From 4fc629331664fb9a2829112f0276c9bfe44a2121 Mon Sep 17 00:00:00 2001 From: Matthew Fennell Date: Sun, 28 Dec 2025 20:12:04 +0000 Subject: Add action flag Historically, this script only allowed renewal. This would break whenever subdomains were added to or removed from the config file, since, when renewing a certificate, the subdomains must remain the same as last time. I got around this by manually modifying the script each time I had to create a new cert. That's risky though, so introduce the structure to allow this to be passed from the terminal. --- renew-all | 23 +++++++++++++++-------- 1 file changed, 15 insertions(+), 8 deletions(-) diff --git a/renew-all b/renew-all index 05510fa..7be893e 100755 --- a/renew-all +++ b/renew-all @@ -10,6 +10,7 @@ import tomllib parser = argparse.ArgumentParser() parser.add_argument("--env", required=True, choices=["prod", "nonprod"]) +parser.add_argument("action", default="renew", nargs="?", choices=["renew", "run"]) args = parser.parse_args() @@ -27,6 +28,19 @@ def main() -> None: for subdomain in subdomain_list for request in ("--domains", subdomain) ] + actions = { + "renew": [ + "renew", + "--reuse-key", + "--days", + str(domain["renew_days"]), + "--renew-hook", + domain[f"renew_script_{args.env}"], + ], + "run": [ + "run", + ], + } command = ( [ "lego", @@ -40,14 +54,7 @@ def main() -> None: "--dns.disable-cp", ] + subdomain_requests - + [ - "renew", - "--reuse-key", - "--days", - str(domain["renew_days"]), - "--renew-hook", - domain[f"renew_script_{args.env}"], - ] + + actions[args.action] ) environment = { "DESEC_POLLING_INTERVAL": str(config["timeout_seconds"]), -- cgit v1.2.3