haproxy.sh: allows certificate deployment to multiple hosts

deploy/haproxy.sh

@@ -43,7 +43,8 @@
 # needing to reload HAProxy. Default is "no".
 #
 # Require the socat binary. DEPLOY_HAPROXY_STATS_SOCKET variable uses the socat
-# address format.
+# address format. The certificate can be deployed to a comma separated ',' list
+# of hosts ("TCP4:10.0.0.1:1999,TCP4:10.0.0.2:1999")
 #
 # export DEPLOY_HAPROXY_MASTER_CLI="UNIX:/run/haproxy-master.sock"
 #
@@ -193,7 +194,6 @@ haproxy_deploy() {
   _issuer="${_pem}.issuer"
   _ocsp="${_pem}.ocsp"
   _reload="${Le_Deploy_haproxy_reload}"
-  _statssock="${Le_Deploy_haproxy_stats_socket}"
 
   _info "Deploying PEM file"
   # Create a temporary PEM file
@@ -327,7 +327,9 @@ haproxy_deploy() {
 
     # Update certificate over HAProxy stats socket or master CLI.
     if _exists socat; then
-      # look for the certificate on the stats socket, to chose between updating or creating one
+      export IFS=','
+      for _statssock in ${Le_Deploy_haproxy_stats_socket}; do
+        # look for the certificate on the stats socket, to choVse between updating or creating one
         _socat_cert_cmd="echo '${_cmdpfx}show ssl cert' | socat '${_statssock}' - | grep -q '^${_pem}$'"
         _debug _socat_cert_cmd "${_socat_cert_cmd}"
         eval "${_socat_cert_cmd}"
@@ -383,6 +385,7 @@ haproxy_deploy() {
             return "${_ret}"
           fi
         fi
+      done
     else
       _err "'socat' is not available, couldn't update over ${_socketname}"
     fi