#!/bin/sh

# Temporäre Nginx config für Let's Encrypt Challenge
cat > /etc/nginx/conf.d/default.conf << EOF
server {
    listen 80;
    server_name admin-panel-undso.z5m7q9dk3ah2v1plx6ju.com api-software-undso.z5m7q9dk3ah2v1plx6ju.com;
    
    location /.well-known/acme-challenge/ {
        root /var/www/certbot;
    }
    
    location / {
        return 301 https://\$host\$request_uri;
    }
}
EOF

# Nginx starten
nginx

# Let's Encrypt Zertifikate holen
echo "Requesting Let's Encrypt certificates..."
certbot certonly --webroot -w /var/www/certbot \
    -d admin-panel-undso.z5m7q9dk3ah2v1plx6ju.com \
    -d api-software-undso.z5m7q9dk3ah2v1plx6ju.com \
    --non-interactive \
    --agree-tos \
    --email admin@z5m7q9dk3ah2v1plx6ju.com \
    --no-eff-email

# Prüfen ob erfolgreich
if [ $? -eq 0 ]; then
    echo "Certificates obtained successfully!"
    
    # Nginx stoppen
    nginx -s stop
    
    # Kopiere die echte config
    cp /etc/nginx/nginx.conf.real /etc/nginx/nginx.conf
    
    # Nginx mit SSL starten
    nginx -g "daemon off;"
else
    echo "Failed to obtain certificates"
    nginx -g "daemon off;"
fi