#!/bin/bash
die() { echo >&2 "$@" ; exit 1 ; }

DIRNAME="$(dirname $0)"
cd "$DIRNAME"

source ../env.production
source ./env.production

domain_args="-d $DOMAIN_NAME,$KEYCLOAK_HOSTNAME,$HEDGEDOC_HOSTNAME,$MASTODON_HOSTNAME,$NEXTCLOUD_HOSTNAME,$GRAFANA_HOSTNAME,$MATRIX_HOSTNAME,$GITEA_HOSTNAME,$MOBILIZON_HOSTNAME,$PIXELFED_HOSTNAME"
rsa_key_size=2048

set -x

# move the temp live directory away if
# this is the first time we've run anything here
if [ ! -d "../data/certbot/conf/accounts" ]; then
	echo "deleting temp keys"
	rm -rf ../data/certbot/conf/live
fi

docker-compose run --rm certbot \
  certonly \
    --webroot \
    --webroot-path /var/www/certbot \
    --email "admin@$DOMAIN_NAME" \
    --rsa-key-size "$rsa_key_size" \
    --agree-tos \
    --no-eff-email \
    --force-renewal \
    $domain_args \
|| die "unable to renew!"

docker-compose exec nginx nginx -s reload