Moved from ini to toml, fixed installation and new-domain permissions issues

config.go

@@ -1,6 +1,7 @@
 package main
 
 import (
+	"bytes"
 	"errors"
 	"fmt"
 	"log"
@@ -9,6 +10,7 @@ import (
 	"strings"
 	"sync"
 
+	"github.com/google/uuid"
 	"github.com/spf13/viper"
 )
 
@@ -76,7 +78,7 @@ var (
 func LoadConfig(path string) error {
 	config = viper.New()
 	config.SetConfigFile(path)
-	config.SetConfigType("ini")
+	config.SetConfigType("toml")
 	return config.ReadInConfig()
 }
 
@@ -98,7 +100,7 @@ func LoadDomainConfigs() error {
 		path := filepath.Join(dir, entry.Name())
 		v := viper.New()
 		v.SetConfigFile(path)
-		v.SetConfigType("ini")
+		v.SetConfigType("toml")
 
 		if err := v.ReadInConfig(); err != nil {
 			return fmt.Errorf("loading %s: %w", path, err)
@@ -124,13 +126,35 @@ func LoadDomainConfigs() error {
 //  Saving
 // ---------------------------------------------------------------------------
 
+func WriteConfig(filePath string, config *viper.Viper) error {
+	var buf bytes.Buffer
+	if err := config.WriteConfigTo(&buf); err != nil {
+		return fmt.Errorf("marshal config: %w", err)
+	}
+
+	if err := os.WriteFile(filePath, buf.Bytes(), 0640); err != nil {
+		return fmt.Errorf("write config file: %w", err)
+	}
+	return nil
+}
+
+func WriteMainConfig() error {
+	return WriteConfig("/etc/certman/certman.conf", config)
+}
+
+func WriteDomainConfig(config *viper.Viper) error {
+	return WriteConfig(config.GetString("Domain.domain_name"), config)
+}
+
 // SaveDomainConfigs writes every loaded domain config back to disk.
-func SaveDomainConfigs() {
+func SaveDomainConfigs() error {
 	for domain, v := range domainStore.Snapshot() {
-		if err := v.WriteConfig(); err != nil {
-			fmt.Printf("Error saving domain config %s: %v\n", domain, err)
+		err := WriteConfig("/etc/certman/domains/"+domain+".conf", v)
+		if err != nil {
+			return err
 		}
 	}
+	return nil
 }
 
 // ---------------------------------------------------------------------------
@@ -217,8 +241,11 @@ func makeDirs() {
 }
 
 func createNewConfig(mode string) {
-	content := strings.NewReplacer("{mode}", mode).Replace(defaultConfig)
-	createFile("/etc/certman/certman.conf", 640, []byte(content))
+	content := strings.NewReplacer(
+		"{mode}", mode,
+		"{uuid}", uuid.New().String(),
+	).Replace(defaultConfig)
+	createFile("/etc/certman/certman.conf", 0640, []byte(content))
 }
 
 func createNewDomainConfig(domain string) error {
@@ -259,52 +286,49 @@ func createNewDomainCertsDir(domain string, dir string, dirOverride bool) {
 // ---------------------------------------------------------------------------
 
 const defaultConfig = `[App]
-mode = {mode}
+mode = "{mode}"
 tick_rate = 2
+uuid = "{uuid}"
 
 [Git]
-host = gitea
-server = https://gitea.instance.com
-username = user
-api_token = xxxxxxxxxxxxxxxxxxxxxxxxx
-org_name = org
+host = "gitea"
+server = "https://gitea.instance.com"
+username = "user"
+api_token = "xxxxxxxxxxxxxxxxxxxxxxxxx"
+org_name = "org"
 
 [Certificates]
-email = user@example.com
-data_root = /var/local/certman
-ca_dir_url = https://acme-v02.api.letsencrypt.org/directory
+email = "user@example.com"
+data_root = "/var/local/certman"
+ca_dir_url = "https://acme-v02.api.letsencrypt.org/directory"
 
 [Cloudflare]
-cf_email = email@example.com
-cf_api_key = xxxxxxxxxxxxxxxxxxxxxxxxxxxx
+cf_email = "email@example.com"
+cf_api_key = "xxxxxxxxxxxxxxxxxxxxxxxxxxxx"
 `
 
 const defaultDomainConfig = `[Domain]
-domain_name = {domain}
+domain_name = "{domain}"
 enabled = true
-dns_server = default
-
+dns_server = "default"
 
 [Certificates]
-data_root = 
+data_root = ""
 expiry = 90
-request_method = dns-01
+request_method = "dns-01"
 renew_period = 30
-
-subdomains =
-cert_symlink =
-key_symlink = 
-crypto_key = {key}
-
+subdomains = []
+cert_symlinks = []
+key_symlinks = []
+crypto_key = "{key}"
 
 [Repo]
-repo_suffix = -certificates
-
+repo_suffix = "-certificates"
 
 [Internal]
 last_issued = 0
 repo_exists = false
-status = clean
+status = "clean"
 `
 
 const readme = ``