Skip to content

Commit 8fdd196

Browse files
buchdagbuchdag
committed
fix: trim whitespaces from per-container env vars
1 parent ec93ec8 commit 8fdd196

File tree

2 files changed

+37
-27
lines changed

2 files changed

+37
-27
lines changed

app/letsencrypt_service

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -152,7 +152,7 @@ function update_cert {
152152
params_issue_arr+=(--webroot /usr/share/nginx/html)
153153

154154
local -n cert_keysize="LETSENCRYPT_${cid}_KEYSIZE"
155-
if [[ -z "$cert_keysize" || "$cert_keysize" == "<no value>" ]] || \
155+
if [[ -z "$cert_keysize" ]] || \
156156
[[ ! "$cert_keysize" =~ ^(2048|3072|4096|ec-256|ec-384)$ ]]; then
157157
cert_keysize=$DEFAULT_KEY_SIZE
158158
fi
@@ -168,7 +168,7 @@ function update_cert {
168168
local config_home
169169
# If we don't have a LETSENCRYPT_EMAIL from the proxied container
170170
# and DEFAULT_EMAIL is set to a non empty value, use the latter.
171-
if [[ -z "$accountemail" || "$accountemail" == "<no value>" ]]; then
171+
if [[ -z "$accountemail" ]]; then
172172
if [[ -n "${DEFAULT_EMAIL// }" ]]; then
173173
accountemail="$DEFAULT_EMAIL"
174174
else
@@ -184,7 +184,7 @@ function update_cert {
184184
fi
185185

186186
local -n acme_ca_uri="ACME_${cid}_CA_URI"
187-
if [[ -z "$acme_ca_uri" || "$acme_ca_uri" == "<no value>" ]]; then
187+
if [[ -z "$acme_ca_uri" ]]; then
188188
# Use default or user provided ACME end point
189189
acme_ca_uri="$ACME_CA_URI"
190190
fi
@@ -229,15 +229,15 @@ function update_cert {
229229
local -n eab_kid="ACME_${cid}_EAB_KID"
230230
local -n eab_hmac_key="ACME_${cid}_EAB_HMAC_KEY"
231231
local -n zerossl_api_key="ZEROSSL_${cid}_API_KEY"
232-
if [[ -z "$zerossl_api_key" || "$zerossl_api_key" == "<no value>" ]]; then
232+
if [[ -z "$zerossl_api_key" ]]; then
233233
# Try using the default API key
234234
zerossl_api_key="$ZEROSSL_API_KEY"
235235
fi
236236
if [[ ! -f "$account_file" ]]; then
237-
if [[ -n "${eab_kid// }" && "$eab_kid" != "<no value>" && -n "${eab_hmac_key// }" && "$eab_hmac_key" != "<no value>" ]]; then
237+
if [[ -n "${eab_kid}" && -n "${eab_hmac_key}" ]]; then
238238
# Register the ACME account with the per container EAB credentials.
239239
params_register_arr+=(--eab-kid "$eab_kid" --eab-hmac-key "$eab_hmac_key")
240-
elif [[ -n "${zerossl_api_key// }" && "$zerossl_api_key" != "<no value>" ]]; then
240+
elif [[ -n "${zerossl_api_key}" ]]; then
241241
# We have a Zero SSL API key but no per-container EAB kid and hmac key.
242242
# Generate a set of ACME EAB credentials using the ZeroSSL API.
243243
local zerossl_api_response
@@ -293,7 +293,7 @@ function update_cert {
293293
fi
294294

295295
local -n acme_preferred_chain="ACME_${cid}_PREFERRED_CHAIN"
296-
if [[ -n "${acme_preferred_chain// }" && "$acme_preferred_chain" != "<no value>" ]]; then
296+
if [[ -n "${acme_preferred_chain}" ]]; then
297297
# Using amce.sh --preferred-chain to select alternate chain.
298298
params_issue_arr+=(--preferred-chain "$acme_preferred_chain")
299299
fi

