#!/usr/bin/env python3

import json
import base64
import os

resolver_name = "myresolver"
domain_name = "oxmox.dev

# Read Traefik ACME JSON
with open("acme.json") as acme_file:
    acme = json.load(acme_file)
    # Select certificates from a specific resolver
    certificates = acme[resolver_name]["Certificates"]
    # Find the specific certificate we are looking for
    certificate = [certificate for certificate in certificates if domain_name in certificate["domain"].get("main", [])][0]
    # Extract X.509 certificate data
    certificate_data = base64.b64decode(certificate["certificate"])
    key_data = base64.b64decode(certificate["key"])
    # Export certificate and key to file
    with open("certificate.pem", "wb") as certfile:
        certfile.write(certificate_data)
        with open("key.pem", "wb") as keyfile:
            keyfile.write(key_data)

    os.chmod("certificate.pem", 0o600)
    os.chmod("key.pem", 0o600)