#!/bin/bash

H_NAME=$( hostname -f )
LE_SERVICES_SCRIPT_DIR=/usr/lib/acme/hooks
LE_CERTS_DIR=/var/lib/acme/live/$H_NAME
LE_LOG_DIR=/var/log/letsencrypt
VSFTPD_CERTDIR=/etc/pki/vsftpd
VSFTPD_CERTFILE=$VSFTPD_CERTDIR/vsftpd.pem
DATE=$( date )
RETVAL=

[ ! -d $VSFTPD_CERTDIR ] && mkdir -p $VSFTPD_CERTDIR
[ ! -d $LE_LOG_DIR ] && mkdir $LE_LOG_DIR
echo "$DATE" >> $LE_LOG_DIR/vsftpd.log

logger "acme-pg-hook: Check if the certificate has been renewed"
cmp ${LE_CERTS_DIR}/cert  ${VSFTPD_CERTFILE}
RETVAL=$?
if [ $RETVAL -eq 0 ] ; then
    logger "acme-vsftpd-hook: No new cerficate, exiting."
    echo "acme-vsftpd-hook: No new cerficate, exiting." >> $LE_LOG_DIR/vsftpd.log
    exit 0
else
    logger "acme-vsftpd-hook: Copying the certificate file"
    echo "Copy the key file" >> $LE_LOG_DIR/vsftpd.log
    /bin/cp -f ${LE_CERTS_DIR}/cert  ${VSFTPD_CERTFILE}
fi

chmod 644 ${VSFTPD_CERTFILE}
chown root ${VSFTPD_CERTFILE}
chgrp root ${VSFTPD_CERTFILE}

if [ -x /bin/systemctl ] ; then
    logger "acme-vsftpd-hook: Restart the VSFTPD service after a certificate renewal"
    /bin/systemctl restart vsftpd >> $LE_LOG_DIR/vsftpd.log 2>&1
    echo "acme-vsftpd-hook: Restart the VSFTPD service" >> $LE_LOG_DIR/vsftpd.log
else
    logger "acme-vsftpd-hook: Restart the VSFTPD service after a certificate renewal"
    echo "Restart the VSFTPD service" >> $LE_LOG_DIR/vsftpd.log
    service vsftpd restart >> $LE_LOG_DIR/vsftpd.log 2>&1
fi

logger "acme-vsftpd-hook: Done"
echo "acme-vsftpd-hook: Done." >> $LE_LOG_DIR/vsftpd.log

exit 0