#!/bin/sh
#
# certhub-dehydrated-run - Runs certbot dehydrated command once

set -e
set -u

# Required binaries
ECHO=/bin/echo
MKTEMP=/bin/mktemp
MV=/bin/mv
RM=/bin/rm

# Print usage message and exit.
usage() {
    ${ECHO} "${0}: cert-output-file csr-input-file dehydrated [dehydrated args...]"
    return 1
}

certhub_dehydrated_run() {
    WORKDIR="${1}"
    FC_PATH="${2}"
    CSR_PATH="${3}"
    shift 3

    command "${@}" --full-chain \
        --signcsr "${CSR_PATH}" > "${WORKDIR}/fullchain.pem"

    ${MV} "${WORKDIR}/fullchain.pem" "${FC_PATH}"
}

# Setup temp dir.
WORKDIR="$(${MKTEMP} -d)"
cleanup() {
    ${RM} -rf "${WORKDIR}"
}
trap cleanup EXIT

if [ "${#}" -gt 2 ] && [ "${1:-}" != "-h" ] && [ "${1:-}" != "--help" ]; then
    certhub_dehydrated_run "${WORKDIR}" "${@}"
else
    usage
fi
