starred/dehydrated
1
0
Fork 0
mirror of https://github.com/dehydrated-io/dehydrated.git synced 2026-01-13 15:13:33 +01:00
Code Issues 79 Packages Projects Releases 10 Wiki Activity

Help with deploy_challenge hook #427

New Issue
Closed
opened 2025-12-29 01:24:59 +01:00 by adam · 2 comments
adam commented 2025-12-29 01:24:59 +01:00
Owner
Copy Link

Originally created by @sglessard on GitHub (Sep 5, 2019).

Hello,

Using dehydrated v0.5.0, my script works well for a year +. All subdomains are hosted on the same servers (share the same nfs mount)

Now I have to add a new subdomain (say sub.domain.com) in the domains.txt which is hosted on another server. For the challenge i have added a hook script with the --hook parameter to transfert the challenge token.

./dehydrated --register --accept-terms --hook /some/path/letsencrypt-install-hook.sh
./dehydrated -c

/some/path/letsencrypt-install-hook.sh :

#!/bin/sh

deploy_challenge() {
    local DOMAIN="${1}" TOKEN_FILENAME="${2}" TOKEN_VALUE="${3}"
    
    # This hook is called once for every domain that needs to be
    # validated, including any alternative names you may have listed.
    #
    # Parameters:
    # - DOMAIN
    #   The domain name (CN or subject alternative name) being
    #   validated.
    # - TOKEN_FILENAME
    #   The name of the file containing the token to be served for HTTP
    #   validation. Should be served by your web server as
    #   /.well-known/acme-challenge/${TOKEN_FILENAME}.
    # - TOKEN_VALUE
    #   The token value that needs to be served for validation. For DNS
    #   validation, this is what you want to put in the _acme-challenge
    #   TXT record. For HTTP validation it is the value that is expected
    #   be found in the $TOKEN_FILENAME file.
    
    echo "Calling deploy_challenge() hook for ${DOMAIN}"

    if [[ "${DOMAIN:-}" = "sub.domain.com" ]]; then
        echo "Copy challenge token to sub.domain.com with scp..."
        scp [...]
    fi
}

HANDLER="$1"; shift
if [[ "${HANDLER}" =~ ^(deploy_challenge|clean_challenge|deploy_cert|unchanged_cert|invalid_challenge|request_failure|startup_hook|exit_hook)$ ]]; then
  "$HANDLER" "$@"
fi

The hook is not called (I dont see the echos in the log)
Am I missing something?
Thanks

Originally created by @sglessard on GitHub (Sep 5, 2019). Hello, Using dehydrated v0.5.0, my script works well for a year +. All subdomains are hosted on the same servers (share the same nfs mount) Now I have to add a new subdomain (say sub.domain.com) in the domains.txt which is hosted on another server. For the challenge i have added a hook script with the `--hook` parameter to transfert the challenge token. ``` ./dehydrated --register --accept-terms --hook /some/path/letsencrypt-install-hook.sh ./dehydrated -c ``` /some/path/letsencrypt-install-hook.sh : ``` #!/bin/sh deploy_challenge() { local DOMAIN="${1}" TOKEN_FILENAME="${2}" TOKEN_VALUE="${3}" # This hook is called once for every domain that needs to be # validated, including any alternative names you may have listed. # # Parameters: # - DOMAIN # The domain name (CN or subject alternative name) being # validated. # - TOKEN_FILENAME # The name of the file containing the token to be served for HTTP # validation. Should be served by your web server as # /.well-known/acme-challenge/${TOKEN_FILENAME}. # - TOKEN_VALUE # The token value that needs to be served for validation. For DNS # validation, this is what you want to put in the _acme-challenge # TXT record. For HTTP validation it is the value that is expected # be found in the $TOKEN_FILENAME file. echo "Calling deploy_challenge() hook for ${DOMAIN}" if [[ "${DOMAIN:-}" = "sub.domain.com" ]]; then echo "Copy challenge token to sub.domain.com with scp..." scp [...] fi } HANDLER="$1"; shift if [[ "${HANDLER}" =~ ^(deploy_challenge|clean_challenge|deploy_cert|unchanged_cert|invalid_challenge|request_failure|startup_hook|exit_hook)$ ]]; then "$HANDLER" "$@" fi ``` The hook is not called (I dont see the `echo`s in the log) Am I missing something? Thanks
adam closed this issue 2025-12-29 01:25:00 +01:00
adam commented 2025-12-29 01:25:00 +01:00
Author
Owner
Copy Link

@txr13 commented on GitHub (Sep 5, 2019):

You don't need the --hook parameter on the register command. You do need it on the cron command. Like so:

./dehydrated --register --accept-terms
./dehydrated -c --hook /some/path/letsencrypt-install-hook.sh

You may also find it useful to add the hook to the main config file (if it works for your normal domains as well) or to a per-certificate config file (if you only want it to run for this one certificate).

@txr13 commented on GitHub (Sep 5, 2019): You don't need the `--hook` parameter on the register command. You *do* need it on the cron command. Like so: ``` ./dehydrated --register --accept-terms ./dehydrated -c --hook /some/path/letsencrypt-install-hook.sh ``` You may also find it useful to add the hook to the main config file (if it works for your normal domains as well) or to a per-certificate config file (if you only want it to run for this one certificate).
adam commented 2025-12-29 01:25:00 +01:00
Author
Owner
Copy Link

@sglessard commented on GitHub (Sep 5, 2019):

Works as expected, i also had to include all the hook functions in the hook script.
Thanks!

@sglessard commented on GitHub (Sep 5, 2019): Works as expected, i also had to include all the hook functions in the hook script. Thanks!
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
Complicated
bug
enhancement
help wanted
pull-request
Mirrored from GitHub Pull Request
 suggestions wanted
testing
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
adam
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/dehydrated#427
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?