From 423db12add1474181ee01400540da9696709087a Mon Sep 17 00:00:00 2001
From: Derek Smith <derek@farscapian.com>
Date: Sat, 18 Mar 2023 11:04:59 -0400
Subject: [PATCH] Add RESTORE_CERTS

---
 deploy.sh           |  7 +++++++
 www/go.sh           | 11 ++++-------
 www/restore_path.sh |  5 +++++
 3 files changed, 16 insertions(+), 7 deletions(-)

diff --git a/deploy.sh b/deploy.sh
index 4562149..af5d4a0 100755
--- a/deploy.sh
+++ b/deploy.sh
@@ -44,6 +44,7 @@ DOMAIN_NAME=
 RUN_CERT_RENEWAL=true
 SKIP_WWW=false
 RESTORE_WWW=false
+RESTORE_CERTS=false
 BACKUP_CERTS=true
 BACKUP_APPS=true
 BACKUP_BTCPAY=true
@@ -61,6 +62,10 @@ USER_TARGET_PROJECT=
 # grab any modifications from the command line.
 for i in "$@"; do
     case $i in
+        --restore-certs)
+            RESTORE_CERTS=true
+            shift
+        ;;
         --restore-www)
             RESTORE_WWW=true
             BACKUP_APPS=false
@@ -149,6 +154,8 @@ export REMOTE_PATH="$REMOTES_DIR/$REMOTE_NAME"
 export USER_SAYS_YES="$USER_SAYS_YES"
 export BACKUP_BTCPAY_ARCHIVE_PATH="$BACKUP_BTCPAY_ARCHIVE_PATH"
 export RESTART_FRONT_END="$RESTART_FRONT_END"
+export RESTORE_CERTS="$RESTORE_CERTS"
+
 
 # todo convert this to Trezor-T
 SSH_PUBKEY_PATH="$SSH_HOME/id_rsa.pub"
diff --git a/www/go.sh b/www/go.sh
index 8e1138d..a7e7b9b 100755
--- a/www/go.sh
+++ b/www/go.sh
@@ -98,7 +98,7 @@ if [ "$RESTART_FRONT_END" = true ]; then
     fi
 
     # generate the certs and grab a backup
-    if [ "$RUN_CERT_RENEWAL" = true ]; then
+    if [ "$RUN_CERT_RENEWAL" = true ] && [ "$RESTORE_CERTS" = false ]; then
         ./generate_certs.sh
     fi
 
@@ -121,13 +121,10 @@ if [ "$RESTART_FRONT_END" = true ]; then
         export LOCAL_BACKUP_PATH="$SITE_PATH/backups/www/$APP"
         mkdir -p "$LOCAL_BACKUP_PATH"
 
-        if [ "$RESTORE_WWW" = true ]; then
-            sleep 5
-            echo "STARTING restore_path.sh for letsencrypt."
+        # we grab a backup of the certs unless we're restoring.
+        if [ "$RESTORE_CERTS" = true ]; then
             ./restore_path.sh
-            #ssh "$PRIMARY_WWW_FQDN" sudo chown ubuntu:ubuntu "$REMOTE_HOME/$APP"
-        elif [ "$BACKUP_APPS"  = true ]; then
-            # if we're not restoring, then we may or may not back up.
+        else
             ./backup_path.sh
         fi
     done
diff --git a/www/restore_path.sh b/www/restore_path.sh
index f1c526c..f999acb 100755
--- a/www/restore_path.sh
+++ b/www/restore_path.sh
@@ -8,6 +8,11 @@ if [ "$FILE_COUNT" = 0 ]; then
     exit 0
 fi
 
+# if the user specified --restore-certs then we'll go forward on letsencrypt 
+if [ "$APP" = letsencrypt ] && [ "$RESTORE_CERTS" = true ]; then
+    USER_SAYS_YES=true
+fi
+
 # if the user said -y at the cli, we can skip this.
 if [ "$USER_SAYS_YES" = false ]; then