x509/(selfsigned|ownca): add support for custom post-renewal scripts

author: Christian Pointner <equinox@spreadspace.org> 2023-09-22 20:13:19 +0200
committer: Christian Pointner <equinox@spreadspace.org> 2023-09-22 20:13:19 +0200
commit: 4b9d4a0810d79be50fb1e550dcc38c44f527bc96 (patch)
tree: e74d484d073c6fd4a48fd26e732e75513d610f40 /roles/x509/ownca/cert/prepare/templates/updated.sh.j2
parent: fix smartctl text collector and add some alerts for nvme metrics (diff)
1 files changed, 15 insertions, 0 deletions
diff --git a/roles/x509/ownca/cert/prepare/templates/updated.sh.j2 b/roles/x509/ownca/cert/prepare/templates/updated.sh.j2
new file mode 100644
index 00000000..15f68cd9
--- /dev/null
+++ b/roles/x509/ownca/cert/prepare/templates/updated.sh.j2
@@ -0,0 +1,15 @@
+#!/bin/sh
+{% if 'install' in x509_certificate_renewal %}
+{%   for file in x509_certificate_renewal.install %}
+
+install{% if 'mode' in file %} -m {{ file.mode }}{% endif %}{% if 'owner' in file %} -o {{ file.owner }}{% endif %}{% if 'owner' in file %} -g {{ file.group }}{% endif %} /dev/null "{{ file.dest }}.new"
+{%     for src in file.src %}
+cat "{{ lookup('vars', 'x509_certificate_path_' + src) }}" >> "{{ file.dest }}.new"
+mv "{{ file.dest }}.new" "{{ file.dest }}"
+{%     endfor %}
+{%   endfor %}
+{% endif %}
+{% if 'reload' in x509_certificate_renewal %}
+
+{{ x509_certificate_renewal.reload | trim }}
+{% endif %}
author	Christian Pointner <equinox@spreadspace.org>	2023-09-22 20:13:19 +0200
committer	Christian Pointner <equinox@spreadspace.org>	2023-09-22 20:13:19 +0200
commit	4b9d4a0810d79be50fb1e550dcc38c44f527bc96 (patch)
tree	e74d484d073c6fd4a48fd26e732e75513d610f40 /roles/x509/ownca/cert/prepare/templates/updated.sh.j2
parent	fix smartctl text collector and add some alerts for nvme metrics (diff)