From bec73605de61e822d5c1bc91e7f125a73276ca23 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Sun, 26 Jun 2022 19:06:42 +0200
Subject: Adding support for preseeding multiple certificates in
 dehydrated-tools.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 debian/open-infrastructure-dehydrated-tools.TODO      |  1 -
 debian/open-infrastructure-dehydrated-tools.postinst  | 13 +++++++++++--
 debian/open-infrastructure-dehydrated-tools.templates |  5 ++++-
 3 files changed, 15 insertions(+), 4 deletions(-)

diff --git a/debian/open-infrastructure-dehydrated-tools.TODO b/debian/open-infrastructure-dehydrated-tools.TODO
index 7574d00..a97f1a7 100644
--- a/debian/open-infrastructure-dehydrated-tools.TODO
+++ b/debian/open-infrastructure-dehydrated-tools.TODO
@@ -1,2 +1 @@
-* automate multivalue domain.txt preseeding
 * automatically guess domain.txt by using DNS or /etc/hostname
diff --git a/debian/open-infrastructure-dehydrated-tools.postinst b/debian/open-infrastructure-dehydrated-tools.postinst
index bd3ca57..1b0f776 100755
--- a/debian/open-infrastructure-dehydrated-tools.postinst
+++ b/debian/open-infrastructure-dehydrated-tools.postinst
@@ -235,9 +235,18 @@ EOF
 			mkdir -p "${BASEDIR}/acme-challenges"
 		fi
 
-		if [ -n "${DOMAINS}" ]
+		if [ -n "${DOMAINS}" ] && [ "${DOMAINS}" != "none" ]
 		then
-			echo "${DOMAINS}" > /etc/dehydrated/domains.txt
+			rm -f /etc/dehydrated/domains.txt
+
+			GROUPS="$(echo ${DOMAINS} | sed -e 's/ /#/g' -e 's/|/ /g')"
+
+			for GROUP in ${GROUPS}
+			do
+				DOMAINS="$(echo ${GROUP} | sed -e 's/#/ /g' -e 's/^ //g')"
+
+				echo "${DOMAINS}" >> /etc/dehydrated/domains.txt
+			done
 		fi
 
 		if [ -n "${TSIG}" ]
diff --git a/debian/open-infrastructure-dehydrated-tools.templates b/debian/open-infrastructure-dehydrated-tools.templates
index e9b7295..8bef501 100644
--- a/debian/open-infrastructure-dehydrated-tools.templates
+++ b/debian/open-infrastructure-dehydrated-tools.templates
@@ -83,7 +83,10 @@ Description: dehydrated domains:
  Please enter the domains to be configured for dehydrated.
  .
  If unsure, leave empty (default) which will use the hostname
- of the system.
+ of the system. Use 'none' to not generate any certificates.
+ .
+ Multiple certificates can be separated by '|', additional
+ names (SAN) can are whitespace separated.
 
 Template: open-infrastructure-dehydrated-tools/tsig
 Type: string
-- 
cgit v1.2.3