#!/usr/bin/php
<?php
//
//read environment variables

//the shell variable $RENEWED_LINEAGE will point to the config live subdirectory
//(for example, "/etc/letsencrypt/live/example.com") containing the new certs and
//keys; the shell variable $RENEWED_DOMAINS will contain a space-delimited list
//of renewed cert domains (for example, "example.com www.example.com").

$domains = explode(" ", getenv('RENEWED_DOMAINS'));

//update each domain
foreach ($domains as $d) {
	echo "update $d \n";

	if ($d=="supercredit.com.au"){
		// install_to_cpanel();
	}
}

//restart nginx webserver.
exec('/usr/sbin/service nginx reload');


function install_to_cpanel()
{
	//https://documentation.cpanel.net/display/DD/Tutorial+-+Call+UAPI%27s+SSL%3A%3Ainstall_ssl+Function+in+Custom+Code

	// Log everything during development.
	// If you run this on the CLI, set 'display_errors = On' in php.ini.
	error_reporting(E_ALL);

	// Declare your username and password for authentication.
	$username = 'supercreditcom';
	$password = 'P#SdlnWQ$+mW';

	// Define the API call.
	$cpanel_host = 'biz96.biukop.com.au';
	$request_uri = "https://$cpanel_host:2083/execute/SSL/install_ssl";

	// Define the SSL certificate and key files.
	$cert_file = realpath("/etc/letsencrypt/live/supercredit.com.au/cert.pem");
	$key_file = realpath("/etc/letsencrypt/live/supercredit.com.au/privkey.pem");
	$chain_file = realpath("/etc/letsencrypt/live/supercredit.com.au/chain.pem");

	// Set up the payload to send to the server.
	$payload = array(
    	'domain'  => "supercredit.com.au",
    	'cert'    => file_get_contents($cert_file),
    	'key'     => file_get_contents($key_file),
    	'cabundle'=> file_get_contents($chain_file),
	);

	// Set up the cURL request object.
	$ch = curl_init( $request_uri );
	curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
	curl_setopt( $ch, CURLOPT_USERPWD, $username . ':' . $password );
	curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, false );
	curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false );

	// Set up a POST request with the payload.
	curl_setopt( $ch, CURLOPT_POST, true );
	curl_setopt( $ch, CURLOPT_POSTFIELDS, $payload );
	curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );

	// Make the call, and then terminate the cURL caller object.
	$curl_response = curl_exec( $ch );
	curl_close( $ch );

	// Decode and validate output.
	$response = json_decode( $curl_response );
	if( empty( $response ) ) {
    	echo "The cURL call did not return valid JSON:\n";
    	die( $response );
	} elseif ( !$response->status ) {
    	echo "The cURL call returned valid JSON, but reported errors:\n";
    	die( $response->errors[0] . "\n" );
	}
	// Print and exit.
	die( print_r( $response ) );
}
?>