Refactor letsencrypt script to improve domain handling and JSON output management

2025-03-12 23:07:58 +01:00
parent 14a6e628fc
commit 2653583702
1 changed files with 34 additions and 20 deletions
--- a/start.letsencrypt.sh
+++ b/start.letsencrypt.sh
@@ -41,9 +41,14 @@ sending_error_msg() {
 create_json() {
    LOG=$(cat $LOG_FILE | base64 -w0)
    TMP_FILE=$(mktemp)
-    install -m 664 -g 65534 /dev/null $TMP_FILE
-    jq 'if . == null or . == [] then [{"'$DOMAIN'":{"date": "'$DATE'", "status": "'$STATUS'", "log": "'$LOG'"}}] else . + [{"'$DOMAIN'":{"date": "'$DATE'", "status": "'$STATUS'", "log": "'$LOG'"}}] end' $LETSENCRYPT_OUTPUT >$TMP_FILE
-    mv $TMP_FILE $LETSENCRYPT_OUTPUT
+    jq '
+      if . == null or . == [] then 
+        [{"'$DOMAIN'":{"date": "'$DATE'", "status": "'$STATUS'", "log": "'$LOG'"}}] 
+      else 
+        (map(select(has("'$DOMAIN'") | not))) + [{"'$DOMAIN'":{"date": "'$DATE'", "status": "'$STATUS'", "log": "'$LOG'"}}]
+      end
+    ' $LETSENCRYPT_OUTPUT >$TMP_FILE
+    cat $TMP_FILE >$LETSENCRYPT_OUTPUT
    rm $TMP_FILE
 }

@@ -102,27 +107,36 @@ check_new_cert() {
 }

 LETSENCRYPT_FILE=$(find /etc/ssl/keys/ -type f -name letsencrypt)
-if [ -n "$LETSENCRYPT_FILE" ] || [ "$DOMAIN" != "" ]; then
-    DOMAIN=$(jq -r .DOMAIN $LETSENCRYPT_FILE)
-    rm $LETSENCRYPT_FILE
-    ORIGINAL=$(openssl x509 -in /etc/ssl/keys/$DOMAIN/fullchain.pem -fingerprint -noout)
-    if [ "$DOMAIN" != "localhost" ]; then
-        if [ ! -f $LETSENCRYPT_OUTPUT ]; then
-            install -m 664 -g 65534 /dev/null $LETSENCRYPT_OUTPUT
-            echo '[]' >$LETSENCRYPT_OUTPUT
-        fi
-        start_letsencrypt
-        check_new_cert
+if [ "$DOMAIN" != "localhost" ]; then
+    if [ ! -f $LETSENCRYPT_OUTPUT ]; then
+        install -m 664 -g 65534 /dev/null $LETSENCRYPT_OUTPUT
+        echo '[]' >$LETSENCRYPT_OUTPUT
    fi

-else
-    cd /domains
-    for i in $(ls); do
-        DOMAIN=$(jq -r .DOMAIN $i)
+    if [ "$DOMAIN" != "" ]; then
+        ORIGINAL=$(openssl x509 -in /etc/ssl/keys/$DOMAIN/fullchain.pem -fingerprint -noout)
        if [ "$DOMAIN" != "localhost" ]; then
+            start_letsencrypt
+            check_new_cert
+        fi
+
+    elif [ -n "$LETSENCRYPT_FILE" ]; then
+        DOMAINS=$(jq -r .DOMAIN $LETSENCRYPT_FILE)
+        for DOMAIN in $(echo $DOMAINS); do
            ORIGINAL=$(openssl x509 -in /etc/ssl/keys/$DOMAIN/fullchain.pem -fingerprint -noout)
            start_letsencrypt $DOMAIN
            check_new_cert
-        fi
-    done
+        done
+
+    else
+        cd /domains
+        for i in $(ls); do
+            DOMAIN=$(jq -r .DOMAIN $i)
+            if [ "$DOMAIN" != "localhost" ]; then
+                ORIGINAL=$(openssl x509 -in /etc/ssl/keys/$DOMAIN/fullchain.pem -fingerprint -noout)
+                start_letsencrypt $DOMAIN
+                check_new_cert
+            fi
+        done
+    fi
 fi