From 1e0ca4c7d5eea9ba14dd0cb3b643eccd6b362c2d Mon Sep 17 00:00:00 2001
From: Luke Tidd <lukeisgreat@gmail.com>
Date: Sat, 22 Mar 2025 13:28:40 -0400
Subject: [PATCH] fix bug that didnt disable http, remove old services

---
 ssl-update.py | 23 ++++++++++-------------
 1 file changed, 10 insertions(+), 13 deletions(-)

diff --git a/ssl-update.py b/ssl-update.py
index 1809098..297b825 100755
--- a/ssl-update.py
+++ b/ssl-update.py
@@ -24,14 +24,10 @@ server_user = 'luke'
 domain = 'drheck.dev'
 
 supported_services = [
-  'chat',
   'git',
-  'jellyfin',
-  'nextcloud',
   'photoprism',
   'plex',
   'read',
-  'sync',
   'www',
 ]
 
@@ -75,7 +71,7 @@ remote = {
 }
 
 def firewall_mod(state, service, decrypt_pp):
-  os.environ['state'] = 'HTTP_UP'
+  os.environ['state'] = state
   os.environ['ssl_service'] = service
   cmd = ['/usr/bin/ssh', '-i', firewall_key, '-o',
          'SendEnv=state', '-o', 'SendEnv=ssl_service', '-l', firewall_user,
@@ -236,20 +232,21 @@ def run_cert_bot(fqdn, service, challenge_path, decrypt_pp):
   cb.logfile = sys.stderr
   do_update = True
   matches = [
-      'Create a file containing just this data:\r\n\r\n([^\r]+)\r',
-      ('You have an existing certificate that has exactly the '
+      'Create a file containing just this data:\r\n\r\n([^\r]+)\r', # 0
+      ('You have an existing certificate that has exactly the '     # 1
        "same domains or certificate name you requested and isn't "
        'close to expiry'),
-      '(U)pdate key type/(K)eep existing key type:',
-      'no action taken',
+      '(U)pdate key type/(K)eep existing key type:',                # 2
+      'no action taken',                                            # 3
+      'No such authorization',                                      # 4
       pexpect.TIMEOUT,
       pexpect.EOF]
   while True:
     res = cb.expect(matches, timeout=20)
     print(f'\nresult: {matches[res]}, {res}')
-    if res > 3:
+    if res > 4:
       sys.exit('Timed out')
-    if res == 3:
+    if res == 3 or res == 4:
       do_update = False
       break
     if res == 2:
@@ -365,8 +362,8 @@ def run_cert_bot(fqdn, service, challenge_path, decrypt_pp):
 
 
 def main(args):
-  logging.basicConfig(level=os.environ.get("LOGLEVEL", "WARNING"))
-  #logging.basicConfig(level=os.environ.get("LOGLEVEL", "INFO"))
+  # logging.basicConfig(level=os.environ.get("LOGLEVEL", "WARNING"))
+  logging.basicConfig(level=os.environ.get("LOGLEVEL", "INFO"))
   log.info(f'program start: {sys.argv}')
   if len(args) != 1:
     sys.exit(f'Give a service to renew: {", ".join(supported_services)} ')