "${certdir}/${filetype}")")"
+      # Delete all if symlink is broken
+      if [[ -r "${certdir}/${filetype}" ]]; then
+        # Look up current file in use
+        current="$(basename "$(readlink "${certdir}/${filetype}")")"
+      else
+        current=""
+      fi

      # Split filetype into name and extension
      filebase="$(echo "${filetype}" | cut -d. -f1)"