#!/bin/bash
die() { echo >&2 "$@" ; exit 1 ; }

DIRNAME="$(dirname $0)"
cd "$DIRNAME"

source ../env.production || die "no top level env"
source env.production || die "no local env"

if [ -z "${DOMAIN_NAME}" ]; then
	die "DOMAIN_NAME not set"
fi

docker-compose down

certdir="data/certbot/conf/live/${DOMAIN_NAME}"
mkdir -p "$certdir" || die "$certdir: unable to make"

if [ ! -r "$certdir/privkey.pem" ]; then
	openssl req \
		-x509 \
		-newkey rsa:2048 \
		-keyout "$certdir/privkey.pem" \
		-out "$certdir/fullchain.pem" \
		-sha256 \
		-nodes \
		-days 365 \
		-subj "/CN=${DOMAIN_NAME}'" \
	|| die "$certdir/privkey.pem: unable to create temp key"
fi

docker-compose up -d || die "unable to bring up nginx"

echo "SLEEPING..."
sleep 10

./certbot-renew || die "unable to create certs"