From fab009435e835ccf01f9221e271efc09d676281c Mon Sep 17 00:00:00 2001
From: rootzoll <rotzoll@MacBook2020.fritz.box>
Date: Sat, 18 Jul 2020 00:18:06 +0200
Subject: [PATCH] test linking certs

---
 .../config.scripts/bonus.letsencrypt.sh       | 33 ++++++++++++++++++-
 1 file changed, 32 insertions(+), 1 deletion(-)

diff --git a/home.admin/config.scripts/bonus.letsencrypt.sh b/home.admin/config.scripts/bonus.letsencrypt.sh
index 269f455e4..ef2f5f5c7 100755
--- a/home.admin/config.scripts/bonus.letsencrypt.sh
+++ b/home.admin/config.scripts/bonus.letsencrypt.sh
@@ -155,6 +155,37 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
     exit 1
   fi
 
+###################
+# UPDATE-CERTS
+###################
+
+elif [ "$1" = "link-certs" ]; then
+
+    certsDirectories=$(sudo ls ${ACME_CERT_HOME})
+    IFS='  ' read -ra ADDR <<< "${certsDirectories}"
+    for i in "${ADDR[@]}"; do
+      echo ${i}
+    done
+    exit 1
+
+    # replace certs for clearnet
+    if [ "${options}" == "ip" ] || [ "${options}" == "ip&tor" ]; then
+      echo "# replacing IP certs"
+      sudo rm /mnt/hdd/app-data/nginx/tls.cert
+      sudo rm /mnt/hdd/app-data/nginx/tls.key 
+      sudo ln -s ${ACME_CERT_HOME}/${FQDN}_ecc/fullchain.cer /mnt/hdd/app-data/nginx/tls.cert
+      sudo ln -s ${ACME_CERT_HOME}/${FQDN}_ecc/${FQDN}.key /mnt/hdd/app-data/nginx/tls.key
+    fi
+
+    # repleace certs for tor
+    if [ "${options}" == "tor" ] || [ "${options}" == "ip&tor" ]; then
+      echo "# replacing TOR certs"
+      sudo rm /mnt/hdd/app-data/nginx/tor_tls.cert
+      sudo rm /mnt/hdd/app-data/nginx/tor_tls.key
+      sudo ln -s ${ACME_CERT_HOME}/${FQDN}_ecc/fullchain.cer /mnt/hdd/app-data/nginx/tor_tls.cert
+      sudo ln -s ${ACME_CERT_HOME}/${FQDN}_ecc/${FQDN}.key /mnt/hdd/app-data/nginx/tor_tls.key
+    fi
+
 ###################
 # ISSUE-CERT
 ###################
@@ -219,7 +250,7 @@ elif [ "$1" = "issue-cert" ]; then
     sudo ln -s ${ACME_CERT_HOME}/${FQDN}_ecc/${FQDN}.key /mnt/hdd/app-data/nginx/tor_tls.key
   fi
 
-  # todo maybe allow certs for single services later
+  # todo maybe allow certs for single services later (dont forget that these also need to be replaced in 'on' then)
   if [ "${options}" != "tor" ] && [ "${options}" != "ip" ] && [ "${options}" != "ip&tor" ]; then
     echo "error='option not supported yet'"
     exit 1