From 917f0f6a9cb61d903d4bca236bee129e9b868167 Mon Sep 17 00:00:00 2001
From: Brennan Kinney <5098581+polarathene@users.noreply.github.com>
Date: Fri, 5 Nov 2021 12:08:57 +1300
Subject: [PATCH] fix: Monitor for changes in supported letsencrypt locations
 (#2279)

Previously we only monitored for `$HOSTNAME` in `/etc/letsencrypt/live` and only for hard-coded `.pem` filenames.

This ensures we check the locations of other locations that may not match `$HOSTNAME`, which we also support. Ideally in future at least the directory to look in would be better known in advance..
---
 target/scripts/helper-functions.sh | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

diff --git a/target/scripts/helper-functions.sh b/target/scripts/helper-functions.sh
index 628fe638..22faf5e0 100755
--- a/target/scripts/helper-functions.sh
+++ b/target/scripts/helper-functions.sh
@@ -260,6 +260,19 @@ CHKSUM_FILE=/tmp/docker-mailserver-config-chksum
 # Compute checksums of monitored files.
 function _monitored_files_checksums
 {
+  # If a wildcard path pattern (or an empty ENV) would yield an invalid path
+  # or no results, `shopt -s nullglob` prevents it from being added.
+  shopt -s nullglob
+
+  # React to any cert changes within the following letsencrypt locations:
+  local DYNAMIC_FILES
+  for FILE in /etc/letsencrypt/live/"${SSL_DOMAIN}"/*.pem \
+              /etc/letsencrypt/live/"${HOSTNAME}"/*.pem   \
+              /etc/letsencrypt/live/"${DOMAINNAME}"/*.pem
+  do
+    DYNAMIC_FILES="${DYNAMIC_FILES} ${FILE}"
+  done
+
   (
     cd /tmp/docker-mailserver || exit 1
     exec sha512sum 2>/dev/null -- \
@@ -268,9 +281,7 @@ function _monitored_files_checksums
       postfix-aliases.cf \
       dovecot-quotas.cf \
       /etc/letsencrypt/acme.json \
-      "/etc/letsencrypt/live/${HOSTNAME}/key.pem" \
-      "/etc/letsencrypt/live/${HOSTNAME}/privkey.pem" \
-      "/etc/letsencrypt/live/${HOSTNAME}/fullchain.pem"
+      "${DYNAMIC_FILES}"
   )
 }
 export -f _monitored_files_checksums