#! /bin/bash
set -e

# Add the custom LDAP certificate
if [ -e /conf/stack/ldap.crt ]
then
  cp /conf/stack/ldap.crt /usr/local/share/ca-certificates/ldap.crt
fi

# Add extra trusted certificates (as a directory)
if [ -d /conf/stack/extra_ca_certs ]; then
  if test $(ls -A "/conf/stack/extra_ca_certs"); then
      echo "Installing extra certificates found in /conf/stack/extra_ca_certs directory"
      cp /conf/stack/extra_ca_certs/* /usr/local/share/ca-certificates/
      cat /conf/stack/extra_ca_certs/* >> /venv/lib/python2.7/site-packages/requests/cacert.pem
  fi
fi

# Add extra trusted certificates (as a file)
if [ -f /conf/stack/extra_ca_certs ]; then
  echo "Installing extra certificates found in /conf/stack/extra_ca_certs file"
  csplit -z -f /usr/local/share/ca-certificates/extra-ca- /conf/stack/extra_ca_certs  '/-----BEGIN CERTIFICATE-----/' '{*}'
  cat /conf/stack/extra_ca_certs >> /venv/lib/python2.7/site-packages/requests/cacert.pem
fi

# Update all CA certificates.
update-ca-certificates