Skip to content

Commit

Permalink
Merge pull request #38 from balena-io/update-certificate-links-on-tld…
Browse files Browse the repository at this point in the history 
…-change

Update the links to certificates when DNS_TLD or TLD changes.
  • Loading branch information
@flowzone-app
flowzone-app[bot] authored Jun 27, 2023
2 parents b0cc2e3 + 07c8efe commit 49d77ad
Showing 1 changed file with 8 additions and 8 deletions.
16 changes: 8 additions & 8 deletions entry.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -453,15 +453,14 @@ function surface_resolved_cert_chain {
done

# shellcheck disable=SC2235
if ! [[ -e "${EXPORT_CERT_CHAIN_PATH}" ]]; then
if [[ -s "${CERTS}/${target}/${tld}-chain.pem" ]]; then
if ! diff -q "${CERTS}/${target}/${tld}-chain.pem" "${EXPORT_CERT_CHAIN_PATH}"; then
rm -f "${EXPORT_CERT_CHAIN_PATH}"
ln -s "${CERTS}/${target}/${tld}-chain.pem" "${EXPORT_CERT_CHAIN_PATH}"
fi
if [[ ! -L "${EXPORT_CERT_CHAIN_PATH}" || $(readlink "${EXPORT_CERT_CHAIN_PATH}") != "${CERTS}/${target}/${tld}-chain.pem" ]] \
&& [[ -s "${CERTS}/${target}/${tld}-chain.pem" ]]; then
if ! diff -q "${CERTS}/${target}/${tld}-chain.pem" "${EXPORT_CERT_CHAIN_PATH}"; then
rm -f "${EXPORT_CERT_CHAIN_PATH}"
ln -s "${CERTS}/${target}/${tld}-chain.pem" "${EXPORT_CERT_CHAIN_PATH}"
fi
else
echo "certificate at '${EXPORT_CERT_CHAIN_PATH}' is not a link"
echo "certificate at '${EXPORT_CERT_CHAIN_PATH}' is a link to ${CERTS}/${target}/${tld}-chain.pem."
fi
}

Expand All @@ -486,8 +485,9 @@ function surface_root_certs {
[[ -n "${tld}" ]] || return

for cert in ca-bundle server-ca root-ca; do
if ! [[ -L "${CERTS}/${cert}.pem" ]] \
if [[ ! -L "${CERTS}/${cert}.pem" || $(readlink "${CERTS}/${cert}.pem") != "${CERTS}/private/${cert}.${tld}.pem" ]] \
&& [[ -s "${CERTS}/private/${cert}.${tld}.pem" ]]; then
rm -f "${CERTS}/${cert}.pem"
ln -s "${CERTS}/private/${cert}.${tld}.pem" "${CERTS}/${cert}.pem"
fi
done
Expand Down

0 comments on commit 49d77ad

Please sign in to comment.