fix: better handeling of restart/reload logic

2025-05-07 14:53:07 +02:00 · 2025-05-07 14:53:07 +02:00 · 0f17ec7fd5
commit 0f17ec7fd5
parent df83b8aa59
2 changed files with 28 additions and 8 deletions
--- a/README.md
+++ b/README.md
@ -87,6 +87,12 @@ Use the `--disable-pem` to only fetch the .key and .crt:
 ./certman.sh --disable-pem
 ```

+### Restart service instead of Reload
+Some services do not support at soft restart (reload). use `--restart` to force this option insted of the default reload.
+```bash
+./certman.sh --restart
+```
+
 ## Environment Variables

 | Variable | Description | Required |
@ -97,6 +103,7 @@ Use the `--disable-pem` to only fetch the .key and .crt:
 | TEMP_PATH | Temporary directory for downloads | Yes |
 | FULLCHAIN_PEM | Enabled by default | No |
 | SERVICE_NAME | Service to reload after certificate updates | Yes |
+| SERIVCE_SUPPORTS | Reload or restart? Reload is the default | No |
 | CERT_OWNER | User owner for certificate files | Yes |
 | CERT_GROUP | Group owner for certificate files | Yes |
 | CERT_PERMISSIONS | Certificate file permissions | Yes |
--- a/certman.sh
+++ b/certman.sh
@ -26,6 +26,7 @@ load_env || exit 1

 AUTO_MODE="false"
 FORCE_UPDATE="false"
+SERVICE_SUPPORTS="${SERVICE_SUPPORTS:-reload}"
 FULLCHAIN_PEM="${FULLCHAIN_PEM:-true}"

 while [[ $# -gt 0 ]]; do
@ -42,6 +43,10 @@ while [[ $# -gt 0 ]]; do
            FULLCHAIN_PEM="false"
            shift
            ;;
+        --restart)
+            SERVICE_SUPPORTS="restart"
+            shift
+            ;;
        *)
            shift
            ;;
@ -222,16 +227,24 @@ process_certificates() {

    # Reload service if needed
    if [ $service_reloaded -eq 1 ]; then
-        echo -e "${BLUE}Reloading/restarting $SERVICE_NAME service...${NC}"
+        if [[ $SERVICE_SUPPORTS = reload ]]; then
+            echo -e "${BLUE}Reloading $SERVICE_NAME service...${NC}"
            if systemctl reload "$SERVICE_NAME"; then
                echo -e "${GREEN}Service reloaded successfully${NC}"
-        elif systemctl restart "$SERVICE_NAME"; then
+            else
+                echo -e "${RED}Failed to reload service${NC}"
+                return 1
+            fi
+        elif [[ $SERVICE_SUPPORTS = restart ]]; then
+            echo -e "${BLUE}Restarting $SERVICE_NAME service...${NC}"
+            if systemctl restart "$SERVICE_NAME"; then
                echo -e "${GREEN}Service restarted successfully${NC}"
            else
-            echo -e "${RED}Failed to reload or restart service${NC}"
+                echo -e "${RED}Failed to restart service${NC}"
                return 1
            fi
        fi
+    fi
 }

 check_cert_expiration() {