#!/bin/bash

SEPARATOR_PATTERN='^## PEM_FILE: (.*)'
RAW_CERTIFICATE_FILE={{ haproxy_allcerts_file }}
SSL_CERT_DIR={{ haproxy_cert_path }}

echo "Generate certificates..."
if [ -f $RAW_CERTIFICATE_FILE ]
then
  PEM_FILENAME=/dev/null
  while IFS='' read -r LINE || [ -n "${LINE}" ]; do
    if [[ $LINE =~ $SEPARATOR_PATTERN ]]
    then
      PEM_FILENAME=$SSL_CERT_DIR/${BASH_REMATCH[1]}
      echo "Processing PEM file: $PEM_FILENAME"
      echo -n "" > $PEM_FILENAME
    else
      echo $LINE >> $PEM_FILENAME
    fi
  done < $RAW_CERTIFICATE_FILE
  chmod 600 {{ haproxy_cert_path }}/*.pem
  {{ local_bin_path }}/haproxy_reload
fi
echo "...done"