#!/bin/bash
die() { echo >&2 "$@" ; exit 1 ; }

ENV=env.production
if [ ! -r "$ENV" ]; then
	die "$ENV: not found?"
fi

source ../env.production
source env.production

if [ -z "${DOMAIN_NAME}" ]; then
	die "DOMAIN_NAME not set"
fi

certdir="data/certbot/conf/live/${DOMAIN_NAME}"
mkdir -p "$certdir" || die "$certdir: unable to make"

openssl req \
	-x509 \
	-newkey rsa:2048 \
	-keyout "$certdir/privkey.pem" \
	-out "$certdir/fullchain.pem" \
	-sha256 \
	-nodes \
	-days 365 \
	-subj "/CN=${DOMAIN_NAME}'" \
|| die "$certdir/privkey.pem: unable to create temp key"