42 lines
1.4 KiB
Bash
Executable file
42 lines
1.4 KiB
Bash
Executable file
#!/usr/bin/env sh
|
|
|
|
LEGO_WORKING_PATH="/opt/services/.lego/"
|
|
|
|
set -e
|
|
|
|
domain="$1"
|
|
|
|
action="$2" # either "run" or "renew"
|
|
if [ -z "$action" ] || [ -z "$domain" ]; then
|
|
echo "Usage: $0 <domain> <run|renew>"
|
|
exit 1
|
|
fi
|
|
if [ "$action" != "run" ] && [ "$action" != "renew" ]; then
|
|
echo "Usage: $0 <domain> <run|renew>"
|
|
exit 1
|
|
fi
|
|
|
|
export ACME_DNS_API_BASE="https://acme.serguzim.me/"
|
|
export ACME_DNS_STORAGE_PATH="$LEGO_WORKING_PATH/acme-dns.json"
|
|
|
|
lego -a --email "tobias@msrg.cc" \
|
|
--path "$LEGO_WORKING_PATH" \
|
|
--dns "acme-dns" \
|
|
--domains "$domain" \
|
|
"$action"
|
|
|
|
# Copy registry.serguzim.me files to harbor data directory
|
|
if [ "$domain" = "registry.serguzim.me" ]; then
|
|
echo "Deploying certificates for registry.serguzim.me"
|
|
sudo cp "$LEGO_WORKING_PATH/certificates/registry.serguzim.me.crt" /opt/services/harbor/data/secret/cert/server.crt
|
|
sudo cp "$LEGO_WORKING_PATH/certificates/registry.serguzim.me.key" /opt/services/harbor/data/secret/cert/server.key
|
|
fi
|
|
|
|
# Copy db.serguzim.me files to postgresql data directory
|
|
if [ "$domain" = "db.serguzim.me" ]; then
|
|
echo "Deploying certificates for db.serguzim.me"
|
|
sudo cp "$LEGO_WORKING_PATH/certificates/db.serguzim.me.crt" /var/lib/postgres/data/server.crt
|
|
sudo cp "$LEGO_WORKING_PATH/certificates/db.serguzim.me.key" /var/lib/postgres/data/server.key
|
|
sudo -u postgres pg_ctl -D /var/lib/postgres/data/ reload
|
|
fi
|