From 33da4e3f920515bb4341953a5f350fe83b9e8d59 Mon Sep 17 00:00:00 2001
From: Matthew Fennell <matthew@fennell.dev>
Date: Sun, 28 Dec 2025 19:42:04 +0000
Subject: Accept env argument from the terminal

This is used to determine the letsencrypt endpoint to hit.

I used to have a single variable for the endpoint, and I would uncomment the
prod or nonprod endpoint depending on the circumstances.

The two endpoints are given in separate variables in the config file:
acme_server_nonprod and acme_server_prod. Likewise, the renew_script variable
has been split into renew_script_nonprod and renew_script_prod. Choose between
them using the argument.
---
 renew-all | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/renew-all b/renew-all
index 8d1455a..9774c28 100755
--- a/renew-all
+++ b/renew-all
@@ -3,10 +3,15 @@
 #
 # SPDX-License-Identifier: AGPL-3.0-only
 
+import argparse
 import logging
 import subprocess
 import tomllib
 
+parser = argparse.ArgumentParser()
+parser.add_argument("--env", required=True, choices=["prod", "nonprod"])
+args = parser.parse_args()
+
 
 def main() -> None:
     with open("/etc/opt/acme/config.toml", "rb") as config_file:
@@ -31,11 +36,11 @@ def main() -> None:
                     "--dns",
                     domain["provider"],
                     "--server",
-                    config["acme_server_prod"],
+                    config[f"acme_server_{args.env}"],
                     "--dns.disable-cp",
                 ]
                 + subdomain_requests
-                + ["renew", "--renew-hook", domain["renew_script"]]
+                + ["renew", "--renew-hook", domain[f"renew_script_{args.env}"]]
             )
             environment = {
                 "DESEC_POLLING_INTERVAL": str(config["timeout_seconds"]),
-- 
cgit v1.2.3