Merge pull request #179 from Turgon37/feature/178

#178 Add single quote around all domains names in shell commands
voxpupuli · Mar 27, 2019 · 3346538 · 3346538
2 parents 1d39b2b + 66fc5ec
commit 3346538
Show file tree

Hide file tree

Showing 2 changed files with 38 additions and 37 deletions.
diff --git a/manifests/certonly.pp b/manifests/certonly.pp
@@ -99,30 +99,31 @@
     'webroot': {
       $_plugin_args = zip($domains, $webroot_paths).map |$domain| {
         if $domain[1] {
-          "--webroot-path ${domain[1]} -d ${domain[0]}"
+          "--webroot-path ${domain[1]} -d '${domain[0]}'"
         } else {
-          "-d ${domain[0]}"
+          "-d '${domain[0]}'"
         }
       }
-      $plugin_args = ["--cert-name ${title}"] + $_plugin_args
+      $plugin_args = ["--cert-name '${title}'"] + $_plugin_args
     }
 
     'dns-rfc2136': {
       require letsencrypt::plugin::dns_rfc2136
+      $_domains = join($domains, '\' -d \'')
       $plugin_args = [
-        "--cert-name ${title} -d",
-        join($domains, ' -d '),
+        "--cert-name '${title}' -d",
+        "'${_domains}'",
         "--dns-rfc2136-credentials ${letsencrypt::plugin::dns_rfc2136::config_dir}/dns-rfc2136.ini",
         "--dns-rfc2136-propagation-seconds ${letsencrypt::plugin::dns_rfc2136::propagation_seconds}",
       ]
     }
 
     default: {
       if $ensure == 'present' {
-        $_plugin_args = join($domains, ' -d ')
-        $plugin_args  = "--cert-name ${title} -d ${_plugin_args}"
+        $_domains = join($domains, '\' -d \'')
+        $plugin_args  = "--cert-name '${title}' -d '${_domains}'"
       } else {
-        $plugin_args = "--cert-name ${title}"
+        $plugin_args = "--cert-name '${title}'"
       }
     }
   }
@@ -158,12 +159,12 @@
   $command = join($_command, ' ')
 
   $execution_environment = [ "VENV_PATH=${letsencrypt::venv_path}", ] + $environment
-  $verify_domains = join(unique($domains), ' ')
+  $verify_domains = join(unique($domains), '\' \'')
 
   if $ensure == 'present' {
-    $exec_ensure = { 'unless' => "/usr/local/sbin/letsencrypt-domain-validation ${live_path} ${verify_domains}" }
+    $exec_ensure = { 'unless' => "/usr/local/sbin/letsencrypt-domain-validation ${live_path} '${verify_domains}'" }
   } else {
-    $exec_ensure = { 'onlyif' => "/usr/local/sbin/letsencrypt-domain-validation ${live_path} ${verify_domains}" }
+    $exec_ensure = { 'onlyif' => "/usr/local/sbin/letsencrypt-domain-validation ${live_path} '${verify_domains}'" }
   }
 
   exec { "letsencrypt certonly ${title}":