Improve certificates

Add msrg.cc domain for xmpp on wiuwiu.de
Add sourcing of service.env

roles/lego/files/lego.sh

@@ -1,5 +1,9 @@
 #!/usr/bin/env sh
 
+set -a
+. ./service.env
+set +a
+
 domain="$1"
 action="${2:-renew}"
 

roles/lego/files/node002/db.serguzim.me

@@ -2,15 +2,15 @@
 
 domain="db.serguzim.me"
 
-docker compose run --rm app "$1" "$domain"
-
 _install() {
   install --owner=postgres --group=postgres --mode=600 \
-	  "/opt/services/_certificates/$domain.$1" \
-	  "/var/lib/postgresql/server.$1"
+	  "$CERTIFICATES_PATH/$domain.$1" \
+	  "/var/lib/postgres/data/server.$1"
 }
 
 _install crt
 _install key
 
 sudo -u postgres pg_ctl -D /var/lib/postgres/data/ reload
+
+# vim: ft=sh

roles/lego/files/node002/msrg.cc

@@ -0,0 +1,18 @@
+#!/usr/bin/env sh
+
+domain="msrg.cc"
+
+tmpdir=$(mktemp -d)
+trap 'rm -rf $tmpdir' EXIT
+
+cp "$CERTIFICATES_PATH/$domain.crt" "$tmpdir/fullchain.pem"
+cp "$CERTIFICATES_PATH/$domain.key" "$tmpdir/privkey.pem"
+
+curl \
+	-F submit="submit" \
+	-F token="$WIUWIU_TOKEN" \
+	-F "cert=@$tmpdir/fullchain.pem" \
+	-F "key=@$tmpdir/privkey.pem" \
+	https://cert-upload.wiuwiu.de/
+
+# vim: ft=sh

roles/lego/files/node002/registry.serguzim.me

@@ -2,11 +2,9 @@
 
 domain="registry.serguzim.me"
 
-docker compose run --rm app "$1" "$domain"
-
 _install() {
   install --owner=root --group=root --mode=600 \
-	  "/opt/services/_certificates/$domain.$1" \
+	  "$CERTIFICATES_PATH/$domain.$1" \
 	  "/opt/services/harbor/server.$1"
 }
 
@@ -14,4 +12,6 @@ _install crt
 _install key
 
 export HARBOR_BUNDLE_DIR=/opt/services/harbor
-$HARBOR_BUNDLE_DIR/data/install.sh
+$HARBOR_BUNDLE_DIR/harbor/install.sh
+
+# vim: ft=sh