#!/bin/sh
set -e

api_host="https://192.168.2.1:11443"
api_endpoint="api/v2/monitor/vpn-certificate/local/import"
api_token=
ssh_host="fg"
certname=fg.dafu.dev

key=$(cat /mnt/docker/volumes/caddy_caddy_data/_data/caddy/certificates/acme-v02.api.letsencrypt.org-directory/${certname}/${certname}.key | base64 | tr -d "\n" )
crt=$(cat /mnt/docker/volumes/caddy_caddy_data/_data/caddy/certificates/acme-v02.api.letsencrypt.org-directory/${certname}/${certname}.crt | base64 | tr -d "\n" )

run_ssh_script() { printf "%s" "${1}" | ssh $ssh_host; }
run_upload_cert() {
  printf "%s" "${1}"
  printf "%s" "${api_host}/${api_endpoint}"
  curl -q -k -H "Authorization: Bearer ${api_token}" -d "${1}" \
    -H "Content-Type: application/json" \
    -X POST "${api_host}/${api_endpoint}"
}

api_data="{
  'type': 'regular',
  'certname': '${certname}',
  'file_content': '${crt}',
  'key_file_content': '${key}'
}"

fg_delete_cert_script="
execute batch start 
config sys global
unset admin-server-cert 
end 
config vpn certificate local 
delete ${certname}
end
execute batch end" 

fg_set_cert_script="
execute batch start
config sys global
set admin-server-cert ${certname}
end 
execute batch end" 

run_ssh_script "${fg_delete_cert_script}"
run_upload_cert "${api_data}"
run_ssh_script "${fg_set_cert_script}"