#!/bin/sh

set -e

ACTION=$1; shift

REALM=$(cat /etc/local-ORG/realm)

# resolve hostnames of service installed and registered with Redpill
servicehosts() {
	SERVICE=$1; shift
	for binary in "$@"; do
		which -- "$binary" || exit
	done
	cat "/etc/local-REDPILL/$REALM/${SERVICE}host" \
	  "/etc/local-REDPILL/$REALM/${SERVICE}althosts" \
	  2> /dev/null \
	  | perl -0777 -pe 's/\s*\#.*//gm;s/^\s+//;s/\s+$//;s/\s+/|/g'
}
MAILHOSTS=$(servicehosts mail postconf)
MAILHOSTS=$(servicehosts chat ejabberdctl)

case "$ACTION" in
  deploy_challenge) ;;
  clean_challenge) ;;
#  deploy_cert)
  deploy_cert|unchanged_cert)
	DOMAIN="$1"; KEYFILE="$2"; FULLCHAINFILE="$4"
	case "$DOMAIN" in
	  "$MAILHOSTS")
		cat "$FULLCHAINFILE" > "/etc/dovecot/$DOMAIN.pem"
		sg dovecot -c "umask 027; cat '$KEYFILE' > '/etc/dovecot/private/$DOMAIN.pem'"
		#service dovecot force-reload
		;;
	  "$CHATHOSTS")
		sg ejabberd -c "umask 027; cat '$KEYFILE' '$FULLCHAINFILE' > '/etc/ejabberd/$DOMAIN.pem'"
		#service ejabberd force-reload
		;;
	esac
	;;
  unchanged_cert) ;;
  *)
	>&2 echo "ERROR: unsupported action \"$ACTION\""
	exit 1
	;;
esac