#!/bin/bash

H_NAME={{ letsencrypt_acme_sh_certificates_install_dir }}
LE_SERVICES_SCRIPT_DIR=/usr/lib/acme/hooks
LE_CERTS_DIR=/var/lib/acme/live/$H_NAME
LE_LOG_DIR=/var/log/letsencrypt
[ ! -d $LE_LOG_DIR ] && mkdir $LE_LOG_DIR
MONGODB_CERTDIR=/etc/pki/mongodb
MONGODB_CERTFILE=$MONGODB_CERTDIR/mongodb.pem
DATE=$( date )
echo "$DATE" > $LE_LOG_DIR/mongodb.log

[ ! -d $MONGODB_CERTDIR ] && mkdir $MONGODB_CERTDIR

cat ${LE_CERTS_DIR}/{cert,privkey} > ${MONGODB_CERTFILE}.new
cmp ${MONGODB_CERTFILE}.new ${MONGODB_CERTFILE} 2>/dev/null
if [ $? -eq 0 ] ; then
   echo "The certificate is up to date" >> $LE_LOG_DIR/mongodb.log
   rm -f ${MONGODB_CERTFILE}.new
   exit 0
fi

echo "Building the new certificate file" >> $LE_LOG_DIR/mongodb.log
/bin/mv -f ${MONGODB_CERTFILE}.new ${MONGODB_CERTFILE}
chmod 440 ${MONGODB_CERTFILE}
chgrp mongodb ${MONGODB_CERTFILE}

{% if mongodb_ssl_enabled %}
echo "Restart the mongod service, reload is not supported" >> "$LE_LOG_DIR/mongodb.log"
{% if mongodb_install_from_external_repo %}
if [ -x /sbin/stop ] && [ -f /etc/init/mongod.conf ] ; then
    /sbin/stop mongod >> "$LE_LOG_DIR/mongodb.log" 2>&1
    sleep 10
    /sbin/start mongod >> "$LE_LOG_DIR/mongodb.log" 2>&1
else
    service mongod stop >> "$LE_LOG_DIR/mongodb.log" 2>&1
    sleep 10
    service mongod start >> "$LE_LOG_DIR/mongodb.log" 2>&1
fi 
{% else %}
systemctl stop mongodb >> "$LE_LOG_DIR/mongodb.log" 2>&1
sleep 10
systemctl start mongodb >> "$LE_LOG_DIR/mongodb.log" 2>&1
{% endif %}
{% endif %}
echo "Done." >> $LE_LOG_DIR/mongodb.log

exit 0