#!/bin/bash
#
# vmail-stack
# https://git.stack-source.com/msb/vmail-stack
# Copyright (c) 2022 Matthew Saunders Brown <matthewsaundersbrown@gmail.com>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)

# load include file
source $(dirname $0)/vmail.sh


help()
{
  thisfilename=$(basename -- "$0")
  echo "$thisfilename"
  echo "Remove DKIM key(s) from server for specified domain."
  echo ""
  echo "usage: $thisfilename -d <domain> [-h]"
  echo ""
  echo "  -h          Print this help."
  echo "  -d          Domain name to remove DKIM keys for."
  echo ""
  echo "              DKIM key for the specified domain is removed from the server and"
  echo "              outgoing emails will no longer be signed with DKIM. You should also"
  echo "              remove the associated DNS entry, however leaving the DNS entry in"
  echo "              place should not cause any immediate problems."
  exit
}

vmail:getoptions "$@"

# check for domain
if [[ -z $domain ]]; then
  echo "Domain name is required."
  exit 1
fi

# check for existing dkim
if [ ! -f /etc/ssl/dkim/$domain.dkim ]; then
  echo "DKIM for $domain does not exist."
  exit 1
else
  if [[ -f /etc/ssl/dkim/$domain.selector ]]; then
    echo Deleting the `cat /etc/ssl/dkim/$domain.selector`._domainkey.$domain DKIM key.
    if [[ -f /usr/local/etc/pdns.conf ]]; then
      echo To remove the associated DNS record run this command:
      echo
      echo pdns-rr-del.sh -z $domain -n `cat /etc/ssl/dkim/$domain.selector`._domainkey.$domain -t TXT
    else
      echo You can now delete the DNS TXT record for `cat /etc/ssl/dkim/$domain.selector`._domainkey.$domain
    fi
  else
    echo You can now delete the associated DNS TXT record.
  fi
  rm /etc/ssl/dkim/$domain.dkim
fi

if [ -f /etc/ssl/dkim/$domain.dns ]; then
  rm /etc/ssl/dkim/$domain.dns
fi
if [ -f /etc/ssl/dkim/$domain.pem ]; then
  rm /etc/ssl/dkim/$domain.pem
fi
if [ -f /etc/ssl/dkim/$domain.pub ]; then
  rm /etc/ssl/dkim/$domain.pub
fi
if [ -f /etc/ssl/dkim/$domain.selector ]; then
  rm /etc/ssl/dkim/$domain.selector
fi