refresh postgresql certs

2022-09-11 17:10:54 +02:00 · 2022-09-11 17:10:54 +02:00 · f7963a4e05
parent 0c951ef050
commit f7963a4e05
1 changed files with 23 additions and 3 deletions
--- a/letsencrypt_renew/Makefile
+++ b/letsencrypt_renew/Makefile
@ -5,15 +5,17 @@ NGINX_RELOAD=$(WD)/nginx_reload
 PROSODY_IMPORT=$(WD)/prosody_import
 PROSODY_RELOAD=$(WD)/prosody_reload

-.PHONY: all
+.PHONY: all refresh_pg force

-all: $(RENEW) $(NGINX_RELOAD) $(PROSODY_RELOAD)
+all: $(RENEW) $(NGINX_RELOAD) $(PROSODY_RELOAD) refresh_pg
+
+LETSENCRYPT_PATH=/srv/letsencrypt

 ################################################################################

 LETSENCRYPT_COMPOSE_FILE=/srv/services/letsencrypt/docker-compose.yml

-$(RENEW):
+$(RENEW): force
 	mkdir -p $(@D)
 	docker-compose \
 		--file $(LETSENCRYPT_COMPOSE_FILE) \
@ -51,3 +53,21 @@ $(PROSODY_RELOAD): $(PROSODY_IMPORT)
 		exec prosody \
 		prosodyctl reload
 	touch $@
+
+################################################################################
+
+PG_DOMAIN=pg.caladan.monotremata.xyz
+PG_SSL_PATH=/srv/volumes/postgres/ssl
+
+$(LETSENCRYPT_PATH)/live/$(PG_DOMAIN)/fullchain.pem: $(SYNC)
+$(LETSENCRYPT_PATH)/live/$(PG_DOMAIN)/privkey.pem: $(SYNC)
+
+$(PG_SSL_PATH)/server.crt: $(LETSENCRYPT_PATH)/live/$(PG_DOMAIN)/fullchain.pem
+	mkdir -p $(@D)
+	rsync --copy-links $< $@
+
+$(PG_SSL_PATH)/server.key: $(LETSENCRYPT_PATH)/live/$(PG_DOMAIN)/privkey.pem
+	mkdir -p $(@D)
+	rsync --copy-links $< $@
+
+refresh_pg: $(PG_SSL_PATH)/server.crt $(PG_SSL_PATH)/server.key