@@ -116,6 +116,9 @@ function update_certs {
116116 host_varname=" LETSENCRYPT_${cid} _HOST"
117117 # Array variable indirection hack: http://stackoverflow.com/a/25880676/350221
118118 hosts_array=" ${host_varname} [@]"
119+ hosts_array_expanded=(" ${! hosts_array} "
120+ # First domain will be our base domain
121+ base_domain=" ${hosts_array_expanded[0]} "
119122
120123 params_d_str=" "
121124
@@ -132,11 +135,17 @@ function update_certs {
132135 fi
133136
134137 test_certificate_varname=" LETSENCRYPT_${cid} _TEST"
135- create_test_certificate=false
136- if [[ $( lc " ${! test_certificate_varname:- } " ) == true ]]; then
137- create_test_certificate=true
138- elif [[ $ACME_CA_URI == " https://acme-staging.api.letsencrypt.org/directory" ; then
139- create_test_certificate=true
138+ le_staging_uri=" https://acme-staging.api.letsencrypt.org/directory"
139+ if [[ $( lc " ${! test_certificate_varname:- } " ) == true ]] || \
140+ [[ " $ACME_CA_URI " == " $le_staging_uri " ; then
141+ # Use staging Let's Encrypt ACME end point
142+ acme_ca_uri=" $le_staging_uri "
143+ # Prefix test certificate directory with _test_
144+ certificate_dir=" /etc/nginx/certs/_test_$base_domain "
145+ else
146+ # Use default or user provided ACME end point
147+ acme_ca_uri=" $ACME_CA_URI "
148+ certificate_dir=" /etc/nginx/certs/$base_domain "
140149 fi
141150
142151 account_varname=" LETSENCRYPT_${cid} _ACCOUNT_ALIAS"
@@ -149,36 +158,9 @@ function update_certs {
149158 [[ $REUSE_PRIVATE_KEYS == true ]] && params_d_str+=" --reuse_key"
150159 [[ " ${1} " == " --force-renew" && params_d_str+=" --valid_min 7776000"
151160
152- hosts_array_expanded=(" ${! hosts_array} "
153- # First domain will be our base domain
154- base_domain=" ${hosts_array_expanded[0]} "
155-
156- if [[ " $create_test_certificate " == true ]]; then
157- # Use staging acme end point
158- acme_ca_uri=" https://acme-staging.api.letsencrypt.org/directory"
159- if [[ ! -f /etc/nginx/certs/.${base_domain} .test ]]; then
160- # Remove old certificates
161- [[ -n " ${base_domain// } " && rm -rf /etc/nginx/certs/${base_domain}
162- for domain in " ${! hosts_array} " ; do
163- rm -f /etc/nginx/certs/$domain .{crt,key,dhparam.pem}
164- done
165- touch /etc/nginx/certs/.${base_domain} .test
166- fi
167- else
168- acme_ca_uri=" $ACME_CA_URI "
169- if [[ -f /etc/nginx/certs/.${base_domain} .test ]]; then
170- # Remove old test certificates
171- [[ -n " ${base_domain// } " && rm -rf /etc/nginx/certs/${base_domain}
172- for domain in " ${! hosts_array} " ; do
173- rm -f /etc/nginx/certs/$domain .{crt,key,dhparam.pem}
174- done
175- rm -f /etc/nginx/certs/.${base_domain} .test
176- fi
177- fi
178-
179- # Create directory for the first domain
180- mkdir -p /etc/nginx/certs/$base_domain
181- pushd /etc/nginx/certs/$base_domain || return
161+ # Create directory for the first domain and make it the cwd
162+ mkdir -p " $certificate_dir "
163+ pushd " $certificate_dir " || return
182164
183165 for domain in " ${! hosts_array} " ; do
184166 # Add all the domains to certificate
@@ -227,7 +209,11 @@ function update_certs {
227209
228210 if [[ $simp_le_return -ne 2 ]]; then
229211 for domain in " ${! hosts_array} " ; do
230- create_links $base_domain $domain && should_reload_nginx=' true'
212+ if [[ " $acme_ca_uri " == " $le_staging_uri " ; then
213+ create_links " _test_$base_domain " " $domain " && should_reload_nginx=' true'
214+ else
215+ create_links " $base_domain " " $domain " && should_reload_nginx=' true'
216+ fi
231217 done
232218 # Queue nginx reload if a certificate was issued or renewed
233219 [[ $simp_le_return -eq 0 ]] && should_reload_nginx=' true'
0 commit comments