Fix include mailname in mailhost cert if different (not skip renew mailhost cert if identical: Git commit d9dd0fc seemingly intended to handle empty mailname).

1 files changed, 6 insertions, 2 deletions

diff --git a/dehydrated/cron.weekly/local-dehydrated b/dehydrated/cron.weekly/local-dehydrated
index 43ab94d..9e68459 100755
--- a/dehydrated/cron.weekly/local-dehydrated
+++ b/dehydrated/cron.weekly/local-dehydrated
@@ -6,7 +6,6 @@ set -eu
 
 # update non-EC mailhost cert if resolvable and not a certdomain
 mailhost=$(cat /etc/local-REDPILL/$(cat /etc/local-ORG/realm)/mailhost) || true
-mailname=$(cat /etc/mailname) || true
 
 fqdn=$(hostname --fqdn)
 if [ -n "$fqdn" ] && [ "$mailhost" != "$fqdn" ]; then
@@ -18,7 +17,12 @@ if [ -n "$domain" ] && [ "$mailhost" != "$domain" ] && [ "$fqdn" != "$domain" ];
 	extradomains=${extradomains:+$extradomains }$domain
 fi
 
-if [ -n "$mailhost" ] && [ "$mailhost" = "$mailname" ] && ! grep ^"$mailhost" /etc/dehydrated/domains.txt; then
+mailname=$(cat /etc/mailname) || true
+if [ -n "$mailname" ] && [ "$mailhost" != "$mailname" ] && [ "$fqdn" != "$mailhost" ] && [ "$domain" != "$mailhost" ]; then
+	extradomains=${extradomains:+$extradomains }$mailname
+fi
+
+if [ -n "$mailhost" ] && ! grep ^"$mailhost" /etc/dehydrated/domains.txt; then
 	dehydrated --cron --domain "$mailhost $extradomains" --algo rsa
 fi