diff options
| author | Matthew Fennell <matthew@fennell.dev> | 2025-12-28 20:12:04 +0000 |
|---|---|---|
| committer | Matthew Fennell <matthew@fennell.dev> | 2025-12-29 01:48:48 +0000 |
| commit | 4fc629331664fb9a2829112f0276c9bfe44a2121 (patch) | |
| tree | 6c504e5853b46d32f53d6693d81145243fb6fcbb | |
| parent | f55564b0c5c0791c31b2c14351a7635d23ea0469 (diff) | |
Add action flag
Historically, this script only allowed renewal. This would break whenever
subdomains were added to or removed from the config file, since, when renewing
a certificate, the subdomains must remain the same as last time.
I got around this by manually modifying the script each time I had to create a
new cert. That's risky though, so introduce the structure to allow this to be
passed from the terminal.
| -rwxr-xr-x | renew-all | 23 |
1 files changed, 15 insertions, 8 deletions
@@ -10,6 +10,7 @@ import tomllib parser = argparse.ArgumentParser() parser.add_argument("--env", required=True, choices=["prod", "nonprod"]) +parser.add_argument("action", default="renew", nargs="?", choices=["renew", "run"]) args = parser.parse_args() @@ -27,6 +28,19 @@ def main() -> None: for subdomain in subdomain_list for request in ("--domains", subdomain) ] + actions = { + "renew": [ + "renew", + "--reuse-key", + "--days", + str(domain["renew_days"]), + "--renew-hook", + domain[f"renew_script_{args.env}"], + ], + "run": [ + "run", + ], + } command = ( [ "lego", @@ -40,14 +54,7 @@ def main() -> None: "--dns.disable-cp", ] + subdomain_requests - + [ - "renew", - "--reuse-key", - "--days", - str(domain["renew_days"]), - "--renew-hook", - domain[f"renew_script_{args.env}"], - ] + + actions[args.action] ) environment = { "DESEC_POLLING_INTERVAL": str(config["timeout_seconds"]), |