#!/bin/bash
#
# Options:
# (none)	cron usage
# -gc		archive old certs

ME="$(readlink -e -- "$0")" || exit
cd "$(dirname -- "$ME")" || exit
CONF="$(readlink -e config)" || exit

export LC_ALL=C.UTF-8

config()
{
  local tmp a
  for a
  do
	printf -vtmp '\n%s=%q' "$a" "${!a}"
	config="$config$tmp"
  done
}

reset()
{
OCSP_MUST_STAPLE=no
OCSP_FETCH=no
}
reset
while	read -ra doms
do
	case "$doms" in
	('')		reset; continue;;
	('#STAPLE#')	OCSP_MUST_STAPLE=yes; continue;;
	('#OCSP#')	OCSP_FETCH=yes; continue;;
	('#'*)		continue;;
	esac

	printf -vconfig '# DO NOT EDIT -- automatically generated by %q' "$ME"
	config OCSP_MUST_STAPLE OCSP_FETCH

	cmp -s - "certs/$doms/config" <<<"$config" ||
	{
	cat >"certs/$doms/config.tmp" <<<"$config" &&
	mv --backup=t "certs/$doms/config.tmp" "certs/$doms/config"
	}

	reset

done < domains.txt

exec dehydrated --config "$CONF" "${@--c}"