From c16e730a19ea73c5140efd2c0cdc000ac7469d3f Mon Sep 17 00:00:00 2001
From: MrMeeb <mrmeeb@noreply.git.mrmeeb.stream>
Date: Mon, 17 Jul 2023 17:49:02 +0000
Subject: [PATCH] add ONE_SHOT so container exits after run

---
 Dockerfile                                     |  2 ++
 README.md                                      |  1 +
 root/certbot-prepare.sh                        | 18 ++++++++++++++----
 root/check-one-shot.sh                         |  9 +++++++++
 root/container-init.sh                         |  1 +
 .../dependencies.d/base}                       |  0
 .../dependencies.d/certbot-prepare             |  0
 .../etc/s6-overlay/s6-rc.d/check-one-shot/type |  1 +
 root/etc/s6-overlay/s6-rc.d/check-one-shot/up  |  1 +
 .../s6-rc.d/cron/dependencies.d/check-one-shot |  0
 10 files changed, 29 insertions(+), 4 deletions(-)
 create mode 100644 root/check-one-shot.sh
 rename root/etc/s6-overlay/s6-rc.d/{cron/dependencies.d/certbot-prepare => check-one-shot/dependencies.d/base} (100%)
 create mode 100644 root/etc/s6-overlay/s6-rc.d/check-one-shot/dependencies.d/certbot-prepare
 create mode 100644 root/etc/s6-overlay/s6-rc.d/check-one-shot/type
 create mode 100644 root/etc/s6-overlay/s6-rc.d/check-one-shot/up
 create mode 100644 root/etc/s6-overlay/s6-rc.d/cron/dependencies.d/check-one-shot

diff --git a/Dockerfile b/Dockerfile
index 945cd44..865be2f 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -17,6 +17,7 @@ ENV PGID=1000
 ENV TZ=UTC
 ENV GENERATE_DHPARAM=true
 ENV INTERVAL="0 */6 * * *"
+ENV ONE_SHOT=false
 
 # Single domain
 ENV DOMAINS=
@@ -68,6 +69,7 @@ COPY root /
 RUN chmod +x /container-init.sh && \
     chmod +x /certbot-prepare.sh && \
     chmod +x /certbot-renew.sh && \
+    chmod +x /check-one-shot.sh && \
     chown -R ${PUID}:${PGID} /app /config
 
 ENTRYPOINT [ "/init" ]
diff --git a/README.md b/README.md
index 3c5655b..99208ac 100644
--- a/README.md
+++ b/README.md
@@ -52,6 +52,7 @@ Core options to the container
 |PUID    |int    |1000   |Sets the UID of the user certbot runs under |
 |PGID    |int    |1000   |Sets the GID of the user certbot runs under |
 |TZ      |[List of valid TZs](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List)    |UTC    |Sets the timezone of the container |
+| ONE_SHOT | false | Whether container exits after first run of certbot, or starts cron-based auto-renewal |
 | GENERATE_DHPARAM | true (case-sensitive) | Generate Diffie-Hellman keys in /config/letsencrypt/keys |
 | INTERVAL | 0 */6 * * * | How often certbot attempts to renew the certificate. Cron syntax |
 | CERT_COUNT | 1 | How many certificates certbot will try to issue (more than 1 not yet implemented) |
diff --git a/root/certbot-prepare.sh b/root/certbot-prepare.sh
index ea8fe6c..950a130 100644
--- a/root/certbot-prepare.sh
+++ b/root/certbot-prepare.sh
@@ -761,9 +761,19 @@ then
     openssl dhparam -out /config/letsencrypt/keys/ssl-dhparams.pem 4096
 fi
 
-echo "$INTERVAL /certbot-renew.sh >> /config/logs/renew.log" > /config/.crontab.txt
+if [ $ONE_SHOT == "true" ]; then
 
-echo ""
+    echo ""
 
-echo "Starting automatic renewal job. Schedule is $INTERVAL"
-crontab /config/.crontab.txt
\ No newline at end of file
+    echo "ONE_SHOT is true - exiting container"
+
+elif [ $ONE_SHOT == "false" ]; then
+
+    echo "$INTERVAL /certbot-renew.sh >> /config/logs/renew.log" > /config/.crontab.txt
+
+    echo ""
+
+    echo "Starting automatic renewal job. Schedule is $INTERVAL"
+    crontab /config/.crontab.txt
+
+fi
\ No newline at end of file
diff --git a/root/check-one-shot.sh b/root/check-one-shot.sh
new file mode 100644
index 0000000..1808062
--- /dev/null
+++ b/root/check-one-shot.sh
@@ -0,0 +1,9 @@
+#!/command/with-contenv bash
+# shellcheck shell=bash
+
+if [ $ONE_SHOT == "true" ]; then
+
+    # Cleanly kill container by sending kill signal to supervisor process
+    kill 1
+
+fi
\ No newline at end of file
diff --git a/root/container-init.sh b/root/container-init.sh
index 10683bb..87406fa 100644
--- a/root/container-init.sh
+++ b/root/container-init.sh
@@ -28,6 +28,7 @@ echo \
 "PUID=${PUID}
 PGID=${PGID}
 TZ=${TZ}
+ONE_SHOT=${ONE_SHOT}
 INTERVAL=${INTERVAL}
 GENERATE_DHPARAM=${GENERATE_DHPARAM}
 CERT_COUNT=${CERT_COUNT}"
diff --git a/root/etc/s6-overlay/s6-rc.d/cron/dependencies.d/certbot-prepare b/root/etc/s6-overlay/s6-rc.d/check-one-shot/dependencies.d/base
similarity index 100%
rename from root/etc/s6-overlay/s6-rc.d/cron/dependencies.d/certbot-prepare
rename to root/etc/s6-overlay/s6-rc.d/check-one-shot/dependencies.d/base
diff --git a/root/etc/s6-overlay/s6-rc.d/check-one-shot/dependencies.d/certbot-prepare b/root/etc/s6-overlay/s6-rc.d/check-one-shot/dependencies.d/certbot-prepare
new file mode 100644
index 0000000..e69de29
diff --git a/root/etc/s6-overlay/s6-rc.d/check-one-shot/type b/root/etc/s6-overlay/s6-rc.d/check-one-shot/type
new file mode 100644
index 0000000..3d92b15
--- /dev/null
+++ b/root/etc/s6-overlay/s6-rc.d/check-one-shot/type
@@ -0,0 +1 @@
+oneshot
\ No newline at end of file
diff --git a/root/etc/s6-overlay/s6-rc.d/check-one-shot/up b/root/etc/s6-overlay/s6-rc.d/check-one-shot/up
new file mode 100644
index 0000000..310d23b
--- /dev/null
+++ b/root/etc/s6-overlay/s6-rc.d/check-one-shot/up
@@ -0,0 +1 @@
+exec /check-one-shot.sh
\ No newline at end of file
diff --git a/root/etc/s6-overlay/s6-rc.d/cron/dependencies.d/check-one-shot b/root/etc/s6-overlay/s6-rc.d/cron/dependencies.d/check-one-shot
new file mode 100644
index 0000000..e69de29