diff --git a/templates/postgresql-letsencrypt-acme.sh.j2 b/templates/postgresql-letsencrypt-acme.sh.j2 index c731c38..9a2723e 100644 --- a/templates/postgresql-letsencrypt-acme.sh.j2 +++ b/templates/postgresql-letsencrypt-acme.sh.j2 @@ -13,23 +13,18 @@ RETVAL= [ ! -d $LE_LOG_DIR ] && mkdir $LE_LOG_DIR echo "$DATE" >> $LE_LOG_DIR/postgresql.log -if [ -f /etc/default/letsencrypt ] ; then - . /etc/default/letsencrypt -else - logger "acme-pg-hook: No letsencrypt default file" -fi - logger "acme-pg-hook: Check if the certificate has been renewed" cmp ${LE_CERTS_DIR}/privkey ${POSTGRESQL_KEYFILE} RETVAL=$? if [ $RETVAL -eq 0 ] ; then - logger "acme-pg-hook: No new cerficate. Doing nothing" - exit 0 + logger "acme-pg-hook: No new cerficate." + echo "acme-pg-hook: No new cerficate." >> $LE_LOG_DIR/postgresql.log +else + logger "acme-pg-hook: Copying the key file" + echo "Copy the key file" >> $LE_LOG_DIR/postgresql.log + /bin/cp -f ${LE_CERTS_DIR}/privkey ${POSTGRESQL_KEYFILE} fi -logger "acme-pg-hook: Copying the key file" -echo "Copy the key file" >> $LE_LOG_DIR/postgresql.log -cp ${LE_CERTS_DIR}/privkey ${POSTGRESQL_KEYFILE} chmod 440 ${POSTGRESQL_KEYFILE} chown root ${POSTGRESQL_KEYFILE} chgrp postgres ${POSTGRESQL_KEYFILE} @@ -41,6 +36,7 @@ if [ -x /bin/systemctl ] ; then {% else %} systemctl reload postgresql-{{ psql_version }} >> $LE_LOG_DIR/postgresql.log 2>&1 {% endif %} + echo "acme-pg-hook: Reload the postgresql service" >> $LE_LOG_DIR/postgresql.log else logger "acme-pg-hook: Restart the postgresql service after a certificate renewal" echo "Restart the postgresql service" >> $LE_LOG_DIR/postgresql.log @@ -48,7 +44,7 @@ else fi logger "acme-pg-hook: Done" -echo "Done." >> $LE_LOG_DIR/postgresql.log +echo "acme-pg-hook: Done." >> $LE_LOG_DIR/postgresql.log exit 0