#!/bin/bash

set -e

. ../conf/ssl.conf

user="$(stat -c %U "$0")"

asuser() {
	echo "Running as $user: " "$@"
	sudo -u "$user" "$@"
}

printcol() {
	str="$1"
	shift
	for x in "$@"; do
		tput $x
	done
	printf "%s%s\n" "$str" $(tput sgr0)
}

printed=0
printstatus() {
	if [ "$printed" = 1 ]; then
		echo
	fi
	printed=1
	printcol "$1" bold
}

certbot="https://github.com/certbot/certbot.git"

validate() {
	if [ -z "$email" ]; then
		echo "Missing config 'email'."
	elif [ -z "$domains" ]; then
		echo "Missing config 'domains'."
	elif [ -z "$testcert" ]; then
		echo "Missing config 'testcert'."
	elif [ -z "$dryrun" ]; then
		echo "Missing config 'dryrun'."
	elif [ -z "$precmd" ]; then
		echo "Missing config 'precmd'."
	elif [ -z "$postcmd" ]; then
		echo "Missing config 'postcmd'."
	else
		return 0
	fi
	exit 1
}
validate

if ! [ -d certbot ]; then
	asuser git clone "$certbot" certbot
fi

if [ "$dryrun" = 1 ]; then
	printstatus "Running a dry run."
fi

cd certbot
printstatus "Updating certbot..."
# necessary because certbot sometime schanges itself
asuser git reset --hard
asuser git pull

printstatus "Running pre command..."
echo "$precmd"
sh -c "$precmd"

printstatus "Obtaining certificates..."
domains="$(echo "$domains" \
	| tr '\n' ' ' \
	| sed 's/\s*//g; s/\;/\n/g')"
while read line; do
	if [ -z "$line" ]; then
		continue
	fi

	cname=$(echo "$line" | sed 's/:.*//')
	dom=$(echo "$line" | sed 's/.*://')

	printstatus "Certificate $cname"
	if ./certbot-auto certonly \
		-n --standalone --agree-tos \
		-m "$email" \
		--cert-name "$cname" \
		$([ "$testcert" = 1 ] && echo --test-cert) \
		$([ "$dryrun" = 1 ] && echo "--dry-run") \
		-d "$dom"
	then
		echo
		printcol "Certbot succeeded." "setaf 2" "bold"
	else
		fail=1
		echo
		printcol "Certbot failed." "setaf 1" "bold"
	fi
done <<< "$domains"

printstatus "Running post command..."
echo "$postcmd"
sh -c "$postcmd"

if [ "$fail" = 1 ]; then
	exit 1
else
	exit 0
fi