only try and renew certs if they exist

2026-03-26 02:11:53 +00:00 · 2020-12-01 16:15:56 -07:00
parent efdc93d698
commit 6d56528e74
1 changed files with 8 additions and 3 deletions
--- a/agent/src/Daemon/SslRenew.hs
+++ b/agent/src/Daemon/SslRenew.hs
@@ -13,7 +13,8 @@ import           Lib.Ssl
 import           Daemon.ZeroConf                ( getStart9AgentHostname )
 import           Lib.Tor
 import           Control.Carrier.Lift
-import           System.Directory               ( removePathForcibly
+import           System.Directory               ( doesPathExist
+                                                , removePathForcibly
                                                , renameDirectory
                                                )
 import           Lib.SystemCtl
@@ -74,5 +75,9 @@ renewSslLeafCert ctx = do

 doesSslNeedRenew :: FilePath -> IO Bool
 doesSslNeedRenew cert = do
-    ec <- liftIO $ system [i|openssl x509 -checkend 2592000 -noout -in #{cert}|]
-    pure $ ec /= ExitSuccess
+    exists <- doesPathExist cert
+    if exists
+        then do
+            ec <- liftIO $ system [i|openssl x509 -checkend 2592000 -noout -in #{cert}|]
+            pure $ ec /= ExitSuccess
+        else pure False