From 07b67bc72f7d19387423ca5d23e01229a3ffdcda Mon Sep 17 00:00:00 2001
From: FluxST <st@runonflux.io>
Date: Sun, 10 Sep 2023 00:19:15 +0800
Subject: [PATCH] fix(cert): write header before checking cert exists

---
 src/services/domain/cert.js | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/src/services/domain/cert.js b/src/services/domain/cert.js
index 68cf438..91a0409 100644
--- a/src/services/domain/cert.js
+++ b/src/services/domain/cert.js
@@ -45,15 +45,22 @@ certbot renew --force-renewal --http-01-port=8787 --preferred-challenges http
   try {
     await fs.readFile(path);
     const autoRenewScript = await fs.readFile(path, { encoding: 'utf-8' });
-    const cert = `bash -c "cat /etc/letsencrypt/live/${domain}/fullchain.pem /etc/letsencrypt/live/${domain}/privkey.pem > /etc/ssl/${config.certFolder}/${domain}.pem"`;
-    if (autoRenewScript.includes(cert)) {
-      return;
-    }
     // split the contents by new line
     const lines = autoRenewScript.split(/\r?\n/);
     if (!autoRenewScript.startsWith(header)) {
       lines.splice(0, 0, header);
+      await fs.writeFile(path, lines.join('\n'), {
+        mode: 0o755,
+        flag: 'w',
+        encoding: 'utf-8',
+      });
+    }
+
+    const cert = `bash -c "cat /etc/letsencrypt/live/${domain}/fullchain.pem /etc/letsencrypt/live/${domain}/privkey.pem > /etc/ssl/${config.certFolder}/${domain}.pem"`;
+    if (autoRenewScript.includes(cert)) {
+      return;
     }
+
     lines.splice(6, 0, cert); // push cert to top behind #Concatenate...
     const file = lines.join('\n');
     await fs.writeFile(path, file, {