#!/bin/sh
if [ -z "$1" ]; then
  echo "Please add the hostname of the Docker Container Name where the Container Should Create a Cert for"
  echo "like: $0 protonmail-bridge"
  exit 1
fi

# 1. choose the hostname(s) you will actually type into your mail client
HOSTS="$1,localhost,127.0.0.1"

# 2. build the openssl SAN string automatically
SAN=$(echo "$HOSTS" | tr ',' '\n' \
  | sed -e 's/^[0-9.]*$/IP:&/' -e 's/^[^0-9.]*$/DNS:&/' \
  | paste -sd,)

# 3. generate key + cert in one shot
openssl req -newkey rsa:2048 -nodes -keyout key.pem -x509 -days 3650 \
  -out cert.pem -subj '/CN=protonmail-bridge' \
  -addext "subjectAltName=$SAN"

# 4. quick sanity-check
openssl x509 -in cert.pem -text -noout | grep -A1 "Subject Alternative"