#!/bin/bash
#
# vmail-stack
# https://git.stack-source.com/msb/vmail-stack
# Copyright (c) 2023 Matthew Saunders Brown <matthewsaundersbrown@gmail.com>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)

# load include file
source $(dirname $0)/vmail.sh

help()
{
  thisfilename=$(basename -- "$0")
  echo "$thisfilename"
  echo "Enable SSL (TLS) in dovecot (POP/IMAP) for given domain"
  echo ""
  echo "usage: $thisfilename -d <domain> [-h]"
  echo ""
  echo "  -h          Print this help."
  echo "  -d <domain> Domain to enable dovecot for."
  echo ""
  echo "              Let's Encrypt certificate must already exist. If need be run this first:"
  echo "              letsencrypt-certonly.sh -d mail.<domain>"
}

vmail:getoptions "$@"

# check for domain
if [[ -z $domain ]]; then
  echo "ERROR: domain name is required"
  exit 1
fi

# check that letsencrypt cert exists
if [ ! -f /etc/ssl/letsencrypt/mail.$domain.pem ]; then
  echo "Let's Encrypt cert for mail.$domain does not exist, create that first:"
  exit 1
fi

# create dovecot config & restart
if [ ! -f "/etc/dovecot/sites.d/mail.$domain.conf" ]; then
  echo "local_name mail.pawderosa.com {" > /etc/dovecot/sites.d/mail.$domain.conf
  echo "  ssl_cert = </etc/ssl/letsencrypt/mail.pawderosa.com.pem" >> /etc/dovecot/sites.d/mail.$domain.conf
  echo "  ssl_key = </etc/ssl/letsencrypt/mail.pawderosa.com.pem" >> /etc/dovecot/sites.d/mail.$domain.conf
  echo "}" >> /etc/dovecot/sites.d/mail.$domain.conf
  /usr/bin/systemctl --quiet is-active dovecot && systemctl --quiet reload dovecot
fi