Create backup file during migration from ACME V1 to ACME V2

acme/localStore.go

@@ -46,38 +46,42 @@ func (s *LocalStore) Get() (*Account, error) {
 		if err := json.Unmarshal(file, &account); err != nil {
 			return nil, err
 		}
-
-		// Check if ACME Account is in ACME V1 format
-		if account != nil && account.Registration != nil {
-			isOldRegistration, err := regexp.MatchString(acme.RegistrationURLPathV1Regexp, account.Registration.URI)
-			if err != nil {
-				return nil, err
-			}
-
-			if isOldRegistration {
-				account.Email = ""
-				account.Registration = nil
-				account.PrivateKey = nil
-			}
-		}
 	}
 
 	return account, nil
 }
 
+// RemoveAccountV1Values removes ACME account V1 values
+func RemoveAccountV1Values(account *Account) error {
+	// Check if ACME Account is in ACME V1 format
+	if account != nil && account.Registration != nil {
+		isOldRegistration, err := regexp.MatchString(acme.RegistrationURLPathV1Regexp, account.Registration.URI)
+		if err != nil {
+			return err
+		}
+
+		if isOldRegistration {
+			account.Email = ""
+			account.Registration = nil
+			account.PrivateKey = nil
+		}
+	}
+	return nil
+}
+
 // ConvertToNewFormat converts old acme.json format to the new one and store the result into the file (used for the backward compatibility)
 func ConvertToNewFormat(fileName string) {
 	localStore := acme.NewLocalStore(fileName)
 
 	storeAccount, err := localStore.GetAccount()
 	if err != nil {
-		log.Warnf("Failed to read new account, ACME data conversion is not available : %v", err)
+		log.Errorf("Failed to read new account, ACME data conversion is not available : %v", err)
 		return
 	}
 
 	storeCertificates, err := localStore.GetCertificates()
 	if err != nil {
-		log.Warnf("Failed to read new certificates, ACME data conversion is not available : %v", err)
+		log.Errorf("Failed to read new certificates, ACME data conversion is not available : %v", err)
 		return
 	}
 
@@ -86,13 +90,25 @@ func ConvertToNewFormat(fileName string) {
 
 		account, err := localStore.Get()
 		if err != nil {
-			log.Warnf("Failed to read old account, ACME data conversion is not available : %v", err)
+			log.Errorf("Failed to read old account, ACME data conversion is not available : %v", err)
 			return
 		}
 
 		// Convert ACME data from old to new format
 		newAccount := &acme.Account{}
 		if account != nil && len(account.Email) > 0 {
+			err = backupACMEFile(fileName, account)
+			if err != nil {
+				log.Errorf("Unable to create a backup for the V1 formatted ACME file: %s", err.Error())
+				return
+			}
+
+			err = RemoveAccountV1Values(account)
+			if err != nil {
+				log.Errorf("Unable to remove ACME Account V1 values: %s", err.Error())
+				return
+			}
+
 			newAccount = &acme.Account{
 				PrivateKey:   account.PrivateKey,
 				Registration: account.Registration,
@@ -107,8 +123,8 @@ func ConvertToNewFormat(fileName string) {
 					Domain:      cert.Domains,
 				})
 			}
-			// If account is in the old format, storeCertificates is nil or empty
-			// and has to be initialized
+
+			// If account is in the old format, storeCertificates is nil or empty and has to be initialized
 			storeCertificates = newCertificates
 		}
 
@@ -119,7 +135,16 @@ func ConvertToNewFormat(fileName string) {
 	}
 }
 
-// FromNewToOldFormat converts new acme.json format to the old one (used for the backward compatibility)
+func backupACMEFile(originalFileName string, account interface{}) error {
+	// write account to file
+	data, err := json.MarshalIndent(account, "", "  ")
+	if err != nil {
+		return err
+	}
+	return ioutil.WriteFile(originalFileName+".bak", data, 0600)
+}
+
+// FromNewToOldFormat converts new acme account to the old one (used for the backward compatibility)
 func FromNewToOldFormat(fileName string) (*Account, error) {
 	localStore := acme.NewLocalStore(fileName)