starred/dehydrated
1
0
Fork 0
mirror of https://github.com/dehydrated-io/dehydrated.git synced 2026-01-11 22:30:44 +01:00
Code Issues 79 Packages Projects Releases 10 Wiki Activity

hook.sh reload services only once after at least one domain change #445

New Issue
Closed
opened 2025-12-29 01:25:27 +01:00 by adam · 3 comments
adam commented 2025-12-29 01:25:27 +01:00
Owner
Copy Link

Originally created by @ghost on GitHub (Dec 2, 2019).

Hello,

Currently, when we want to reload services that are dependent on certificates, we may use the hook script deploy_cert() function. Unfortunately, this means that if the script is renewing multiple certificates, the deploy_cert() function will be called once per domain and thus reload the services multiple times.

deploy_cert() {
    local DOMAIN="${1}" KEYFILE="${2}" CERTFILE="${3}" FULLCHAINFILE="${4}" CHAINFILE="${5}" TIMESTAMP="${6}"

    echo "Reloading services..."
    systemctl reload httpd postfix haproxy dovecot

}

Reloading services...
Reloading services...
Reloading services...

Would it be possible to change the exit_hook() function, so that its passed a status parameter that tells if there was at least one certificate that was created/updated, so that the reload of the services only happens once?

exit_hook() {
    local STATUS="${1:-}"

    if [ ${STATUS} ... ] ...
          # at least one domain was created/changed, reload only once
          systemctl reload httpd postfix haproxy dovecot
    fi

}

Thank you.

Originally created by @ghost on GitHub (Dec 2, 2019). Hello, Currently, when we want to reload services that are dependent on certificates, we may use the hook script deploy_cert() function. Unfortunately, this means that if the script is renewing multiple certificates, the deploy_cert() function will be called once per domain and thus reload the services multiple times. ``` deploy_cert() { local DOMAIN="${1}" KEYFILE="${2}" CERTFILE="${3}" FULLCHAINFILE="${4}" CHAINFILE="${5}" TIMESTAMP="${6}" echo "Reloading services..." systemctl reload httpd postfix haproxy dovecot } Reloading services... Reloading services... Reloading services... ``` Would it be possible to change the exit_hook() function, so that its passed a status parameter that tells if there was at least one certificate that was created/updated, so that the reload of the services only happens once? ``` exit_hook() { local STATUS="${1:-}" if [ ${STATUS} ... ] ... # at least one domain was created/changed, reload only once systemctl reload httpd postfix haproxy dovecot fi } ``` Thank you.
adam closed this issue 2025-12-29 01:25:27 +01:00
adam commented 2025-12-29 01:25:28 +01:00
Author
Owner
Copy Link

@jahir commented on GitHub (Dec 2, 2019):

Not saying it wouldn't be nice to have to this as a built-in feature, it's very easy to do it by yourself though. This is how I do it:

at the top of the hook script:

HTTP_RELOAD_TRIGGER="$BASEDIR/.reload_httpd"

in deploy_cert():

    echo "*** new cert for $DOMAIN, scheduling httpd reload..."
    touch "$HTTP_RELOAD_TRIGGER"

in exit_hook():

    if [ -e "$HTTP_RELOAD_TRIGGER" ]; then
        echo "*** reloading httpd..."
        systemctl reload httpd
        rm -f "$HTTP_RELOAD_TRIGGER"
    fi
@jahir commented on GitHub (Dec 2, 2019): Not saying it wouldn't be nice to have to this as a built-in feature, it's very easy to do it by yourself though. This is how I do it: at the top of the hook script: ``` HTTP_RELOAD_TRIGGER="$BASEDIR/.reload_httpd" ``` in `deploy_cert()`: ``` echo "*** new cert for $DOMAIN, scheduling httpd reload..." touch "$HTTP_RELOAD_TRIGGER" ``` in `exit_hook()`: ``` if [ -e "$HTTP_RELOAD_TRIGGER" ]; then echo "*** reloading httpd..." systemctl reload httpd rm -f "$HTTP_RELOAD_TRIGGER" fi ```
adam commented 2025-12-29 01:25:28 +01:00
Author
Owner
Copy Link

@jobe1986 commented on GitHub (Dec 2, 2019):

I personally use the same method @jahir uses, though not exactly the same (the differences in my case are inconsequential, I still use flag files and test for the existence)

@jobe1986 commented on GitHub (Dec 2, 2019): I personally use the same method @jahir uses, though not exactly the same (the differences in my case are inconsequential, I still use flag files and test for the existence)
adam commented 2025-12-29 01:25:29 +01:00
Author
Owner
Copy Link

@ghost commented on GitHub (Mar 25, 2020):

no interest, closing

@ghost commented on GitHub (Mar 25, 2020): no interest, closing
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
Complicated
bug
enhancement
help wanted
pull-request
Mirrored from GitHub Pull Request
 suggestions wanted
testing
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
adam
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/dehydrated#445
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?