#!/bin/bash

# Copyright: 2023 Virtuozzo International GmbH

# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at

# http://www.apache.org/licenses/LICENSE-2.0

# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.



[ -n "${NGINXPHPSSLLIB_VERSION:-}" ] && return 0;
NGINXPHPSSLLIB_VERSION="0.1";

$PROGRAM 'sed';
SSL_XML_CONFIG="/etc/nginx/conf.d/ssl.conf";
DOMAIN_CERTIFICATE_FILE="/var/lib/jelastic/SSL/jelastic.crt";
CA_CERTIFICATE_FILE="/var/lib/jelastic/SSL/jelastic-ca.crt";
CHAIN_CERTIFICATE_FILE="/var/lib/jelastic/SSL/jelastic.chain";
SERVICE="nginx";
include output;

function createChain(){
[ -f "$DOMAIN_CERTIFICATE_FILE" ] && [ -f "$CA_CERTIFICATE_FILE" ] && 
	{
		cat "$DOMAIN_CERTIFICATE_FILE" > $CHAIN_CERTIFICATE_FILE;
		echo "" >> $CHAIN_CERTIFICATE_FILE;
		cat "$CA_CERTIFICATE_FILE" >> $CHAIN_CERTIFICATE_FILE;

	}  ##|| { writeJSONResponseErr "result=>4018" "message=>Not enough information to create chainfile"; exit 4018; }
}

function removeChain(){
	[ -f "$CHAIN_CERTIFICATE_FILE" ] && rm -Rf "$CHAIN_CERTIFICATE_FILE";
}

function enableSSL(){
        local err;
        # stopServiceSilent "$SERVICE";
        local msg;
        msg=$(doAction keystore DownloadKeys 2>&1);
        err=$?;
#       [ -z "$msg" ] || echo "$msg" | $SED -re 's|.*result.*message\":||' -e 's|\}||' >>$ACTIONS_LOG;
        [[ ${err} -gt 0 ]] && exit "$err";
        createChain;
        [ -f "${SSL_XML_CONFIG}.disabled" ] && { mv "${SSL_XML_CONFIG}.disabled" "$SSL_XML_CONFIG" 2>>$ACTIONS_LOG || return 143; } || { [ -f "${SSL_XML_CONFIG}" ] || return 39; }
        restartServiceSilent "$SERVICE" || return 182
}

function disableSSL(){
        local err;
        # stopServiceSilent "$SERVICE" ;
        local msg=$(doAction keystore remove 2>&1);
        err=$?; [[ ${err} -gt 0 ]] && exit "$err";
        removeChain;
        [ -f "$SSL_XML_CONFIG" ] && { mv "${SSL_XML_CONFIG}" "${SSL_XML_CONFIG}.disabled" 2>>$ACTIONS_LOG || return 143; }
        restartServiceSilent "$SERVICE" || return 182;
}