#!/bin/bash

readonly SSH_HOST="example.org"

# Process script arguments.
BOOTSTRAP=false
ISSUE_CERTIFICATES=false
while (( $# > 0 )); do case $1 in
	--bootstrap)
		BOOTSTRAP=true
		shift;;
	--issue-certificates)
		ISSUE_CERTIFICATES=true
		shift;;
	*)
		echo "Invalid argument" >&2
		exit 1
esac done

# Sync up `src/` directory.
rsync --recursive --delete --perms \
	src/ "${SSH_HOST}":/root/src/

# Execute bootstrap procedure.
if "${BOOTSTRAP}"; then
	# Issue dummy certificates. Otherwise, HAProxy would
	# fail to come up.
	ssh "${SSH_HOST}" bash <<EOF
		/root/src/gateway/issue-certificates --dummy
EOF

	# Enable automatic monthly certificate renewal.
	ssh "${SSH_HOST}" bash <<EOF
		ln -s /root/src/gateway/issue-certificates \
			/etc/cron.monthly/issue-certificates
EOF
fi

# Restart all docker containers, and reload docker config.
ssh "${SSH_HOST}" bash <<EOF
	cd /root/src
	docker compose down
	docker compose up --detach
EOF

# Trigger certificate renewal.
if "${ISSUE_CERTIFICATES}"; then
	ssh "${SSH_HOST}" bash <<EOF
		/root/src/gateway/issue-certificates
EOF
fi