#!/bin/bash

# 检查参数
if [ $# -lt 2 ]; then
    echo "用法: $0 <工作目录> <域名>"
    exit 1
fi

WORKDIR="$1"         # 第一个参数：工作目录，比如 /opt/caddy/certbot-aliyun-docker/derper
DOMAIN="$2"          # 第二个参数：域名，比如 derper.jmsu.top

# 可选：你可以将阿里云AK/SK/邮箱也作为参数或放到环境变量/配置文件
REGION="cn-hangzhou"
ACCESS_KEY_ID="LTAI5tP1yWFMMJhF6nrGYEit"         # 推荐写到外部变量，或传参数
ACCESS_KEY_SECRET="LTAI5tP1yWFMMJhF6nrGYEit"     # 推荐写到外部变量，或传参数
EMAIL="pylyzeng@gmail.com"

cd "$WORKDIR" || exit 1

echo ">>> 停止 derper 服务"
docker compose down

echo ">>> 续期证书 $DOMAIN"

docker run --rm \
  -e REGION="$REGION" \
  -e ACCESS_KEY_ID="$ACCESS_KEY_ID" \
  -e ACCESS_KEY_SECRET="$ACCESS_KEY_SECRET" \
  -e DOMAIN="$DOMAIN" \
  -e EMAIL="$EMAIL" \
  -v "$PWD/letsencrypt:/etc/letsencrypt" \
  -v "$PWD/certs:/app/certs" \
  -v "$PWD/logs:/var/log/certbot" \
  hotwa/certbot:latest \
  certbot renew \
    --manual \
    --preferred-challenges dns \
    --manual-auth-hook "alidns" \
    --manual-cleanup-hook "alidns clean" \
    --deploy-hook "/app/scripts/webhook.sh" \
    --no-random-sleep-on-renew \
    -v

echo ">>> 启动 derper 服务"
docker compose up -d

echo "crontab 添加任务选项（请根据实际需求选择，复制到 crontab 即可）："
echo
echo "【每周一凌晨 2 点执行】"
echo "0 2 * * 1 $WORKDIR/renew_derper.sh $WORKDIR $DOMAIN >> /var/log/renew_derper.log 2>&1"
echo
echo "【每月 1 号凌晨 2 点执行】"
echo "0 2 1 * * $WORKDIR/renew_derper.sh $WORKDIR $DOMAIN >> /var/log/renew_derper.log 2>&1"