app/letsencrypt_service_data.tmpl

Lines changed: 30 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -18,23 +18,33 @@ LETSENCRYPT_CONTAINERS=(
1818
{{ range $hosts, $containers := groupBy $ "Env.LETSENCRYPT_HOST" }}
1919
{{ $hosts := trimSuffix "," $hosts }}
2020
{{ range $container := $containers }}
21+
{{ $KEYSIZE := trim (coalesce $container.Env.LETSENCRYPT_KEYSIZE "") }}
22+
{{ $STAGING := trim (coalesce $container.Env.LETSENCRYPT_TEST "") }}
23+
{{ $EMAIL := trim (coalesce $container.Env.LETSENCRYPT_EMAIL "") }}
24+
{{ $CA_URI := trim (coalesce $container.Env.ACME_CA_URI "") }}
25+
{{ $PREFERRED_CHAIN := trim (coalesce $container.Env.ACME_PREFERRED_CHAIN "") }}
26+
{{ $OCSP := trim (coalesce $container.Env.ACME_OCSP "") }}
27+
{{ $EAB_KID := trim (coalesce $container.Env.ACME_EAB_KID "") }}
28+
{{ $EAB_HMAC_KEY := trim (coalesce $container.Env.ACME_EAB_HMAC_KEY "") }}
29+
{{ $ZEROSSL_API_KEY := trim (coalesce $container.Env.ZEROSSL_API_KEY "") }}
30+
{{ $RESTART_CONTAINER := trim (coalesce $container.Env.LETSENCRYPT_RESTART_CONTAINER "") }}
2131
{{ $cid := printf "%.12s" $container.ID }}
2232
{{ if parseBool (coalesce $container.Env.LETSENCRYPT_SINGLE_DOMAIN_CERTS "false") }}
2333
{{ range $host := split $hosts "," }}
2434
{{ $host := trim $host }}
2535
{{ $host := trimSuffix "." $host }}
2636
{{ $hostHash := sha1 $host }}
2737
{{- "\n" }}LETSENCRYPT_{{ $cid }}_{{ $hostHash }}_HOST=('{{ $host }}')
28-
{{- "\n" }}LETSENCRYPT_{{ $cid }}_{{ $hostHash }}_KEYSIZE="{{ $container.Env.LETSENCRYPT_KEYSIZE }}"
29-
{{- "\n" }}LETSENCRYPT_{{ $cid }}_{{ $hostHash }}_TEST="{{ $container.Env.LETSENCRYPT_TEST }}"
30-
{{- "\n" }}LETSENCRYPT_{{ $cid }}_{{ $hostHash }}_EMAIL="{{ $container.Env.LETSENCRYPT_EMAIL }}"
31-
{{- "\n" }}ACME_{{ $cid }}_{{ $hostHash }}_CA_URI="{{ $container.Env.ACME_CA_URI }}"
32-
{{- "\n" }}ACME_{{ $cid }}_{{ $hostHash }}_PREFERRED_CHAIN="{{ $container.Env.ACME_PREFERRED_CHAIN }}"
33-
{{- "\n" }}ACME_{{ $cid }}_{{ $hostHash }}_OCSP="{{ $container.Env.ACME_OCSP }}"
34-
{{- "\n" }}ACME_{{ $cid }}_{{ $hostHash }}_EAB_KID="{{ $container.Env.ACME_EAB_KID }}"
35-
{{- "\n" }}ACME_{{ $cid }}_{{ $hostHash }}_EAB_HMAC_KEY="{{ $container.Env.ACME_EAB_HMAC_KEY }}"
36-
{{- "\n" }}ZEROSSL_{{ $cid }}_{{ $hostHash }}_API_KEY="{{ $container.Env.ZEROSSL_API_KEY }}"
37-
{{- "\n" }}LETSENCRYPT_{{ $cid }}_{{ $hostHash }}_RESTART_CONTAINER="{{ $container.Env.LETSENCRYPT_RESTART_CONTAINER }}"
38+
