Flesh out cert handling a bit more

certs/certificate_manager.go

 type CertificateManager struct {
 	logger      *zap.SugaredLogger
 	directories []string
+	certs       map[string]*foundCertificate
 }
 
 type foundCertificate struct {
 	}
 }
 
+// AddDirectory adds a new directory to monitor
 func (c *CertificateManager) AddDirectory(directory string) {
 	c.directories = append(c.directories, directory)
 	go c.scanForFolders(directory)
 			switch parts := strings.Split(base, "-"); parts[0] {
 			case "cert":
 				cert.cert = path.Join(dir, f.Name())
-				if f.ModTime().After(cert.modTime) {
-					cert.modTime = f.ModTime()
-				}
 			case "chain":
 				cert.chain = path.Join(dir, f.Name())
-				if f.ModTime().After(cert.modTime) {
-					cert.modTime = f.ModTime()
-				}
 			case "fullchain":
 				cert.fullChain = path.Join(dir, f.Name())
-				if f.ModTime().After(cert.modTime) {
-					cert.modTime = f.ModTime()
-				}
 			case "privkey":
 				cert.privateKey = path.Join(dir, f.Name())
-				if f.ModTime().After(cert.modTime) {
-					cert.modTime = f.ModTime()
-				}
+			default:
+				continue
+			}
+
+			if f.ModTime().After(cert.modTime) {
+				cert.modTime = f.ModTime()
 			}
 		}
 	}
 
+	c.maybeAddCert(vhost, cert)
+}
+
+func (c *CertificateManager) maybeAddCert(vhost string, cert foundCertificate) {
 	if len(cert.cert) > 0 && len(cert.chain) > 0 && len(cert.fullChain) > 0 && len(cert.privateKey) > 0 {
-		c.logger.Debugf("Found certificate files for %s in %s", vhost, dir)
+		if existing, ok := c.certs[vhost]; ok {
+			if cert.modTime.After(existing.modTime) {
+				c.logger.Debugf("Found newer certificate files for %s in %s", vhost, path.Dir(cert.cert))
+				c.certs[vhost] = &cert
+			}
+		} else {
+			c.logger.Debugf("Found new certificate files for %s in %s", vhost, path.Dir(cert.cert))
+			c.certs[vhost] = &cert
+		}
 	}
 }

dotege.go

 }
 
 func main() {
-	config := zap.NewDevelopmentConfig()
-	config.DisableCaller = true
-	config.DisableStacktrace = true
-	config.EncoderConfig.EncodeLevel = zapcore.CapitalColorLevelEncoder
-	config.OutputPaths = []string{"stdout"}
-	config.ErrorOutputPaths = []string{"stdout"}
-	logger, _ := config.Build()
+	zapConfig := zap.NewDevelopmentConfig()
+	zapConfig.DisableCaller = true
+	zapConfig.DisableStacktrace = true
+	zapConfig.EncoderConfig.EncodeLevel = zapcore.CapitalColorLevelEncoder
+	zapConfig.OutputPaths = []string{"stdout"}
+	zapConfig.ErrorOutputPaths = []string{"stdout"}
+	logger, _ := zapConfig.Build()
 	sugar := logger.Sugar()
 	sugar.Info("Dotege is starting")
 
 	done := monitorSignals()
 	containerChan := make(chan model.Container, 1)
 	expiryChan := make(chan string, 1)
-	labelConfig := model.LabelConfig{
-		Hostnames: "com.chameth.vhost",
+	config := model.Config{
+		Labels: model.LabelConfig{
+			Hostnames: "com.chameth.vhost",
+		},
+		DefaultCertActions:     model.COMBINE | model.FLATTEN,
+		DefaultCertDestination: "/data/certs/",
 	}
 
 	cli, err := client.NewEnvClient()
 	}
 
 	certMonitor := certs.NewCertificateManager(sugar)
-	certMonitor.AddDirectory("/certs/certs")
+	certMonitor.AddDirectory("/data/certrequests/certs")
 
 	templateGenerator := NewTemplateGenerator(sugar)
 	templateGenerator.AddTemplate(model.TemplateConfig{
 		Source:      "./templates/domains.txt.tpl",
-		Destination: "domains.txt",
+		Destination: "/data/certrequests/domains.txt",
 	})
 	templateGenerator.AddTemplate(model.TemplateConfig{
 		Source:      "./templates/haproxy.cfg.tpl",
 			case <-timer.C:
 				templateGenerator.Generate(Context{
 					Containers: containers,
-					Hostnames:  getHostnames(containers, labelConfig),
+					Hostnames:  getHostnames(containers, config),
 				})
 			}
 		}
 	}
 }
 
-func getHostnames(containers map[string]model.Container, config model.LabelConfig) (hostnames map[string]*model.Hostname) {
+func getHostnames(containers map[string]model.Container, config model.Config) (hostnames map[string]*model.Hostname) {
 	hostnames = make(map[string]*model.Hostname)
 	for _, container := range containers {
-		if label, ok := container.Labels[config.Hostnames]; ok {
+		if label, ok := container.Labels[config.Labels.Hostnames]; ok {
 			names := strings.Split(strings.Replace(label, ",", " ", -1), " ")
 			if hostname, ok := hostnames[names[0]]; ok {
 				hostname.Containers = append(hostname.Containers, container)
 			} else {
 				hostnames[names[0]] = &model.Hostname{
-					Name:         names[0],
-					Alternatives: make(map[string]bool),
-					Containers:   []model.Container{container},
+					Name:            names[0],
+					Alternatives:    make(map[string]bool),
+					Containers:      []model.Container{container},
+					CertActions:     config.DefaultCertActions,
+					CertDestination: config.DefaultCertDestination,
 				}
 			}
 			addAlternatives(hostnames[names[0]], names[1:])

model/model.go

 package model
 
+// CertActions define what will be done with a certificate
+type CertActions uint8
+
+// constants defining CertActions
+const (
+	// COMBINE the full chain and private key into one file
+	COMBINE CertActions = 1 << iota
+	// FLATTEN the directory structure so all files are in one dir
+	FLATTEN
+	// CHMOD the files so they are world readable (potentially dangerous!)
+	CHMOD
+)
+
 // Container models a docker container that is running on the system.
 type Container struct {
 	Id     string
 
 // Hostname describes a DNS name used for proxying, retrieving certificates, etc.
 type Hostname struct {
-	Name         string
-	Alternatives map[string]bool
-	Containers   []Container
+	Name            string
+	Alternatives    map[string]bool
+	Containers      []Container
+	CertActions     CertActions
+	CertDestination string
 }
 
 // Config is the user-definable configuration for Dotege.
 type Config struct {
-	Templates []TemplateConfig
-	Labels    LabelConfig
+	Templates              []TemplateConfig
+	Labels                 LabelConfig
+	DefaultCertActions     CertActions
+	DefaultCertDestination string
 }
 
 // TemplateConfig configures a single template for the generator.