#!/bin/bash

## 20260519-202449

echo "SSL(TLS) CERT UPDATER"
echo "CERT DOMAIN NAME:"
read -r d
echo "UPDATING CERTS..."

# STOP SERVICES
sudo systemctl stop cockpit
sudo systemctl stop ejabberd 
sudo systemctl stop mumble-server

# COCKPIT CERTS
sudo mkdir -p /etc/cockpit/ws-certs.d/
sudo rm /etc/cockpit/ws-certs.d/99-letsencrypt.cert
sudo rm /etc/cockpit/ws-certs.d/99-letsencrypt.key
sudo ln -sf /etc/letsencrypt/live/$d/fullchain.pem /etc/cockpit/ws-certs.d/99-letsencrypt.cert
sudo ln -sf /etc/letsencrypt/live/$d/privkey.pem /etc/cockpit/ws-certs.d/99-letsencrypt.key

# EJABBERD CERTS
sudo rm /etc/ejabberd/ejabberd.pem
sudo cat /etc/letsencrypt/live/$d/privkey.pem /etc/letsencrypt/live/$d/fullchain.pem >> /etc/ejabberd/ejabberd.pem

# MUMBLE CERTS
sudo rm /opt/mumble-server/cert.pem
sudo rm /opt/mumble-server/privkey.pem
sudo rm /opt/mumble-server/chain.pem
sudo rm /opt/mumble-server/fullchain.pem
sudo cat /etc/letsencrypt/live/$d/cert.pem >> /opt/mumble-server/cert.pem
sudo cat /etc/letsencrypt/live/$d/privkey.pem >> /opt/mumble-server/privkey.pem
sudo cat /etc/letsencrypt/live/$d/chain.pem >> /opt/mumble-server/chain.pem
sudo cat /etc/letsencrypt/live/$d/fullchain.pem >> /opt/mumble-server/fullchain.pem

# START SERVICES
sudo systemctl start cockpit
sudo systemctl start ejabberd
sudo systemctl start mumble-server

# RESTART SERVICES AND SHOW STATUS
sudo systemctl restart cockpit
sudo systemctl restart ejabberd
sudo systemctl restart mumble-server
sudo systemctl status cockpit
sudo systemctl status ejabberd 
sudo systemctl status mumble-server

echo "DONE."
read -r
