New version of create certificates

deploy-this/lets-encrypt/lets-encrypt-create-cert.jenkinsfile

@@ -1,14 +1,82 @@
 def domainsToCert = [  
 
     [ false, 'bodypainter.eu', "www", "mail", "stat"], 
-    [ false, 'themself.eu', "www", "mail", "stat", "massage", "driving" ], 
+    [ false, 'themself.eu', "www", "mail", "stat", "massage", "driving", "kopama" ], 
 
 	[  false, "artiks.tk", "www", "mail", "api", "angular",  "bodypainter", "themself","arti24"],
 	[  false, "arti24.eu", "www",  "api", "angular",  "ai",  "job-finder", "zaklik"]
 	   // [ false, 'artikus.dynu.net', "mail", "stat", "www", "nextcloud" ]
 ] 
 
-def createCert(domains, repo){
+def createCert(domains, repo) {
+    echo "Server ENV = ${SERVER_ENV}"
+    echo "Cerbot image = ${CERTBOT_IMAGE}"
+
+    def toCreateDomains = []
+
+    for (domain in domains) {
+        def force = domain[0]
+        def name = domain[1]
+        def fileName = '/_docker_data_/letsencrypt/live/' + name + '/cert.pem'
+        
+        // Get current domains from certificate if it exists
+        def currentDomains = []
+        if (fileExists(fileName)) {
+            def certInfo = sh(script: "openssl x509 -in ${fileName} -text -noout | grep -o 'DNS:[^,]*' | sed 's/DNS://g'", returnStdout: true).trim()
+            currentDomains = certInfo.split('\n').collect { it.trim() }
+        }
+        
+        // Prepare expected domains
+        def expectedDomains = [name]
+        for (int i = 2; i < domain.size(); i++) {
+            expectedDomains.add(domain[i] + "." + name)
+        }
+        
+        // Check if we need to create/renew
+        def needsRenewal = force || 
+                         !fileExists(fileName) || 
+                         currentDomains.size() != expectedDomains.size() || 
+                         !currentDomains.containsAll(expectedDomains)
+        
+        if (needsRenewal) {
+            echo "Certificate for '${name}' needs renewal (force: ${force}, missing domains: ${expectedDomains - currentDomains})"
+            toCreateDomains.add(domain)
+        } else {
+            echo "Certificate for '${name}' is up to date with all domains"
+        }
+    }
+    
+    echo "Certificates to create/renew: ${toCreateDomains.collect { it[1] }}"
+    
+    if (toCreateDomains.isEmpty()) {
+        echo "All certificates are up to date. Nothing to create/renew."
+    } else {
+        def lets_encrypt = "docker compose --file lets-encrypt.yml --env-file lets.env "
+        
+        dir("/_programs_/" + repo + "/deploy-this/lets-encrypt") {
+            for (domain in toCreateDomains) {
+                def name = domain[1]
+                
+                def run = " run --rm certbot certonly" +
+                         " --webroot -w /var/www/certbot" +
+                         " --cert-name='" + name + "'" +
+                         " --non-interactive --agree-tos" +
+                         " --preferred-challenges http" +
+                         " --email kusartur@gmail.com" +
+                         " -d " + name
+                
+                for (int indexSub = 2; indexSub < domain.size(); indexSub++) {
+                    def subDomain = domain[indexSub]
+                    run = run + " -d " + subDomain + "." + name
+                }
+                
+                sh(lets_encrypt + run)
+            }
+        }
+    }
+}
+
+def createCertOld(domains, repo){
 
 	echo "Server ENV = ${SERVER_ENV}"
     echo "Cerbot image = ${CERTBOT_IMAGE} "