From 35f751f41830981110775358f0d3bbca23890ebd Mon Sep 17 00:00:00 2001
From: Andrew Vant <ajvant@gmail.com>
Date: Thu, 7 Dec 2017 18:25:23 -0500
Subject: [PATCH] Add support for hook literals in pillar

---
 README.rst                  |  6 ++++++
 letsencrypt/client/init.sls | 11 +++++++++++
 2 files changed, 17 insertions(+)

diff --git a/README.rst b/README.rst
index ccf87cb..14b3828 100644
--- a/README.rst
+++ b/README.rst
@@ -206,6 +206,12 @@ don't run as root, to move certs somewhere they can access:
             - salt://path/to/deployhook1.sh
           post:
             - salt://path/to/posthook1.sh
+        # You can define hooks literally in pillar too
+        pillarhooks:
+          deploy:
+            deployhook1.sh: |
+              #!/bin/bash
+              echo "Triggered deploy hook"
 
 Legacy configuration
 --------------------
diff --git a/letsencrypt/client/init.sls b/letsencrypt/client/init.sls
index fd93af4..b70dab2 100644
--- a/letsencrypt/client/init.sls
+++ b/letsencrypt/client/init.sls
@@ -120,7 +120,18 @@ certbot_renewal_{{ hookset }}_hook_{{ loop.index }}:
     - mode: 700
     - require:
       - cmd: certbot_installed
+{%- endfor %}
+{%- endfor %}
 
+{%- for hookset, hooks in client.get("pillarhooks", {}).items() %}
+{%- for basename in hooks.keys() %}
+certbot_renewal_{{ hookset }}_phook_{{ loop.index }}:
+  file.managed:
+    - name: /etc/letsencrypt/renewal-hooks/{{ hookset }}/{{ basename }}
+    - contents_pillar: letsencrypt:client:pillarhooks:{{ hookset }}:{{ basename }}
+    - mode: 700
+    - require:
+      - cmd: certbot_installed
 {%- endfor %}
 {%- endfor %}