{{- "\n" }}LETSENCRYPT_{{ $cid }}_{{ $hostHash }}_KEYSIZE="{{ $KEYSIZE }}"
39+
{{- "\n" }}LETSENCRYPT_{{ $cid }}_{{ $hostHash }}_TEST="{{ $STAGING }}"
40+
{{- "\n" }}LETSENCRYPT_{{ $cid }}_{{ $hostHash }}_EMAIL="{{ $EMAIL }}"
41+
{{- "\n" }}ACME_{{ $cid }}_{{ $hostHash }}_CA_URI="{{ $CA_URI }}"
42+
{{- "\n" }}ACME_{{ $cid }}_{{ $hostHash }}_PREFERRED_CHAIN="{{ $PREFERRED_CHAIN }}"
43+
{{- "\n" }}ACME_{{ $cid }}_{{ $hostHash }}_OCSP="{{ $OCSP }}"
44+
{{- "\n" }}ACME_{{ $cid }}_{{ $hostHash }}_EAB_KID="{{ $EAB_KID }}"
45+
{{- "\n" }}ACME_{{ $cid }}_{{ $hostHash }}_EAB_HMAC_KEY="{{ $EAB_HMAC_KEY }}"
46+
{{- "\n" }}ZEROSSL_{{ $cid }}_{{ $hostHash }}_API_KEY="{{ $ZEROSSL_API_KEY }}"
47+
{{- "\n" }}LETSENCRYPT_{{ $cid }}_{{ $hostHash }}_RESTART_CONTAINER="{{ $RESTART_CONTAINER }}"
3848
{{ end }}
3949
{{ else }}
4050
{{- "\n" }}LETSENCRYPT_{{ $cid }}_HOST=(
@@ -44,16 +54,16 @@ LETSENCRYPT_CONTAINERS=(
4454
'{{ $host }}'{{ " " }}
4555
{{- end -}}
4656
)
47-
{{- "\n" }}LETSENCRYPT_{{ $cid }}_KEYSIZE="{{ $container.Env.LETSENCRYPT_KEYSIZE }}"
48-
{{- "\n" }}LETSENCRYPT_{{ $cid }}_TEST="{{ $container.Env.LETSENCRYPT_TEST }}"
49-
{{- "\n" }}LETSENCRYPT_{{ $cid }}_EMAIL="{{ $container.Env.LETSENCRYPT_EMAIL }}"
50-
{{- "\n" }}ACME_{{ $cid }}_CA_URI="{{ $container.Env.ACME_CA_URI }}"
51-
{{- "\n" }}ACME_{{ $cid }}_PREFERRED_CHAIN="{{ $container.Env.ACME_PREFERRED_CHAIN }}"
52-
{{- "\n" }}ACME_{{ $cid }}_OCSP="{{ $container.Env.ACME_OCSP }}"
53-
{{- "\n" }}ACME_{{ $cid }}_EAB_KID="{{ $container.Env.ACME_EAB_KID }}"
54-
{{- "\n" }}ACME_{{ $cid }}_EAB_HMAC_KEY="{{ $container.Env.ACME_EAB_HMAC_KEY }}"
55-
{{- "\n" }}ZEROSSL_{{ $cid }}_API_KEY="{{ $container.Env.ZEROSSL_API_KEY }}"
56-
{{- "\n" }}LETSENCRYPT_{{ $cid }}_RESTART_CONTAINER="{{ $container.Env.LETSENCRYPT_RESTART_CONTAINER }}"
57+
{{- "\n" }}LETSENCRYPT_{{ $cid }}_KEYSIZE="{{ $KEYSIZE }}"
58+
{{- "\n" }}LETSENCRYPT_{{ $cid }}_TEST="{{ $STAGING }}"
59+
{{- "\n" }}LETSENCRYPT_{{ $cid }}_EMAIL="{{ $EMAIL }}"
60+
{{- "\n" }}ACME_{{ $cid }}_CA_URI="{{ $CA_URI }}"
61+
{{- "\n" }}ACME_{{ $cid }}_PREFERRED_CHAIN="{{ $PREFERRED_CHAIN }}"
62+
{{- "\n" }}ACME_{{ $cid }}_OCSP="{{ $OCSP }}"
63+
{{- "\n" }}ACME_{{ $cid }}_EAB_KID="{{ $EAB_KID }}"
64+
{{- "\n" }}ACME_{{ $cid }}_EAB_HMAC_KEY="{{ $EAB_HMAC_KEY }}"
65+
{{- "\n" }}ZEROSSL_{{ $cid }}_API_KEY="{{ $ZEROSSL_API_KEY }}"
66+
{{- "\n" }}LETSENCRYPT_{{ $cid }}_RESTART_CONTAINER="{{ $RESTART_CONTAINER }}"
5767
{{ end }}
5868
{{ end }}
5969
{{ end }}

0 commit comments

Comments
 (0)