From b192b81096a164594cc515d1947a1367b2ed3bce Mon Sep 17 00:00:00 2001
From: "Zed A. Shaw" <zed.shaw@gmail.com>
Date: Wed, 18 Feb 2026 13:01:34 -0500
Subject: [PATCH] Have the basics working, just need to get the
 copy/chown/reload working.

---
 main.go           | 68 +++++++++++++++++++++++++++++++++++++++++++----
 test/fakepriv.pem |  2 +-
 2 files changed, 64 insertions(+), 6 deletions(-)

diff --git a/main.go b/main.go
index 486a33d..0ebff87 100644
--- a/main.go
+++ b/main.go
@@ -6,6 +6,8 @@ import (
   "log"
   "os"
   "encoding/json"
+  "time"
+  "path/filepath"
 )
 
 type Cert struct {
@@ -18,6 +20,9 @@ type Config struct {
   Source Cert
   Target Cert
   Reload string
+  WatchDelay string
+  watcher *fsnotify.Watcher
+  delay_time time.Duration
 }
 
 func LoadConfig(path string) Config {
@@ -33,6 +38,11 @@ func LoadConfig(path string) Config {
     log.Fatal(err, "json format error")
   }
 
+  config.delay_time, err = time.ParseDuration(config.WatchDelay)
+  if err != nil {
+    log.Fatalf("can't parse watch_delay setting %s: %v", config.WatchDelay, err)
+  }
+
   return config
 }
 
@@ -45,16 +55,64 @@ func ParseOpts() Config {
   return LoadConfig(config_file)
 }
 
-func main() {
-  config := ParseOpts()
+func (cfg *Config) SyncCerts() {
+  log.Println("SYNC CERTS CALLED");
+}
 
-  watcher, err := fsnotify.NewWatcher()
+func (cfg *Config) HandleEvents() {
+  doit := time.NewTimer(cfg.delay_time)
+  doit.Stop()
+
+  for { 
+    select {
+    case event, ok := <-cfg.watcher.Events:
+      if !ok {
+        return
+      }
+
+      log.Println("EVENT", event)
+
+      if event.Name == cfg.Source.PrivateKey {
+        doit.Reset(cfg.delay_time)
+      }
+    case <-doit.C:
+      cfg.SyncCerts()
+    case err, ok := <-cfg.watcher.Errors:
+      if !ok {
+        return
+      }
+
+      log.Println("failed to watch", err)
+    }
+  }
+}
+
+func (cfg *Config) WatchFiles() {
+  var err error
+
+  cfg.watcher, err = fsnotify.NewWatcher()
   if err != nil {
     log.Fatal(err, "Can't watch files.")
   }
+  defer cfg.watcher.Close()
+
+  go cfg.HandleEvents()
+
+  cfg.Source.PrivateKey, err = filepath.Abs(cfg.Source.PrivateKey)
+  if err != nil {
+    log.Fatalf("can't convert %s to absolut path: %v",
+      cfg.Source.PrivateKey, err)
+  }
 
-  err = watcher.Add(config.Source.PrivateKey)
+  err = cfg.watcher.Add(cfg.Source.PrivateKey)
   if err != nil {
-    log.Fatalf("can't watch %s: %v", err, config.Source.PrivateKey)
+    log.Fatalf("can't watch %s: %v", err, cfg.Source.PrivateKey)
   }
+
+  <-make(chan struct{})
+}
+
+func main() {
+  config := ParseOpts()
+  config.WatchFiles()
 }
diff --git a/test/fakepriv.pem b/test/fakepriv.pem
index dda444a..e836190 100644
--- a/test/fakepriv.pem
+++ b/test/fakepriv.pem
@@ -1 +1 @@
-This is fake.
+Wed Feb 18 12:57:08 EST 2026