From 5685a34fe37f4cab70ba1a5b6d5420b49cb9817f Mon Sep 17 00:00:00 2001
From: Paul Lecuq <paul@paulbsd.com>
Date: Sun, 23 Oct 2022 16:39:33 +0200
Subject: [PATCH] updated acme state

---
 states/_states/pki.py     | 5 +++--
 states/acme/defaults.yaml | 1 +
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/states/_states/pki.py b/states/_states/pki.py
index 42544c5..065a423 100644
--- a/states/_states/pki.py
+++ b/states/_states/pki.py
@@ -25,6 +25,7 @@ def fetched(name=None,
 
     currentcert = __salt__['pki.get_file_content'](checkfile=certfile)
     currentkey = __salt__['pki.get_file_content'](checkfile=keyfile)
+    currentfullcert = __salt__['pki.get_file_content'](checkfile=fullcertfile)
 
     newcert, newkey = __salt__['pki.get_pki_cert'](url=url,
                                                    username=username,
@@ -32,8 +33,8 @@ def fetched(name=None,
                                                    domains=domain_concat)
     newfullcert = f"{newcert}\n\n{newkey}"
 
-    if all([newcert,newkey]):
-        if currentcert != newcert or currentkey != newkey:
+    if all([newcert,newkey,newfullcert]):
+        if currentcert != newcert or currentkey != newkey != currentfullcert != newfullcert:
             wcert = __salt__['pki.write_file_content'](newcert, certfile)
             wkey = __salt__['pki.write_file_content'](newkey, keyfile)
             wfullcert = __salt__['pki.write_file_content'](newfullcert, fullcertfile)
diff --git a/states/acme/defaults.yaml b/states/acme/defaults.yaml
index 226ad48..01639fd 100644
--- a/states/acme/defaults.yaml
+++ b/states/acme/defaults.yaml
@@ -5,6 +5,7 @@ acme:
     - "/etc/acme/dh/"
     - "/etc/acme/keys/"
     - "/etc/acme/certs/"
+    - "/etc/acme/fullchains/"
   dh:
     path: "/etc/acme/dh/dh.pem"
     keysize: 2048