haproxy: service not reloaded on acme cert update #28038
Description
Package Name
haproxy
Maintainer
OpenWrt Version
24.10.4
OpenWrt Target/Subtarget
mediatek/filogic
Steps to Reproduce
Configure haproxy with an ssl certificate managed by acme, wait for certificate renewal. The haproxy service should be reloaded to update the certificate but it doesn't happen.
Actual Behaviour
The acme client is configured to send an ubus notification which should be handled by a trigger in the haproxy init script like this:
procd_add_raw_trigger acme.renew 5000 /etc/init.d/haproxy reload
So uppon receiving this notification, it triggers the reload action of the haproxy procd init script but it's configured with the procd 'file' param:
procd_set_param file "$HAPROXY_CONFIG"
This parameter according to procd's documentation will hash the files listed and then only actually reload the service if the hash of the file has changed. Since only the main haproxy config file is listed, the service will only be reloaded if it happens to have been modified since the last start/reload.
I wonder if the trigger should be modified to unconditionally reload the service by for example directly sending the reload signal like this:
procd_add_raw_trigger acme.renew 5000 procd_send_signal haproxy '*' USR2
I'm surprised no one else has it this so maybe something else in my setup inhibits the reload of the service.
Confirmation Checklist
- The package is maintained in this repository.
- I understand that issues related to the base OpenWrt repository or LuCI repository will be closed.
- I am reporting an issue for OpenWrt, not an unsupported fork.