From f9bba3b65bf1e61eb3942f971b40d4d4e1227c70 Mon Sep 17 00:00:00 2001
From: Keagan McClelland <keagan.mcclelland@gmail.com>
Date: Tue, 4 Aug 2020 17:01:51 -0600
Subject: [PATCH] testing complete

---
 src/Application.hs | 11 ++++-------
 src/Lib/Ssl.hs     |  9 +++++----
 2 files changed, 9 insertions(+), 11 deletions(-)

diff --git a/src/Application.hs b/src/Application.hs
index 33ad98e..07f1929 100644
--- a/src/Application.hs
+++ b/src/Application.hs
@@ -182,15 +182,12 @@ startApp foundation = do
     putStrLn @Text "SSL Setup Complete"
 
     -- certbot renew loop
-    void . forkIO $ forever $ do
-        putStrLn $ "DOMAIN: " <> registryHostname (appSettings foundation)
-        putStrLn $ "CERT: " <> sslCertLocation (appSettings foundation)
-        runReaderT renewSslCerts foundation
-        shouldRenew <- doesSslNeedRenew (sslCertLocation $ appSettings foundation)
+    void . forkIO $ forever $ flip runReaderT foundation $ do
+        shouldRenew <- doesSslNeedRenew
         when shouldRenew $ do
             putStrLn @Text "Renewing SSL Certs."
-            runReaderT renewSslCerts foundation
-        sleep 86_400
+            renewSslCerts
+        liftIO $ sleep 86_400
 
     startWeb foundation
 
diff --git a/src/Lib/Ssl.hs b/src/Lib/Ssl.hs
index 3bd86d8..0173af7 100644
--- a/src/Lib/Ssl.hs
+++ b/src/Lib/Ssl.hs
@@ -41,15 +41,16 @@ setupSsl AppSettings {..} = do
             "openssl"
             ["x509", "-req", "-in", sslCsrLocation, "-signkey", sslKeyLocation, "-out", sslCertLocation]
 
-doesSslNeedRenew :: FilePath -> IO Bool
-doesSslNeedRenew cert = do
-    ec <- liftIO $ system [i|openssl x509 -checkend 2592000 -noout -in #{cert}|]
+doesSslNeedRenew :: ReaderT RegistryCtx IO Bool
+doesSslNeedRenew = do
+    cert <- asks $ sslCertLocation . appSettings
+    ec   <- liftIO $ system [i|openssl x509 -checkend 2592000 -noout -in #{cert}|]
     pure $ ec /= ExitSuccess
 
 renewSslCerts :: ReaderT RegistryCtx IO ()
 renewSslCerts = do
     domain      <- asks $ registryHostname . appSettings
     (cert, key) <- asks $ (sslCertLocation &&& sslKeyLocation) . appSettings
-    void . liftIO $ system [i|certbot renew --dry-run|]
+    void . liftIO $ system [i|certbot renew|]
     void . liftIO $ system [i|cp /etc/letsencrypt/live/#{domain}/fullchain.pem #{cert}|]
     void . liftIO $ system [i|cp /etc/letsencrypt/live/#{domain}/privkey.pem #{key}|]