#!/bin/bash

DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"

seconds_to_wait=3600

update_certs() {
    [[ ! -f "$DIR"/letsencrypt_service_data ]] && return

    # Load relevant container settings
    source "$DIR"/letsencrypt_service_data

    for cid in "${LETSENCRYPT_CONTAINERS[@]}"; do
        # Derive host and email variable names
        host_varname="LETSENCRYPT_${cid}_HOST"
        # Array variable indirection hack: http://stackoverflow.com/a/25880676/350221
        hosts_array=$host_varname[@]
        email_varname="LETSENCRYPT_${cid}_EMAIL"

        for domain in "${!hosts_array}"; do

            # Create the domain directory
            mkdir -p /etc/nginx/certs/$domain
            cd /etc/nginx/certs/$domain

            /usr/local/bin/simp_le \
             -d "$domain" \
             -f fullchain.pem -f key.pem \
             --email "${!email_varname}" \
             --server=https://acme-v01.api.letsencrypt.org/directory \
             --default_root /usr/share/nginx/html/

            simp_le_return=$?

            if [[ $simp_le_return -eq 0 ]]; then
                # Symlink to created certificate and key.
                ln -sf ./$domain/fullchain.pem /etc/nginx/certs/$domain".crt"
                ln -sf ./$domain/key.pem       /etc/nginx/certs/$domain".key"
            fi
        done
    done
    unset LETSENCRYPT_CONTAINERS
}

pid=
trap '[[ $pid ]] && kill $pid; exec $0' EXIT
trap 'trap - EXIT' INT TERM

echo 'Waiting 10s before updating certs...'
sleep 10

update_certs

# Wait some amount of time
sleep $seconds_to_wait & pid=$!
wait
pid=
