diff --git a/web/rootfs/etc/cont-init.d/10-config b/web/rootfs/etc/cont-init.d/10-config index d9e9c67..3d55602 100644 --- a/web/rootfs/etc/cont-init.d/10-config +++ b/web/rootfs/etc/cont-init.d/10-config @@ -14,29 +14,30 @@ if [[ $DISABLE_HTTPS -ne 1 ]]; then pushd /opt sh ./acme.sh --install --home /config/acme.sh --accountemail $LETSENCRYPT_EMAIL popd - if [[ ! -f /config/acme-certs/$LETSENCRYPT_DOMAIN/fullchain.pem ]]; then - STAGING="" - if [[ $LETSENCRYPT_USE_STAGING -eq 1 ]]; then - STAGING="--staging" - fi - export LE_WORKING_DIR="/config/acme.sh" - # TODO: move away from standalone mode to webroot mode. - /config/acme.sh/acme.sh \ - $STAGING \ - --issue \ - --standalone \ - --pre-hook "if [[ -f /var/run/s6/services/nginx ]]; then s6-svc -d /var/run/s6/services/nginx; fi" \ - --post-hook "if [[ -f /var/run/s6/services/nginx ]]; then s6-svc -u /var/run/s6/services/nginx; fi" \ - -d $LETSENCRYPT_DOMAIN - rc=$? - if [[ $rc -eq 1 ]]; then - echo "Failed to obtain a certificate from the Let's Encrypt CA." - # this tries to get the user's attention and to spare the - # authority's rate limit: - sleep 15 - echo "Exiting." - exit 1 - fi + + STAGING="" + if [[ $LETSENCRYPT_USE_STAGING -eq 1 ]]; then + STAGING="--staging" + fi + export LE_WORKING_DIR="/config/acme.sh" + # TODO: move away from standalone mode to webroot mode. + /config/acme.sh/acme.sh \ + $STAGING \ + --issue \ + --standalone \ + --pre-hook "if [[ -f /var/run/s6/services/nginx ]]; then s6-svc -d /var/run/s6/services/nginx; fi" \ + --post-hook "if [[ -f /var/run/s6/services/nginx ]]; then s6-svc -u /var/run/s6/services/nginx; fi" \ + -d $LETSENCRYPT_DOMAIN + rc=$? + if [[ $rc -eq 1 ]]; then + echo "Failed to obtain a certificate from the Let's Encrypt CA." + # this tries to get the user's attention and to spare the + # authority's rate limit: + sleep 15 + echo "Exiting." + exit 1 + fi + if [[ $rc -eq 0 ]]; then mkdir -p /config/acme-certs/$LETSENCRYPT_DOMAIN if ! /config/acme.sh/acme.sh \ --install-cert -d $LETSENCRYPT_DOMAIN \