diff --git a/library/roles/letsencrypt-acme-sh-client/files/acme-sh-request-cert b/library/roles/letsencrypt-acme-sh-client/files/acme-sh-request-cert index f37ae25a..47eaa129 100644 --- a/library/roles/letsencrypt-acme-sh-client/files/acme-sh-request-cert +++ b/library/roles/letsencrypt-acme-sh-client/files/acme-sh-request-cert @@ -26,12 +26,11 @@ if [ ! -f "$ACME_SH_CONFIG_HOME/ok_certificate_issued" ] ; then fi $ACME_SH_BIN $ACME_SH_FIRST_CERT_REQUEST > "$ACME_SH_ISSUE_LOG_FILE" 2>&1 RETVAL=$? - +else + $ACME_SH_BIN $ACME_SH_ISSUE_CERT_REQUEST > "$ACME_SH_ISSUE_LOG_FILE" 2>&1 + RETVAL=$? fi -$ACME_SH_BIN $ACME_SH_ISSUE_CERT_REQUEST > "$ACME_SH_ISSUE_LOG_FILE" 2>&1 -RETVAL=$? - if [ $RETVAL -eq 0 ] ; then touch "$ACME_SH_CONFIG_HOME/ok_certificate_issued" fi diff --git a/library/roles/letsencrypt-acme-sh-client/templates/acme_sh_request_env.j2 b/library/roles/letsencrypt-acme-sh-client/templates/acme_sh_request_env.j2 index 2d178e3d..bdeb0c13 100644 --- a/library/roles/letsencrypt-acme-sh-client/templates/acme_sh_request_env.j2 +++ b/library/roles/letsencrypt-acme-sh-client/templates/acme_sh_request_env.j2 @@ -47,7 +47,6 @@ ACME_SH_ISSUE_CERT_REQUEST="$ACME_SH_ISSUE_CERT_REQUEST $ACME_SH_ISSUE_CERT_DOMA # The complete command line to issue a certificate. The first time we have to use port 80 when not using the dns protocol ACME_SH_FIRST_CERT_REQUEST="$ACME_SH_ISSUE_CERT_REQUEST $ACME_SH_FIRST_REQUEST_CERT_DOMAINS" - # # Certificate install options # @@ -56,7 +55,7 @@ ACME_SH_INSTALL_CERT_REQUEST="--install-cert" ACME_SH_INSTALL_CERT_REQUEST="$ACME_SH_INSTALL_CERT_REQUEST --ecc" {% endif %} {% if letsencrypt_acme_sh_use_syslog %} -ACME_SH_INSTALL_CERT_DOMAINS="$ACME_SH_INSTALL_CERT_DOMAINS --syslog {{ letsencrypt_acme_sh_syslog_level }}" +ACME_SH_INSTALL_CERT_REQUEST="$ACME_SH_INSTALL_CERT_REQUEST --syslog {{ letsencrypt_acme_sh_syslog_level }}" {% endif %} ACME_SH_INSTALL_CERT_DOMAINS="{% for dom in letsencrypt_acme_sh_domains_install %} -d {{ dom.domain }} --cert-file {{ dom.cert_file }} --key-file {{ dom.key_file }} --fullchain-file {{ dom.fullchain_file }} --reloadcmd {{ dom.reloadcmd | default('/usr/local/bin/acme-services-hook') }} {% endfor %}"