web: always try to renew cert on container boot

acme.sh is smart enough to not send the request out unless it's necessary.

web/rootfs/etc/cont-init.d/10-config

@@ -14,29 +14,30 @@ if [[ $DISABLE_HTTPS -ne 1 ]]; then
         pushd /opt
         sh ./acme.sh --install --home /config/acme.sh --accountemail $LETSENCRYPT_EMAIL
         popd
-        if [[ ! -f /config/acme-certs/$LETSENCRYPT_DOMAIN/fullchain.pem ]]; then
-            STAGING=""
-            if [[ $LETSENCRYPT_USE_STAGING -eq 1 ]]; then
-                STAGING="--staging"
-            fi
-            export LE_WORKING_DIR="/config/acme.sh"
-            # TODO: move away from standalone mode to webroot mode.
-            /config/acme.sh/acme.sh \
-                $STAGING \
-                --issue \
-                --standalone \
-                --pre-hook "if [[ -f /var/run/s6/services/nginx ]]; then s6-svc -d /var/run/s6/services/nginx; fi" \
-                --post-hook "if [[ -f /var/run/s6/services/nginx ]]; then s6-svc -u /var/run/s6/services/nginx; fi" \
-                -d $LETSENCRYPT_DOMAIN
-            rc=$?
-            if [[ $rc -eq 1 ]]; then
-                echo "Failed to obtain a certificate from the Let's Encrypt CA."
-                # this tries to get the user's attention and to spare the
-                # authority's rate limit:
-                sleep 15
-                echo "Exiting."
-                exit 1
-            fi
+
+        STAGING=""
+        if [[ $LETSENCRYPT_USE_STAGING -eq 1 ]]; then
+            STAGING="--staging"
+        fi
+        export LE_WORKING_DIR="/config/acme.sh"
+        # TODO: move away from standalone mode to webroot mode.
+        /config/acme.sh/acme.sh \
+            $STAGING \
+            --issue \
+            --standalone \
+            --pre-hook "if [[ -f /var/run/s6/services/nginx ]]; then s6-svc -d /var/run/s6/services/nginx; fi" \
+            --post-hook "if [[ -f /var/run/s6/services/nginx ]]; then s6-svc -u /var/run/s6/services/nginx; fi" \
+            -d $LETSENCRYPT_DOMAIN
+        rc=$?
+        if [[ $rc -eq 1 ]]; then
+            echo "Failed to obtain a certificate from the Let's Encrypt CA."
+            # this tries to get the user's attention and to spare the
+            # authority's rate limit:
+            sleep 15
+            echo "Exiting."
+            exit 1
+        fi
+        if [[ $rc -eq 0 ]]; then
             mkdir -p /config/acme-certs/$LETSENCRYPT_DOMAIN
             if ! /config/acme.sh/acme.sh \
                     --install-cert -d $LETSENCRYPT_DOMAIN \