From a8ed49a50b83f2f3bb53295a97964bdda1255696 Mon Sep 17 00:00:00 2001
From: David Schroeder <david@schroedercity.com>
Date: Wed, 22 Nov 2023 19:51:32 -0600
Subject: [PATCH] Update nodemgmt-scripts.sh

---
 nodemgmt-scripts.sh | 29 ++++++++++++++++++-----------
 1 file changed, 18 insertions(+), 11 deletions(-)

diff --git a/nodemgmt-scripts.sh b/nodemgmt-scripts.sh
index 0d441aca..16200d35 100755
--- a/nodemgmt-scripts.sh
+++ b/nodemgmt-scripts.sh
@@ -421,24 +421,31 @@ VCENTER-SSL(){
 			echo -e "${idsCL[Yellow]}${VCCERTDAYS} days left, Certificate needs to be updated${idsCL[Default]}"
 			echo 
 		fi
-	
-		if ssh -q root@${NM_VCHOSTNAME} [ ! -d /root/.acme.sh ]; then
-			echo -e "${idsCL[Yellow]}Installing acme.sh scripts on vCenter${idsCL[Default]}\n"
-			ssh -q root@${NM_VCHOSTNAME} "wget -O -  https://get.acme.sh | sh"
-			echo
-		else
-			echo -e "${idsCL[Green]}Verified acme.sh scripts are installed on vCenter${idsCL[Default]}\n"
-		fi
 		
 		echo '#!/usr/bin/env bash' >| /tmp/vcenter-update-ssl.sh
 		echo "export PDNS_Url='https://wdns.scity.us'
 export PDNS_Token='${NM_WPDNS_KEY}'
 export PDNS_ServerId='scity.us'
 export PDNS_Ttl=60
-/root/.acme.sh/acme.sh --server letsencrypt -k 2048 --preferred-chain 'ISRG Root X1' --issue --dns dns_pdns -d ${NM_VCHOSTNAME}
 		" >> /tmp/vcenter-update-ssl.sh
-		echo "HERE:"
-		scp /tmp/vcenter-update-ssl.sh root@${NM_VCHOSTNAME}:/tmp/vcenter-update-ssl.sh
+	
+		if ssh -q root@${NM_VCHOSTNAME} [ ! -d /root/.acme.sh ]; then
+			echo -e "${idsCL[Yellow]}Installing acme.sh scripts on vCenter${idsCL[Default]}\n"
+			ssh -q root@${NM_VCHOSTNAME} "wget -O -  https://get.acme.sh | sh"
+			echo -e "${idsCL[LightGreen]}Requesting new certificate ...${idsCL[Default]}\n"
+			echo "/root/.acme.sh/acme.sh --server letsencrypt -k 2048 --preferred-chain 'ISRG Root X1' --issue --dns dns_pdns -d ${NM_VCHOSTNAME}" >> /tmp/vcenter-update-ssl.sh
+		else
+			echo -e "${idsCL[Green]}Verified acme.sh scripts are installed on vCenter, checking for updates${idsCL[Default]}\n"
+			ssh -q root@${NM_VCHOSTNAME} "/root/.acme.sh/acme.sh --upgrade"
+			echo -e "${idsCL[LightGreen]}Renewing certificate ...${idsCL[Default]}\n"
+			if [ "${1}" == "force" ]; then
+				echo "/root/.acme.sh/acme.sh --renew-all --force --test" >> /tmp/vcenter-update-ssl.sh
+			else
+				echo "/root/.acme.sh/acme.sh --renew-all" >> /tmp/vcenter-update-ssl.sh
+			fi
+		fi
+		
+		scp -q /tmp/vcenter-update-ssl.sh root@${NM_VCHOSTNAME}:/tmp/vcenter-update-ssl.sh
 		ssh -q root@${NM_VCHOSTNAME} "bash /tmp/vcenter-update-ssl.sh"