Option to remove pinning for a domain

src/freedombone-pin-cert

@@ -54,7 +54,7 @@ function pin_all_certs {
 
                         PIN_HEADER="Public-Key-Pins 'pin-sha256=\"${KEY_HASH}\"; pin-sha256=\"${BACKUP_KEY_HASH}\"; max-age=5184000; includeSubDomains';"
                         sed -i "s|Public-Key-Pins.*|${PIN_HEADER}|g" $file
-                        echo "Pinned $DOMAIN_NAME with keys $KEY_HASH $BACKUP_KEY_HASH"
+                        echo $"Pinned $DOMAIN_NAME with keys $KEY_HASH $BACKUP_KEY_HASH"
                     fi
                 fi
             fi
@@ -69,14 +69,28 @@ if [[ $1 == "all" ]]; then
 fi
 
 DOMAIN_NAME=$1
+REMOVE=$2
 KEY_FILENAME=/etc/ssl/private/${DOMAIN_NAME}.key
 BACKUP_KEY_FILENAME=/etc/ssl/certs/${DOMAIN_NAME}.pem
 SITE_FILENAME=$WEBSITES_DIRECTORY/${DOMAIN_NAME}
 
+if [ ! ${DOMAIN_NAME} ]; then
+    exit 0
+fi
+
 if [ ! -f "$SITE_FILENAME" ]; then
     exit 0
 fi
 
+if [[ $REMOVE == "remove" ]]; then
+    if grep -q "Public-Key-Pins" $SITE_FILENAME; then
+        sed -i "/Public-Key-Pins/d" $SITE_FILENAME
+        echo $"Removed pinning for ${DOMAIN_NAME}"
+        systemctl restart nginx
+    fi
+    exit 0
+fi
+
 if [ ! -f "$KEY_FILENAME" ]; then
     echo $"No private key certificate found for $DOMAIN_NAME"
     exit 1