renew-hook does not support quoted parameters - Githubissues

go-acme / lego

Let's Encrypt/ACME client and library written in Go

https://go-acme.github.io/lego/

MIT License

7.44k stars 985 forks source link

renew-hook does not support quoted parameters #2168

Closed mxmauro closed 2 months ago

mxmauro commented 2 months ago

Welcome

[X] Yes, I'm using a binary release within 2 latest releases.
[X] Yes, I've searched similar issues on GitHub and didn't find any.
[X] Yes, I've included all information below (version, config, etc).

What did you expect to see?

Hooks in certificate creation and renewal does not support quotes parameters because it uses strings.Fields to split fields.

I expect "nginx -t & nginx -s reload" to be parsed as a single command-line argument.

What did you see instead?

-t: line 0: syntax error: unterminated quoted string

How do you use lego?

Library

Reproduction steps

Run: `lego -d ... renew --renew-hook 'docker exec nginx sh -c "nginx -t & nginx -s reload"'

Version of lego

Latest. The file is not touched since 4 years.

Logs

2024/03/31 06:04:53 [INFO] [*.domain.com] Server responded with a certificate.
-t: line 0: syntax error: unterminated quoted string

Go environment (if applicable)

No response

ldez commented 2 months ago

Hello,

As you notice, this limitation is expected. You should use a script instead of an inline command.

To explain this limitation, exec.Command requires using a slice as the argument. The way to parse a command depends on the shell and the OS, there is no real way to smartly parse a string to use as arguments.

Duplicate of #1468