From 68ecb7a64d31b39dac03452cadb4848132998e11 Mon Sep 17 00:00:00 2001
From: Michael Kuron <m.kuron@gmx.de>
Date: Thu, 22 Jun 2017 20:34:54 +0200
Subject: [PATCH 1/3] ACME: support CNAME in domain checks

---
 data/Dockerfiles/acme/docker-entrypoint.sh | 6 +++---
 docker-compose.yml                         | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/data/Dockerfiles/acme/docker-entrypoint.sh b/data/Dockerfiles/acme/docker-entrypoint.sh
index a02e2d57..d35f3c63 100755
--- a/data/Dockerfiles/acme/docker-entrypoint.sh
+++ b/data/Dockerfiles/acme/docker-entrypoint.sh
@@ -53,7 +53,7 @@ while true; do
 	done < <(mysql -h mysql-mailcow -u ${DBUSER} -p${DBPASS} ${DBNAME} -e "SELECT domain FROM domain" -Bs)
 
 	for SQL_DOMAIN in "${SQL_DOMAIN_ARR[@]}"; do
-		A_CONFIG=$(dig A autoconfig.${SQL_DOMAIN} +short)
+		A_CONFIG=$(dig A autoconfig.${SQL_DOMAIN} +short | tail -n 1)
 		if [[ ! -z ${A_CONFIG} ]]; then
 			echo "Found A record for autoconfig.${SQL_DOMAIN}: ${A_CONFIG}"
 			if [[ ${IPV4} == ${A_CONFIG} ]]; then
@@ -66,7 +66,7 @@ while true; do
 			echo "No A record for autoconfig.${SQL_DOMAIN} found"
 		fi
 
-        A_DISCOVER=$(dig A autodiscover.${SQL_DOMAIN} +short)
+        A_DISCOVER=$(dig A autodiscover.${SQL_DOMAIN} +short | tail -n 1)
 		if [[ ! -z ${A_DISCOVER} ]]; then
 			echo "Found A record for autodiscover.${SQL_DOMAIN}: ${A_CONFIG}"
 			if [[ ${IPV4} == ${A_DISCOVER} ]]; then
@@ -81,7 +81,7 @@ while true; do
 	done
 
 	for SAN in "${ADDITIONAL_SAN_ARR[@]}"; do
-		A_SAN=$(dig A ${SAN} +short)
+		A_SAN=$(dig A ${SAN} +short | tail -n 1)
 		if [[ ! -z ${A_SAN} ]]; then
 			echo "Found A record for ${SAN}: ${A_SAN}"
 			if [[ ${IPV4} == ${A_SAN} ]]; then
diff --git a/docker-compose.yml b/docker-compose.yml
index 900c1dda..ade39b40 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -284,7 +284,7 @@ services:
     acme-mailcow:
       depends_on:
         - nginx-mailcow
-      image: mailcow/acme:1.1
+      image: mailcow/acme:1.2
       build: ./data/Dockerfiles/acme
       dns:
         - 172.22.1.254

From fecb62e201070e6d716f9066ab86a85ae7351e39 Mon Sep 17 00:00:00 2001
From: andryyy <andre.peters@debinux.de>
Date: Thu, 22 Jun 2017 21:31:14 +0200
Subject: [PATCH 2/3] Fix skip le test...

---
 data/Dockerfiles/acme/docker-entrypoint.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/data/Dockerfiles/acme/docker-entrypoint.sh b/data/Dockerfiles/acme/docker-entrypoint.sh
index d35f3c63..ec7989ed 100755
--- a/data/Dockerfiles/acme/docker-entrypoint.sh
+++ b/data/Dockerfiles/acme/docker-entrypoint.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-if [[ ! "${SKIP_LETS_ENCRYPT}" =~ ^([yY][eE][sS]|[yY])+$ ]]; then
+if [[ "${SKIP_LETS_ENCRYPT}" =~ ^([yY][eE][sS]|[yY])+$ ]]; then
     echo "Skipping Let's Encrypt..."
     exit 0
 fi

From f36cfd8494239a9c9ee0352099ff7fe91bb553e9 Mon Sep 17 00:00:00 2001
From: andryyy <andre.peters@debinux.de>
Date: Thu, 22 Jun 2017 21:44:10 +0200
Subject: [PATCH 3/3] Move account key

---
 data/Dockerfiles/acme/docker-entrypoint.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/data/Dockerfiles/acme/docker-entrypoint.sh b/data/Dockerfiles/acme/docker-entrypoint.sh
index ec7989ed..039f73da 100755
--- a/data/Dockerfiles/acme/docker-entrypoint.sh
+++ b/data/Dockerfiles/acme/docker-entrypoint.sh
@@ -101,6 +101,7 @@ while true; do
 		echo "Found orphaned SAN in certificate, moving old files to ${ACME_BASE}/acme/private/${DATE}/"
 		mkdir -p ${ACME_BASE}/acme/private/${DATE}/
 		mv ${ACME_BASE}/acme/private/privkey.pem ${ACME_BASE}/acme/private/${DATE}/
+		mv ${ACME_BASE}/acme/private/account.key ${ACME_BASE}/acme/private/${DATE}/
 		mv ${ACME_BASE}/acme/fullchain.pem ${ACME_BASE}/acme/private/${DATE}/
         mv ${ACME_BASE}/acme/cert.pem ${ACME_BASE}/acme/private/${DATE}/
 	fi