#!/bin/bash
#
# letsencrypt-tools
# https://git.stack-source.com/msb/letsencrypt-tools
# Copyright (c) 2023 Matthew Saunders Brown <matthewsaundersbrown@gmail.com>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
#
# must be root
if [ "$USER" != "root" ]; then
  exec sudo -u root $0 $@
fi

if [[ -d /var/tmp/letsencrypt/ ]]; then
  domainArray=(`ls -1 /var/tmp/letsencrypt/`)
  for domain in "${domainArray[@]}"
  do
    rm /var/tmp/letsencrypt/$domain
    if /usr/local/bin/letsencrypt-certonly.sh -d $domain ; then
      if [[ "$domain" =~ ^mail.* ]]; then
        vmaildomain="${domain/mail./}"
        if [[ -d /var/vmail/$vmaildomain ]]; then
          /usr/local/bin/vmail-dovecot-enable.sh -d $vmaildomain
          /usr/local/bin/vhost-enable.sh -d $domain -m VMailHTTPS
        fi
      elif [[ -d /srv/www/$domain ]]; then
        /usr/local/bin/vhost-enable.sh -d $domain -m VHostHTTPS
      fi
    fi
    # add code to check for aliases and redirects?
    # run once and exit, script will be restarted if additional domains are still queued for cert deployment
    exit 0
  done
fi