From 8cc7f86d2cee027f75e86ab8f9114ef64b2cf5a6 Mon Sep 17 00:00:00 2001 From: Svetlana Perekrestova <32782746+SPerekrestova@users.noreply.github.com> Date: Sun, 12 Apr 2026 13:30:15 +0200 Subject: [PATCH] fix: handle non-interactive mode in domain change command MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit When running without a TTY (e.g. ssh host 'mtproxymax domain newdomain'), the bare 'read -r _rot' returns exit code 1 (EOF). With set -eo pipefail active, this causes the script to exit immediately — before secret rotation and before restart_proxy_container is called. The engine continues running with the old domain in memory, silently rejecting all client connections from the new SNI as 'unknown SNI'. Fix: - Check [ -t 0 ] before attempting read - Default _rot to 'y' (rotate + restart) in non-interactive mode - Add read || _rot='y' guard for interactive mode too (rare edge case) - Print informational message so non-interactive callers know what happened --- mtproxymax.sh | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/mtproxymax.sh b/mtproxymax.sh index ece08fd..5800cc9 100644 --- a/mtproxymax.sh +++ b/mtproxymax.sh @@ -7079,8 +7079,13 @@ cli_main() { save_settings log_success "Domain changed to ${new_domain}" log_warn "Existing proxy links still encode the old domain" - echo -en " ${BOLD}Rotate all secrets for new domain? [Y/n]:${NC} " - local _rot; read -r _rot + local _rot="y" + if [ -t 0 ]; then + echo -en " ${BOLD}Rotate all secrets for new domain? [Y/n]:${NC} " + read -r _rot || _rot="y" + else + log_info "Non-interactive mode: rotating secrets and restarting automatically" + fi if [[ ! "$_rot" =~ ^[nN] ]]; then local _ri for _ri in "${!SECRETS_LABELS[@]}"; do