Different hooks for different operations #208

New Issue

Closed

opened 2025-12-29 01:18:58 +01:00 by adam · 1 comment

adam commented 2025-12-29 01:18:58 +01:00

Owner

Copy Link

Originally created by @pv2b on GitHub (Mar 30, 2017).

Currently the HOOK variable is used like this (from the default config file)

Program or function called in certain situations

After generating the challenge-response, or after failed challenge (in this case altname is empty)
Given arguments: clean_challenge|deploy_challenge altname token-filename token-content

After successfully signing certificate
Given arguments: deploy_cert domain path/to/privkey.pem path/to/cert.pem path/to/fullchain.pem

BASEDIR and WELLKNOWN variables are exported and can be used in an external program
default: <unset>

IMO this does not make much sense because, in the case of DNS-01 challenges, challenge deployment is completely unrelated to certificate deployment.

A useful feature would therefore be to be able to specify different hooks for different operations, for example HOOK_DEPLOY_CERT would be called for deploy_cert operations. If HOOK_DEPLOY_CERT were unset, HOOK would be called instead, thereby preserving backwards compatibility. Of course the other operations would get their own environment variables as well.

This is more of a "nice to have" though, because it's pretty trivial to work around this limitation by making a hook that simply "routes" the right hook calls to the right script.

Originally created by @pv2b on GitHub (Mar 30, 2017). Currently the HOOK variable is used like this (from the default config file) > Program or function called in certain situations > > After generating the challenge-response, or after failed challenge (in this case altname is empty) > Given arguments: clean_challenge|deploy_challenge altname token-filename token-content > > After successfully signing certificate > Given arguments: deploy_cert domain path/to/privkey.pem path/to/cert.pem path/to/fullchain.pem > > BASEDIR and WELLKNOWN variables are exported and can be used in an external program > default: \<unset\> IMO this does not make much sense because, in the case of DNS-01 challenges, challenge deployment is completely unrelated to certificate deployment. A useful feature would therefore be to be able to specify different hooks for different operations, for example HOOK_DEPLOY_CERT would be called for deploy_cert operations. If HOOK_DEPLOY_CERT were unset, HOOK would be called instead, thereby preserving backwards compatibility. Of course the other operations would get their own environment variables as well. This is more of a "nice to have" though, because it's pretty trivial to work around this limitation by making a hook that simply "routes" the right hook calls to the right script.

adam closed this issue 2025-12-29 01:18:58 +01:00

adam commented 2025-12-29 01:18:59 +01:00

Author

Owner

Copy Link

@lukas2511 commented on GitHub (Jul 10, 2017):

Just use a master-script that distributes the hooks to other scripts, no need to implement this in dehydrated.

@lukas2511 commented on GitHub (Jul 10, 2017): Just use a master-script that distributes the hooks to other scripts, no need to implement this in dehydrated.

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

master

sudo-env

testing

rfc8738

jsonsh

v0.7.2

v0.7.1

v0.7.0

v0.6.5

v0.6.4

v0.6.3

v0.6.2

v0.6.1

v0.6.0

v0.5.0

v0.4.0

v0.3.1

v0.3.0

v0.2.0

v0.1.0

Labels

Clear labels

Complicated

bug

enhancement

help wanted

pull-request

Mirrored from GitHub Pull Request

suggestions wanted

testing

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

adam

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/dehydrated#208