#!/bin/sh

ACTION=${1}

if [[ "$ACTION" == "deploy_cert" ]]; then
  # New cert
  DOM=${2}
  KEY=${3}
  CRT=${4}
  CHAIN=${5}
  /sbin/e-smith/db configuration setprop modSSL key $KEY crt $CRT CertificateChainFile $CHAIN
  /sbin/e-smith/signal-event ssl-update
  # Now revoke old certificates
  CUR_CRT=$(readlink /home/e-smith/db/letsencrypt.sh/certs/$DOM/cert.pem)
  for cert in $(find /home/e-smith/db/letsencrypt.sh/certs/$DOM/ -type f -name cert\*.pem -exec basename "{}" \;); do
    if [[ "$cert" != "$CUR_CRT" ]]; then
      /usr/bin/letsencrypt.sh -r /home/e-smith/db/letsencrypt.sh/certs/$DOM/$cert
    fi
  done
elif [[ "$ACTION" == "clean_challenge" ]]; then
  ALTNAME=${2}
  if [[ "$ALTNAME" == "" ]]; then
    echo "Error while creating or renewing letsencrypt certificate" | mail -s "Letsencrypt error" admin
  fi
fi