From 26535837027d770ebea16e5fca0fe3caf9fac647 Mon Sep 17 00:00:00 2001
From: gyurix <gyurix@gmail.com>
Date: Wed, 12 Mar 2025 23:07:58 +0100
Subject: [PATCH] Refactor letsencrypt script to improve domain handling and
 JSON output management

---
 start.letsencrypt.sh | 54 ++++++++++++++++++++++++++++----------------
 1 file changed, 34 insertions(+), 20 deletions(-)

diff --git a/start.letsencrypt.sh b/start.letsencrypt.sh
index 597c8e0..0070cd9 100755
--- a/start.letsencrypt.sh
+++ b/start.letsencrypt.sh
@@ -41,9 +41,14 @@ sending_error_msg() {
 create_json() {
     LOG=$(cat $LOG_FILE | base64 -w0)
     TMP_FILE=$(mktemp)
-    install -m 664 -g 65534 /dev/null $TMP_FILE
-    jq 'if . == null or . == [] then [{"'$DOMAIN'":{"date": "'$DATE'", "status": "'$STATUS'", "log": "'$LOG'"}}] else . + [{"'$DOMAIN'":{"date": "'$DATE'", "status": "'$STATUS'", "log": "'$LOG'"}}] end' $LETSENCRYPT_OUTPUT >$TMP_FILE
-    mv $TMP_FILE $LETSENCRYPT_OUTPUT
+    jq '
+      if . == null or . == [] then 
+        [{"'$DOMAIN'":{"date": "'$DATE'", "status": "'$STATUS'", "log": "'$LOG'"}}] 
+      else 
+        (map(select(has("'$DOMAIN'") | not))) + [{"'$DOMAIN'":{"date": "'$DATE'", "status": "'$STATUS'", "log": "'$LOG'"}}]
+      end
+    ' $LETSENCRYPT_OUTPUT >$TMP_FILE
+    cat $TMP_FILE >$LETSENCRYPT_OUTPUT
     rm $TMP_FILE
 }
 
@@ -102,27 +107,36 @@ check_new_cert() {
 }
 
 LETSENCRYPT_FILE=$(find /etc/ssl/keys/ -type f -name letsencrypt)
-if [ -n "$LETSENCRYPT_FILE" ] || [ "$DOMAIN" != "" ]; then
-    DOMAIN=$(jq -r .DOMAIN $LETSENCRYPT_FILE)
-    rm $LETSENCRYPT_FILE
-    ORIGINAL=$(openssl x509 -in /etc/ssl/keys/$DOMAIN/fullchain.pem -fingerprint -noout)
-    if [ "$DOMAIN" != "localhost" ]; then
-        if [ ! -f $LETSENCRYPT_OUTPUT ]; then
-            install -m 664 -g 65534 /dev/null $LETSENCRYPT_OUTPUT
-            echo '[]' >$LETSENCRYPT_OUTPUT
-        fi
-        start_letsencrypt
-        check_new_cert
+if [ "$DOMAIN" != "localhost" ]; then
+    if [ ! -f $LETSENCRYPT_OUTPUT ]; then
+        install -m 664 -g 65534 /dev/null $LETSENCRYPT_OUTPUT
+        echo '[]' >$LETSENCRYPT_OUTPUT
     fi
 
-else
-    cd /domains
-    for i in $(ls); do
-        DOMAIN=$(jq -r .DOMAIN $i)
+    if [ "$DOMAIN" != "" ]; then
+        ORIGINAL=$(openssl x509 -in /etc/ssl/keys/$DOMAIN/fullchain.pem -fingerprint -noout)
         if [ "$DOMAIN" != "localhost" ]; then
+            start_letsencrypt
+            check_new_cert
+        fi
+
+    elif [ -n "$LETSENCRYPT_FILE" ]; then
+        DOMAINS=$(jq -r .DOMAIN $LETSENCRYPT_FILE)
+        for DOMAIN in $(echo $DOMAINS); do
             ORIGINAL=$(openssl x509 -in /etc/ssl/keys/$DOMAIN/fullchain.pem -fingerprint -noout)
             start_letsencrypt $DOMAIN
             check_new_cert
-        fi
-    done
+        done
+
+    else
+        cd /domains
+        for i in $(ls); do
+            DOMAIN=$(jq -r .DOMAIN $i)
+            if [ "$DOMAIN" != "localhost" ]; then
+                ORIGINAL=$(openssl x509 -in /etc/ssl/keys/$DOMAIN/fullchain.pem -fingerprint -noout)
+                start_letsencrypt $DOMAIN
+                check_new_cert
+            fi
+        done
+    fi
 fi