#!/usr/bin/env bash
set -eu
set -o pipefail

config_dir="${1:-}"
if systemctl is-active -q nginx; then
    is_running=1
else
    is_running=
fi

cleanup() {
    if [ -z "$is_running" ]; then
        systemctl stop nginx
    fi

    if [ -e /etc/nginx/nginx.conf.backup ]; then
        mv /etc/nginx/nginx.conf.backup /etc/nginx.conf
    fi
}
trap cleanup EXIT

mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf.backup
cat > /etc/nginx/nginx.conf <<EOF
worker_processes 1;
events {
    worker_connections 1024;
}
http {
    server {
        listen 80 default;
        server_name <%= @primary_domain %>;
        location / {
            root /tmp;
        }
    }
<%- @secondary_domains.each do |domain| -%>
    server {
        listen 80;
        server_name <%= domain %>;
        location / {
            root /tmp;
        }
    }
<%- end -%>
}
EOF

if [ -z "$is_running" ]; then
    systemctl start nginx
fi

if [ -z "$config_dir" ]; then
    /usr/bin/certbot run \
        -n \
        --agree-tos \
        -m doy@tozt.net \
        --cert-name <%= @primary_domain %> \
        -d <%= @primary_domain %> \
<%- @secondary_domains.each do |domain| -%>
        -d <%= domain %> \
<%- end -%>
        --nginx
else
    /usr/bin/certbot run \
        -n \
        --agree-tos \
        -m doy@tozt.net \
        --config-dir "$config_dir" \
        --cert-name <%= @primary_domain %> \
        -d <%= @primary_domain %> \
<%- @secondary_domains.each do |domain| -%>
        -d <%= domain %> \
<%- end -%>
        --nginx
fi