#!/bin/bash

# Alan adlarinin listelendigi dosyanin yolu
DOMAINS_FILE="/etc/domains.txt"

# Log dosyasinin yeri
LOG_FILE="/var/log/certbot-auto.log"

# Certbot komutunun tam yeri
CERTBOT_CMD="/usr/bin/certbot"

# Web root dizini (Web sitenizin kok dizinini belirtin)
WEBROOT_PATH="/home/user/public_html/eticaret"  # Burayi kendi dizininize gore guncelleyin

# Apache VirtualHost ayarlari icin dizin yolu
apache_available="/etc/apache2/sites-enabled"

# SSL sertifikalari icin Let's Encrypt dizini
ssl_dir="/etc/letsencrypt/live"

# Apache'yi yeniden baslatma komutu
restart_apache="sudo systemctl restart apache2"

# Domain dosyasinin var olup olmadiginini kontrol et
if [ ! -f "$DOMAINS_FILE" ]; then
    echo "Hata: $DOMAINS_FILE dosyasi bulunamadi."
    exit 1
fi

# Alan adlarini oku ve her biri icin SSL sertifikasi al
while IFS= read -r DOMAIN
do
    # Alan adi bossa atla
    if [ -z "$DOMAIN" ]; then
        continue
    fi

    # E-posta adresini alan adindan olustur
    EMAIL="email@${DOMAIN}"

    # Mevcut sertifika kontrolu
    if $CERTBOT_CMD certificates | grep -q "$DOMAIN"; then
        echo "$(date) - $DOMAIN icin zaten bir SSL sertifikasi mevcut." >> "$LOG_FILE"
    else
        echo "$(date) - $DOMAIN icin SSL sertifikasi aliniyor..." >> "$LOG_FILE"
        $CERTBOT_CMD certonly --webroot -w "$WEBROOT_PATH" -d "$DOMAIN" -d "www.$DOMAIN" --non-interactive --agree-tos --email "$EMAIL" >> "$LOG_FILE" 2>&1

        if [ $? -eq 0 ]; then
            echo "$(date) - $DOMAIN icin SSL sertifikasi basariyla alindi." >> "$LOG_FILE"
        else
            echo "$(date) - $DOMAIN icin SSL sertifikasi alinirken hata olustu." >> "$LOG_FILE"
        fi
    fi

    # VirtualHost dosyasini olustur
    conf_file="${apache_available}/${DOMAIN}.conf"
    cat <<EOL > "$conf_file"
<VirtualHost 192.168.100.100:80>
    ServerName $DOMAIN
    ServerAlias www.$DOMAIN
    DocumentRoot $WEBROOT_PATH
    ServerAdmin root@sv1.server.com

    # HTTP'den HTTPS'e yonlendirme
     RewriteEngine On
     RewriteCond %{HTTPS} off
     RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

    <Directory "$WEBROOT_PATH">
        Options All
        AllowOverride None
        Require all granted
        Header set Cache-Control "no-cache, no-store, must-revalidate"
        Header set Pragma "no-cache"
        Header set Expires 0
    </Directory>
</VirtualHost>

<VirtualHost 192.168.100.100:443>
    ServerName $DOMAIN
    ServerAlias www.$DOMAIN
    DocumentRoot $WEBROOT_PATH
    ServerAdmin root@sv1.server.com

    # SSL Ayarlari
    SSLEngine on
    SSLCertificateFile $ssl_dir/$DOMAIN/fullchain.pem
    SSLCertificateKeyFile $ssl_dir/$DOMAIN/privkey.pem

    <Directory "$WEBROOT_PATH">
        Options All
        AllowOverride All
        Require all granted
        Header set Cache-Control "no-cache, no-store, must-revalidate"
        Header set Pragma "no-cache"
        Header set Expires 0
    </Directory>
</VirtualHost>
EOL

    echo "VirtualHost dosyasi olusturuldu: $conf_file"

    # VirtualHost'u etkinlestir
    sudo a2ensite "${DOMAIN}.conf"

done < "$DOMAINS_FILE"

# Apache'yi yeniden baslat
echo "Apache yeniden baslatiliyor..." sudo systemctl restart httpd
echo "Tum islemler tamamlandi!"