From b731380443be9548032c9b0047e66a4435774a99 Mon Sep 17 00:00:00 2001
From: Zsolt Ero <zsolt.ero@gmail.com>
Date: Sun, 3 Mar 2024 02:16:51 +0100
Subject: [PATCH] rclone write

---
 scripts/ledns/rclone_write.sh |  9 +++++----
 ssh_lib/tasks.py              | 31 +++++++++++++++++--------------
 2 files changed, 22 insertions(+), 18 deletions(-)

diff --git a/scripts/ledns/rclone_write.sh b/scripts/ledns/rclone_write.sh
index f4cd5f6..7be304a 100644
--- a/scripts/ledns/rclone_write.sh
+++ b/scripts/ledns/rclone_write.sh
@@ -1,10 +1,11 @@
 #!/usr/bin/env bash
 
 #env > /data/ofm/ledns/env.txt
+#RENEWED_DOMAINS=direct.openfreemap.org
+#RENEWED_LINEAGE=/etc/letsencrypt/live/ofm_ledns
 
-RENEWED_DOMAINS=direct.openfreemap.org
-RENEWED_LINEAGE=/etc/letsencrypt/live/ofm_ledns
+export RCLONE_CONFIG=/data/ofm/config/rclone.conf
 
-rclone copy -v "$RENEWED_LINEAGE/fullchain.pem" "remote:ofm-secret/ledns/$RENEWED_DOMAINS/ofm_ledns.cert"
-rclone copy -v "$RENEWED_LINEAGE/privkey.pem" "remote:ofm-secret/ledns/$RENEWED_DOMAINS/ofm_ledns.key"
+rclone copyto -v --copy-links "$RENEWED_LINEAGE/fullchain.pem" "remote:ofm-private/ledns/$RENEWED_DOMAINS/ofm_ledns.cert"
+rclone copyto -v --copy-links "$RENEWED_LINEAGE/privkey.pem" "remote:ofm-private/ledns/$RENEWED_DOMAINS/ofm_ledns.key"
 
diff --git a/ssh_lib/tasks.py b/ssh_lib/tasks.py
index e02cee2..a3ec53b 100644
--- a/ssh_lib/tasks.py
+++ b/ssh_lib/tasks.py
@@ -204,6 +204,8 @@ def setup_ledns_writer(c):
         permissions=400,
     )
 
+    c.sudo('rm -rf /data/ofm/ledns')
+
     put(
         c,
         SCRIPTS_DIR / 'ledns' / 'rclone_write.sh',
@@ -212,17 +214,18 @@ def setup_ledns_writer(c):
         permissions=500,
     )
 
-    #
-    # sudo_cmd(
-    #     c,
-    #     'certbot certonly '
-    #     '--dns-cloudflare '
-    #     f'--dns-cloudflare-credentials {REMOTE_CONFIG}/cloudflare.ini '
-    #     '--dns-cloudflare-propagation-seconds 20 '
-    #     '--staging '
-    #     f'--noninteractive -m {le_email} '
-    #     f'--agree-tos '
-    #     f'--cert-name=ofm_ledns '
-    #     f'--deploy-hook /data/ofm/ledns/rclone_write.sh '
-    #     f'-d {domain_ledns}',
-    # )
+    c.sudo('certbot delete --cert-name ofm_ledns')
+
+    sudo_cmd(
+        c,
+        'certbot certonly '
+        '--dns-cloudflare '
+        f'--dns-cloudflare-credentials {REMOTE_CONFIG}/cloudflare.ini '
+        '--dns-cloudflare-propagation-seconds 20 '
+        f'--non-interactive '
+        f'-m {le_email} '
+        f'--agree-tos '
+        f'--cert-name=ofm_ledns '
+        f'--deploy-hook /data/ofm/ledns/rclone_write.sh '
+        f'-d {domain_ledns}',
+    )