certbot-angie/usr/local/lib/systemd/certbot-ocsp-angie.sh

#!/bin/sh
# SPDX-License-Identifier: Apache-2.0
# (c) 2024, Konstantin Demin

set -ef

reload_angie=
while read -r certdir ; do
	[ -n "${certdir}" ] || continue

	chain="${certdir}/chain.pem"
	cert="${certdir}/cert.pem"
	ocsp="${certdir}/ocsp.der"

	[ -s "${cert}" ]  || continue
	[ -s "${chain}" ] || continue

	if certbot-ocsp "${chain}" "${cert}" "${ocsp}" ; then
		reload_angie=1
	fi
done <<EOF
$(find /etc/letsencrypt/live/ -xdev -follow -type f -name cert.pem -printf '%p\0' | xargs -0r dirname | sort -uV)
EOF

[ -n "${reload_angie}" ] || exit 0

angie_state=$(systemctl show --property=SubState angie.service | cut -d= -f2-)
[ "${angie_state}" = 'running' ] || exit 0

exec systemctl --no-ask-password reload angie.service