#!/bin/sh
#------------------------------------------------------------------------------
# /var/install/bin/certs_letsencrypt-show-chain
#
# Copyright (c) 2016-2016 The Eisfair Team, team(at)eisfair(dot)org
#
# Creation   : 2016-09-02 jed
# Last Update: $Id$
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#------------------------------------------------------------------------------

# include eislib etc.
. /var/install/include/eislib
. /var/install/include/jedlib

module_name=`basename $0 | cut -d- -f1`

# debug mode true/false
#debug=true
if ${debug:-false}
then
    exec 2> /tmp/${module_name}-show-chain-trace$$.log
    set -x
    ask_debug=true
    export ask_debug
fi

ssldir=/usr/local/ssl
certdir=${ssldir}/certs
configfile=/etc/config.d/${module_name}
ask_bin=/var/install/bin/ask
ask_tmpfile=/tmp/${module_name}-ask.$$

### load configuration ###
. ${configfile}
chmod 600 ${configfile}

#------------------------------------------------------------------------------
# print header
#------------------------------------------------------------------------------
print_header ()
{
    clrhome
    mecho --info "Show Let's Encrypt certificate chain"
    echo
    techo --begin 5r 1 35
    techo --row --info 'Nbr' '' --info 'Certificate Name(s) (.pem)'

}

#==============================================================================
# main
#==============================================================================

if [ "${START_LETSENCRYPT}" = 'yes' ]
then
    if [ ${LETSENCRYPT_DOMAIN_N} -gt 0 ]
    then
        row=4
        le_exit=0

        while [ ${le_exit} -eq 0 ]
        do
            # show domain list
            print_header

            idx=0
            while [ ${idx} -le ${LETSENCRYPT_DOMAIN_N} -a ${le_exit} -eq 0 ]
            do
                idx=`expr ${idx} + 1`

                eval active='$LETSENCRYPT_DOMAIN_'${idx}_'ACTIVE'

                if [ "${active}" = 'yes' ]
                then
                    # active entry
                    eval domain='$LETSENCRYPT_DOMAIN_'${idx}_'NAME'
                    domain=`echo "${domain}" | cut -d: -f1`

                    techo --row ${idx} "" "${domain}"
                fi

                idx=`expr ${idx} + 1`
            done

            techo --end

            idx_max=`expr ${idx} - 1`

            if [ ${idx_max} -ge 1 ]
            then
                echo
                ${ask_bin} "Show certificate chain for which certificate" 'q' "1-${idx_max}" 'q' > ${ask_tmpfile}
                rc=$?
                read sel_num < ${ask_tmpfile}
                rm -f ${ask_tmpfile}
                if [ ${rc} = 255 ]
                then
                    exit 1
                fi

                case ${sel_num} in
                    [qQ] ) # quit
                        le_exit=1
                        ;;
                    * ) # numeric value
                        if `is_numeric "${sel_num}"`
                        then
                            eval domain='$LETSENCRYPT_DOMAIN_'${sel_num}_'NAME'
                            domain=`echo "${domain}" | cut -d: -f1`

                            # show certificate chain
                            /var/install/bin/certs-show-chain "${domain}"
                        fi
                        ;;
                esac
            else
                mecho --warn "No domains set, please check the configuration!"
            fi
        done
    else
        mecho --warn "no active domains configured, please check the configuration!"
    fi
else
    mecho --warn "START_LETSENCRYPT='no' has been set, please check the configuration!"
fi

#==============================================================================
# end
#==============================================================================