+# Usage: --cleanup (-gc)
+# Description: Move unused certificate files to archive directory
+command_cleanup() {
+ load_config
+
+ # Create global archive directory if not existant
+ if [[ ! -e "${BASEDIR}/archive" ]]; then
+ mkdir "${BASEDIR}/archive"
+ fi
+
+ # Loop over all certificate directories
+ for certdir in "${BASEDIR}/certs/"*; do
+ # Skip if entry is not a folder
+ [[ -d "${certdir}" ]] || continue
+
+ # Get certificate name
+ certname="$(basename "${certdir}")"
+
+ # Create certitifaces archive directory if not existant
+ archivedir="${BASEDIR}/archive/${certname}"
+ if [[ ! -e "${archivedir}" ]]; then
+ mkdir "${archivedir}"
+ fi
+
+ # Loop over file-types (certificates, keys, signing-requests, ...)
+ for filetype in cert.csr cert.pem chain.pem fullchain.pem privkey.pem; do
+ # Skip if symlink is broken
+ [[ -r "${certdir}/${filetype}" ]] || continue
+
+ # Look up current file in use
+ current="$(basename "$(readlink "${certdir}/${filetype}")")"
+
+ # Split filetype into name and extension
+ filebase="$(echo "${filetype}" | cut -d. -f1)"
+ fileext="$(echo "${filetype}" | cut -d. -f2)"
+
+ # Loop over all files of this type
+ for file in "${certdir}/${filebase}-"*".${fileext}"; do
+ # Handle case where no files match the wildcard
+ [[ -f "${file}" ]] || break
+
+ # Check if current file is in use, if unused move to archive directory
+ filename="$(basename "${file}")"
+ if [[ ! "${filename}" = "${current}" ]]; then
+ echo "Moving unused file to archive directory: ${certname}/${filename}"
+ mv "${certdir}/${filename}" "${archivedir}/${filename}"
+ fi
+ done
+ done
+ done
+
+ exit 0
+}
+