Update custom cert job to not duplicate certs if the cert is global

2023-05-31 14:16:07 -04:00 · 2023-05-31 14:16:07 -04:00 · 1d14db7e18
parent 7efb82a7ee
commit 1d14db7e18
1 changed files with 33 additions and 36 deletions
--- a/src/common/core/customcert/jobs/custom-cert.py
+++ b/src/common/core/customcert/jobs/custom-cert.py
@ -107,8 +107,25 @@ try:
        parents=True, exist_ok=True
    )

-    # Multisite case
-    if getenv("MULTISITE") == "yes":
+    if getenv("USE_CUSTOM_SSL", "no") == "yes" and getenv("SERVER_NAME", "") != "":
+        db = Database(
+            logger,
+            sqlalchemy_string=getenv("DATABASE_URI", None),
+        )
+
+        cert_path = getenv("CUSTOM_SSL_CERT", "")
+        key_path = getenv("CUSTOM_SSL_KEY", "")
+
+        if cert_path and key_path:
+            logger.info(f"Checking certificate {cert_path} ...")
+            need_reload = check_cert(cert_path, key_path)
+            if need_reload:
+                logger.info(f"Detected change for certificate {cert_path}")
+                status = 1
+            else:
+                logger.info(f"No change for certificate {cert_path}")
+
+    if getenv("MULTISITE", "no") == "yes":
        servers = getenv("SERVER_NAME") or []

        if isinstance(servers, str):
@ -127,43 +144,23 @@ try:
                    sqlalchemy_string=getenv("DATABASE_URI", None),
                )

-            cert_path = getenv(
-                f"{first_server}_CUSTOM_SSL_CERT", getenv("CUSTOM_SSL_CERT", "")
-            )
-            key_path = getenv(
-                f"{first_server}_CUSTOM_SSL_KEY", getenv("CUSTOM_SSL_KEY", "")
-            )
+            cert_path = getenv(f"{first_server}_CUSTOM_SSL_CERT", "")
+            key_path = getenv(f"{first_server}_CUSTOM_SSL_KEY", "")

-            logger.info(
-                f"Checking certificate {cert_path} ...",
-            )
-            need_reload = check_cert(cert_path, key_path, first_server)
-            if need_reload:
+            if cert_path and key_path:
                logger.info(
-                    f"Detected change for certificate {cert_path}",
+                    f"Checking certificate {cert_path} ...",
                )
-                status = 1
-            else:
-                logger.info(
-                    f"No change for certificate {cert_path}",
-                )
-    # Singlesite case
-    elif getenv("USE_CUSTOM_SSL") == "yes" and getenv("SERVER_NAME") != "":
-        db = Database(
-            logger,
-            sqlalchemy_string=getenv("DATABASE_URI", None),
-        )
-
-        cert_path = getenv("CUSTOM_SSL_CERT", "")
-        key_path = getenv("CUSTOM_SSL_KEY", "")
-
-        logger.info(f"Checking certificate {cert_path} ...")
-        need_reload = check_cert(cert_path, key_path)
-        if need_reload:
-            logger.info(f"Detected change for certificate {cert_path}")
-            status = 1
-        else:
-            logger.info(f"No change for certificate {cert_path}")
+                need_reload = check_cert(cert_path, key_path, first_server)
+                if need_reload:
+                    logger.info(
+                        f"Detected change for certificate {cert_path}",
+                    )
+                    status = 1
+                else:
+                    logger.info(
+                        f"No change for certificate {cert_path}",
+                    )
 except:
    status = 2
    logger.error(f"Exception while running custom-cert.py :\n{format_exc()}")