From 700c04a6291d9eb3e940b21b7cba219fc7bd596d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sa=C3=BAl=20Ibarra=20Corretg=C3=A9?= <s@saghul.net>
Date: Fri, 4 Dec 2020 15:40:18 +0100
Subject: [PATCH] web: properly handle acme.sh return codes

It exits with 2 in case a renew is not necessary.
---
 web/rootfs/etc/cont-init.d/10-config | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/web/rootfs/etc/cont-init.d/10-config b/web/rootfs/etc/cont-init.d/10-config
index abe1949..8aede39 100644
--- a/web/rootfs/etc/cont-init.d/10-config
+++ b/web/rootfs/etc/cont-init.d/10-config
@@ -23,13 +23,15 @@ if [[ $DISABLE_HTTPS -ne 1 ]]; then
             fi
             export LE_WORKING_DIR="/config/acme.sh"
             # TODO: move away from standalone mode to webroot mode.
-            if ! /config/acme.sh/acme.sh \
-                    $STAGING \
-                    --issue \
-                    --standalone \
-                    --pre-hook "if [[ -f /var/run/s6/services/nginx ]]; then s6-svc -d /var/run/s6/services/nginx; fi" \
-                    --post-hook "if [[ -f /var/run/s6/services/nginx ]]; then s6-svc -u /var/run/s6/services/nginx; fi" \
-                    -d $LETSENCRYPT_DOMAIN ; then
+            /config/acme.sh/acme.sh \
+                $STAGING \
+                --issue \
+                --standalone \
+                --pre-hook "if [[ -f /var/run/s6/services/nginx ]]; then s6-svc -d /var/run/s6/services/nginx; fi" \
+                --post-hook "if [[ -f /var/run/s6/services/nginx ]]; then s6-svc -u /var/run/s6/services/nginx; fi" \
+                -d $LETSENCRYPT_DOMAIN
+            rc=$?
+            if [[ $rc -eq 1 ]]; then
                 echo "Failed to obtain a certificate from the Let's Encrypt CA."
                 # this tries to get the user's attention and to spare the
                 # authority's rate limit: