#!/bin/sh
set -e
EVENT_NAME="$1"
[ "$EVENT_NAME" = "live-updated" ] || exit 42

MAIN_HOSTNAME="{{ acmetool_cert_hostnames[0] }}"

while read name; do
  certdir="$ACME_STATE_DIR/live/$name"
  if [ -z "$name" -o ! -e "$certdir" ]; then
    continue
  fi
  if [ "$name" != "$MAIN_HOSTNAME" ]; then
    continue
  fi
{% if 'install' in x509_certificate_renewal %}

{%   for file in x509_certificate_renewal.install %}
  install{% if 'mode' in file %} -m {{ file.mode }}{% endif %}{% if 'owner' in file %} -o {{ file.owner }}{% endif %}{% if 'owner' in file %} -g {{ file.group }}{% endif %} /dev/null "{{ file.dest }}.new"
{%     for src in file.src %}
  cat "{{ hostvars[inventory_hostname]['x509_certificate_path_' + src] }}" >> "{{ file.dest }}.new"
  mv "{{ file.dest }}.new" "{{ file.dest }}"
{%     endfor %}
{%   endfor %}
{% endif %}
{% if 'reload' in x509_certificate_renewal %}

  {{ x509_certificate_renewal.reload | trim | indent(2) }}
{% endif %}
  break
done