From 35a3a54845fd2d80cb2b0843f711b85e0690cbe0 Mon Sep 17 00:00:00 2001
From: nachoparker <nacho@ownyourbits.com>
Date: Tue, 12 Oct 2021 17:55:45 -0600
Subject: letsencrypt: favor most recent cert if there are many

Signed-off-by: nachoparker <nacho@ownyourbits.com>
---
 bin/ncp/NETWORKING/letsencrypt.sh   | 3 +--
 etc/ncp-templates/nextcloud.conf.sh | 6 ++++--
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/bin/ncp/NETWORKING/letsencrypt.sh b/bin/ncp/NETWORKING/letsencrypt.sh
index 1986a74e..6f3bf5e3 100644
--- a/bin/ncp/NETWORKING/letsencrypt.sh
+++ b/bin/ncp/NETWORKING/letsencrypt.sh
@@ -131,8 +131,7 @@ EOF
     done
     set-nc-domain "$DOMAIN"
 
-    # delayed in bg so it does not kill the connection, and we get AJAX response
-    bash -c "sleep 2 && service apache2 reload" &>/dev/null &
+    apachectl -k graceful
     rm -rf $ncdir/.well-known
 
     # Update configuration
diff --git a/etc/ncp-templates/nextcloud.conf.sh b/etc/ncp-templates/nextcloud.conf.sh
index ea49032c..ec0b3174 100644
--- a/etc/ncp-templates/nextcloud.conf.sh
+++ b/etc/ncp-templates/nextcloud.conf.sh
@@ -42,8 +42,10 @@ EOF
 if [[ "$1" != "--defaults" ]] && [[ -n "$LETSENCRYPT_DOMAIN" ]]; then
   echo "    ServerName ${LETSENCRYPT_DOMAIN}"
   LETSENCRYPT_CERT_BASE_PATH="/etc/letsencrypt/live/${LETSENCRYPT_DOMAIN,,}"
-  [[ -d "${LETSENCRYPT_CERT_BASE_PATH}" ]] || \
-    LETSENCRYPT_CERT_BASE_PATH="$(find /etc/letsencrypt/live -name "${LETSENCRYPT_DOMAIN,,}*" | head -1)"
+  [[ -d "${LETSENCRYPT_CERT_BASE_PATH}" ]] || {
+    #find the most recent cert
+    LETSENCRYPT_CERT_BASE_PATH="$(find /etc/letsencrypt/live -type d -name "${LETSENCRYPT_DOMAIN,,}*" -printf "%T@ %p\n" | sort -n | cut -f2 -d' ' | tail -1)"
+  }
   LETSENCRYPT_CERT_PATH="${LETSENCRYPT_CERT_BASE_PATH}/fullchain.pem"
   LETSENCRYPT_KEY_PATH="${LETSENCRYPT_CERT_BASE_PATH}/privkey.pem"
 
-- 
cgit v1.2.3