From 6e65d3f794e71c08a25ad945eb7f8e9d1b9148e7 Mon Sep 17 00:00:00 2001
From: David Schroeder <david@schroedercity.com>
Date: Wed, 6 Feb 2019 16:01:46 -0600
Subject: [PATCH] Update nodemgmt-scripts.sh

---
 nodemgmt-scripts.sh | 54 ++++++++++++++++++++++++++++++++++-----------
 1 file changed, 41 insertions(+), 13 deletions(-)

diff --git a/nodemgmt-scripts.sh b/nodemgmt-scripts.sh
index b1c1a9a2..e293796b 100755
--- a/nodemgmt-scripts.sh
+++ b/nodemgmt-scripts.sh
@@ -78,17 +78,22 @@ NEWCERT(){
 			do_with_root chown -R root:letsencrypt /etc/letsencrypt
 			do_with_root chmod -R 6775 /etc/letsencrypt
 			echo -en "${idsCL[LightYellow]}Waiting for certifcate replication between the nodes... ${idsCL[Default]}"
-			until [ "${same}" = "true" ]; do
-				same1=`ssh root@10.5.10.52 "cat /etc/letsencrypt/live/${NEW_CERT}/fullchain.pem" | diff - /etc/letsencrypt/live/${NEW_CERT}/fullchain.pem`
-				same2=`ssh root@10.5.10.53 "cat /etc/letsencrypt/live/${NEW_CERT}/fullchain.pem" | diff - /etc/letsencrypt/live/${NEW_CERT}/fullchain.pem`
-				if [ "${same1}" = "" ] && [ "${same2}" = "" ]
-					then same="true"
-					else same="false"
-				fi
-			done
+			until [ "${synccomplete}" = "true" ]; do
+				synccomplete=true
+				for nip in "${NODE_HOSTS[@]}"
+				do
+					if [[ $(/sbin/ip -o -4 addr list ens192 | awk '{print $4}' | cut -d/ -f1) == *"${nip}"* ]]; then NCMD=''
+						else NCMD="ssh root@${nip}"
+					fi
+					if [ "${NCMD}" != "" ]; then
+						check=`${NCMD} "cat /etc/letsencrypt/cert-renewal.lastrun" | diff - /etc/letsencrypt/cert-renewal.lastrun`
+						if [ "${check}" != "" ]; then
+							synccomplete=false
+						fi
+					fi
+				done
 			echo -e "${idsCL[Green]}Completed${idsCL[Default]}"
-			
-			#sleep 20
+			echo 
 			SERVICE nginx reload
 			echo -e "${idsCL[Green]}Certificate has been successfully created for '${idsCL[Yellow]}${NEW_CERT}${idsCL[Green]}'...${idsCL[Default]}"
 		else
@@ -113,9 +118,32 @@ CERTRENEW(){
 	do_with_root $CERT_DAEMON renew --webroot -w /var/www/html 2>&1 | tee /opt/idssys/nodemgmt/cert-renewal.lastrun
 	do_with_root chown -R root:letsencrypt /etc/letsencrypt 2>&1 | tee -a /opt/idssys/nodemgmt/cert-renewal.lastrun
 	do_with_root chmod -R 6775 /etc/letsencrypt 2>&1 | tee -a /opt/idssys/nodemgmt/cert-renewal.lastrun
-	echo -e "${idsCL[LightYellow]}Waiting for certifcate replication between the nodes...${idsCL[Default]}"
-	echo ""
-	sleep 20
+	yes | cp -rfH /opt/idssys/nodemgmt/cert-renewal.lastrun /etc/letsencrypt/cert-renewal.lastrun
+	echo -en "${idsCL[LightYellow]}Waiting for certifcate replication between the nodes... ${idsCL[Default]}"
+	
+	until [ "${synccomplete}" = "true" ]; do
+		synccomplete=true
+		for nip in "${NODE_HOSTS[@]}"
+		do
+			if [[ $(/sbin/ip -o -4 addr list ens192 | awk '{print $4}' | cut -d/ -f1) == *"${nip}"* ]]; then NCMD=''
+				else NCMD="ssh root@${nip}"
+			fi
+			if [ "${NCMD}" != "" ]; then
+				check=`${NCMD} "cat /etc/letsencrypt/cert-renewal.lastrun" | diff - /etc/letsencrypt/cert-renewal.lastrun`
+				if [ "${check}" != "" ]; then
+					synccomplete=false
+				fi
+			fi
+		done
+		
+		
+		#same1=`ssh root@10.5.10.52 "cat /etc/letsencrypt/cert-renewal.lastrun" | diff - /etc/letsencrypt/cert-renewal.lastrun`
+		#same2=`ssh root@10.5.10.53 "cat /etc/letsencrypt/cert-renewal.lastrun" | diff - /etc/letsencrypt/cert-renewal.lastrun`
+		#if [ "${same1}" = "" ] && [ "${same2}" = "" ]
+		#	then same="true"
+		#	else same="false"
+		#fi
+	done
 	SERVICE nginx reload 2>&1 | tee -a /opt/idssys/nodemgmt/cert-renewal.lastrun
 }
 NIGHTLYRENEW(){