Fix the Let's Encrypt renew hook script

Only copy over the certs to the prosody directory if it's the 5apps.com
wildcard, not for any 5apps.com subdomain

site-cookbooks/kosmos-base/recipes/letsencrypt.rb

@@ -24,21 +24,23 @@ systemctl reload nginx
 # Copy the prosody certificates and restart the server if it has been renewed
 # This is necessary because the prosody user doesn't have access to the
 # letsencrypt live folder
-echo "${RENEWED_DOMAINS}" | grep 5apps.com
+for domain in $RENEWED_DOMAINS; do
-if [ $? -ne 1 ]; then
+  case $domain in
-  cp "${RENEWED_LINEAGE}/fullchain.pem" /etc/prosody/certs/5apps.com.crt
+  # Do not copy over when renewing other 5apps.com domains
-  cp "${RENEWED_LINEAGE}/privkey.pem" /etc/prosody/certs/5apps.com.key
+  5apps.com)
-  cp "${RENEWED_LINEAGE}/fullchain.pem" /etc/prosody/certs/muc.5apps.com.crt
+    cp "${RENEWED_LINEAGE}/fullchain.pem" /etc/prosody/certs/5apps.com.crt
-  cp "${RENEWED_LINEAGE}/privkey.pem" /etc/prosody/certs/muc.5apps.com.key
+    cp "${RENEWED_LINEAGE}/privkey.pem" /etc/prosody/certs/5apps.com.key
-  cp "${RENEWED_LINEAGE}/fullchain.pem" /etc/prosody/certs/xmpp.5apps.com.crt
+    cp "${RENEWED_LINEAGE}/fullchain.pem" /etc/prosody/certs/muc.5apps.com.crt
-  cp "${RENEWED_LINEAGE}/privkey.pem" /etc/prosody/certs/xmpp.5apps.com.key
+    cp "${RENEWED_LINEAGE}/privkey.pem" /etc/prosody/certs/muc.5apps.com.key
-  chown prosody:prosody /etc/prosody/certs/*
+    cp "${RENEWED_LINEAGE}/fullchain.pem" /etc/prosody/certs/xmpp.5apps.com.crt
-  chmod 600 /etc/prosody/certs/*.key
+    cp "${RENEWED_LINEAGE}/privkey.pem" /etc/prosody/certs/xmpp.5apps.com.key
-  chmod 640 /etc/prosody/certs/*.crt
+    chown prosody:prosody /etc/prosody/certs/*
-  systemctl restart prosody
+    chmod 600 /etc/prosody/certs/*.key
-else
+    chmod 640 /etc/prosody/certs/*.crt
-  exit 0
+    systemctl restart prosody
-fi
+    ;;
+  esac
+done
 EOF
 
 file "/usr/local/bin/letsencrypt_renew_hook" do