From 0eebb36906263febe5e838b3ba1f15a6d0be2407 Mon Sep 17 00:00:00 2001
From: Fernandez Ludovic <lfernandez.dev@gmail.com>
Date: Wed, 20 Feb 2019 09:46:39 +0100
Subject: [PATCH] feat: use domain as sub-dir.

---
 dumper.go | 43 ++++++++++++++++++++++++++++++-------------
 main.go   |  4 ++--
 readme.md |  8 ++++++--
 3 files changed, 38 insertions(+), 17 deletions(-)

diff --git a/dumper.go b/dumper.go
index b34a67f..eedaad7 100644
--- a/dumper.go
+++ b/dumper.go
@@ -45,7 +45,7 @@ type Account struct {
 	KeyType      certcrypto.KeyType
 }
 
-func dump(acmeFile, dumpPath string, crtExt, keyExt string, subDir bool) error {
+func dump(acmeFile, dumpPath string, crtExt, keyExt string, domainSubDir bool) error {
 	f, err := os.Open(acmeFile)
 	if err != nil {
 		return err
@@ -60,29 +60,29 @@ func dump(acmeFile, dumpPath string, crtExt, keyExt string, subDir bool) error {
 		return err
 	}
 
-	err = os.MkdirAll(filepath.Join(dumpPath, withSubDir(subDir, certsSubDir)), 0755)
-	if err != nil {
-		return err
+	if !domainSubDir {
+		if err = os.MkdirAll(filepath.Join(dumpPath, certsSubDir), 0755); err != nil {
+			return err
+		}
 	}
 
-	err = os.MkdirAll(filepath.Join(dumpPath, withSubDir(subDir, keysSubDir)), 0755)
-	if err != nil {
+	if err = os.MkdirAll(filepath.Join(dumpPath, keysSubDir), 0755); err != nil {
 		return err
 	}
 
 	privateKeyPem := extractPEMPrivateKey(data.Account)
-	err = ioutil.WriteFile(filepath.Join(dumpPath, withSubDir(subDir, keysSubDir), "letsencrypt"+keyExt), privateKeyPem, 0666)
+	err = ioutil.WriteFile(filepath.Join(dumpPath, keysSubDir, "letsencrypt"+keyExt), privateKeyPem, 0666)
 	if err != nil {
 		return err
 	}
 
 	for _, cert := range data.Certificates {
-		err = ioutil.WriteFile(filepath.Join(dumpPath, withSubDir(subDir, keysSubDir), cert.Domain.Main+keyExt), cert.Key, 0666)
+		err := writeCert(dumpPath, cert, crtExt, domainSubDir)
 		if err != nil {
 			return err
 		}
 
-		err = ioutil.WriteFile(filepath.Join(dumpPath, withSubDir(subDir, certsSubDir), cert.Domain.Main+crtExt), cert.Certificate, 0666)
+		err = writeKey(dumpPath, cert, keyExt, domainSubDir)
 		if err != nil {
 			return err
 		}
@@ -91,11 +91,28 @@ func dump(acmeFile, dumpPath string, crtExt, keyExt string, subDir bool) error {
 	return nil
 }
 
-func withSubDir(sub bool, name string) string {
-	if sub {
-		return name
+func writeCert(dumpPath string, cert *Certificate, ext string, domainSubDir bool) error {
+	certPath := filepath.Join(dumpPath, keysSubDir, cert.Domain.Main+ext)
+	if domainSubDir {
+		certPath = filepath.Join(dumpPath, cert.Domain.Main, "certificate"+ext)
+		if err := os.MkdirAll(filepath.Join(dumpPath, cert.Domain.Main), 0755); err != nil {
+			return err
+		}
 	}
-	return ""
+
+	return ioutil.WriteFile(certPath, cert.Key, 0666)
+}
+
+func writeKey(dumpPath string, cert *Certificate, ext string, domainSubDir bool) error {
+	keyPath := filepath.Join(dumpPath, certsSubDir, cert.Domain.Main+ext)
+	if domainSubDir {
+		keyPath = filepath.Join(dumpPath, cert.Domain.Main, "privatekey"+ext)
+		if err := os.MkdirAll(filepath.Join(dumpPath, cert.Domain.Main), 0755); err != nil {
+			return err
+		}
+	}
+
+	return ioutil.WriteFile(keyPath, cert.Certificate, 0666)
 }
 
 func extractPEMPrivateKey(account *Account) []byte {
diff --git a/main.go b/main.go
index 79a8f8e..0afcfae 100644
--- a/main.go
+++ b/main.go
@@ -26,7 +26,7 @@ func main() {
 			dumpPath := cmd.Flag("dest").Value.String()
 			crtExt := cmd.Flag("crt-ext").Value.String()
 			keyExt := cmd.Flag("key-ext").Value.String()
-			subDir, _ := strconv.ParseBool(cmd.Flag("use-subdir").Value.String())
+			subDir, _ := strconv.ParseBool(cmd.Flag("domain-subdir").Value.String())
 
 			err := dump(acmeFile, dumpPath, crtExt, keyExt, subDir)
 			if err != nil {
@@ -39,7 +39,7 @@ func main() {
 	dumpCmd.Flags().String("dest", "./dump", "Path to store the dump content.")
 	dumpCmd.Flags().String("crt-ext", ".crt", "The file extension of the generated certificates.")
 	dumpCmd.Flags().String("key-ext", ".key", "The file extension of the generated private keys.")
-	dumpCmd.Flags().Bool("use-subdir", true, "Use separated directories for certificates and keys.")
+	dumpCmd.Flags().Bool("domain-subdir", false, "Use domain as sub-directory.")
 	rootCmd.AddCommand(dumpCmd)
 
 	var versionCmd = &cobra.Command{
diff --git a/readme.md b/readme.md
index 9280588..b61a31b 100644
--- a/readme.md
+++ b/readme.md
@@ -32,10 +32,10 @@ Usage:
 Flags:
       --crt-ext string   The file extension of the generated certificates. (default ".crt")
       --dest string      Path to store the dump content. (default "./dump")
+      --domain-subdir    Use domain as sub-directory.
   -h, --help             help for dump
       --key-ext string   The file extension of the generated private keys. (default ".key")
       --source string    Path to 'acme.json' file. (default "./acme.json")
-      --use-subdir       Use separated directories for certificates and keys. (default true)
 ```
 
 ## Examples
@@ -53,10 +53,14 @@ traefik-certs-dumper dump --crt-ext=.pem --key-ext=.pem
 ```
 
 ```bash
-traefik-certs-dumper dump --use-subdir=false
+traefik-certs-dumper dump --domain-subdir=true
 ```
 
 - https://github.com/containous/traefik/issues/4381
 - https://github.com/containous/traefik/issues/2418
 - https://github.com/containous/traefik/issues/3847
 - https://github.com/SvenDowideit/traefik-certdumper
+
+```bash
+traefik-certs-dumper dump --use-subdir=false --crt-ext=.pem --key-ext=.pem --dest="/home/your_user/.homeassistant/"
+```
\ No newline at end of file