Shell linting

https://github.com/koalaman/shellcheck/wiki

start.sh:
Fix SC2173 on line 14.

letsencrypt_service:
Ignore SC2120 and SC1090.
Fix SC1087 on line 54, SC2068 on lines 54 and 124.
Fix SC2034 on lines 12, 13, 19 and 20.
+ use pushd / popd to change the CWD back to /etc/nginx/certs after simp_le execution.

functions.sh:
Ignore SC2155.
Add the missing shebang.

entrypoint.sh:
Ignore SC2155.

app/entrypoint.sh

@@ -1,4 +1,5 @@
 #!/bin/bash
+# shellcheck disable=SC2155
 
 set -u
 

app/functions.sh

@@ -1,3 +1,6 @@
+#!/bin/bash
+# shellcheck disable=SC2155
+
 [[ -z "${VHOST_DIR:-}" ]] && \
  declare -r VHOST_DIR=/etc/nginx/vhost.d
 [[ -z "${START_HEADER:-}" ]] && \

app/letsencrypt_service

@@ -1,4 +1,5 @@
 #!/bin/bash
+# shellcheck disable=SC2120
 
 DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
 
@@ -9,15 +10,15 @@ DEFAULT_KEY_SIZE=4096
 source /app/functions.sh
 
 create_link() {
-    local readonly target=${1?missing target argument}
-    local readonly source=${2?missing source argument}
+    local -r target=${1?missing target argument}
+    local -r source=${2?missing source argument}
     [[ -f "$target" ]] && return 1
     ln -sf "$source" "$target"
 }
 
 create_links() {
-    local readonly base_domain=${1?missing base_domain argument}
-    local readonly domain=${2?missing base_domain argument}
+    local -r base_domain=${1?missing base_domain argument}
+    local -r domain=${2?missing base_domain argument}
 
     if [[ ! -f "/etc/nginx/certs/$base_domain"/fullchain.pem || \
           ! -f "/etc/nginx/certs/$base_domain"/key.pem ]]; then
@@ -44,6 +45,7 @@ update_certs() {
 
     # Load relevant container settings
     unset LETSENCRYPT_CONTAINERS
+    # shellcheck source=/dev/null
     source "$DIR"/letsencrypt_service_data
 
     reload_nginx='false'
@@ -51,7 +53,7 @@ update_certs() {
         # Derive host and email variable names
         host_varname="LETSENCRYPT_${cid}_HOST"
         # Array variable indirection hack: http://stackoverflow.com/a/25880676/350221
-        hosts_array=$host_varname[@]
+        hosts_array="${host_varname}[@]"
         email_varname="LETSENCRYPT_${cid}_EMAIL"
 
         keysize_varname="LETSENCRYPT_${cid}_KEYSIZE"
@@ -101,7 +103,7 @@ update_certs() {
 
         # Create directory for the first domain
         mkdir -p /etc/nginx/certs/$base_domain
-        cd /etc/nginx/certs/$base_domain
+        pushd /etc/nginx/certs/$base_domain
 
         for domain in "${!hosts_array}"; do
             # Add all the domains to certificate
@@ -121,7 +123,9 @@ update_certs() {
 
         simp_le_return=$?
 
-        for altnames in ${hosts_array_expanded[@]:1}; do
+        popd
+
+        for altnames in "${hosts_array_expanded[@]:1}"; do
             # Remove old CN domain that now are altnames
             rm -rf /etc/nginx/certs/$altnames
         done

app/start.sh

@@ -11,7 +11,7 @@ term_handler() {
     exit 143; # 128 + 15 -- SIGTERM
 }
 
-trap 'term_handler' INT QUIT KILL TERM
+trap 'term_handler' INT QUIT TERM
 
 /app/letsencrypt_service &
 letsencrypt_service_pid=$!