87 lines
2.2 KiB
Plaintext
Executable File
87 lines
2.2 KiB
Plaintext
Executable File
dag := justfile_directory()
|
|
|
|
run:
|
|
make --directory "{{dag}}"
|
|
|
|
render:
|
|
make --file ../../common/render-dag.make
|
|
|
|
acme_data_dir := "/mnt/docker_volumes/acmesh/data"
|
|
domain := "monotremata.xyz"
|
|
certs_path := "/srv/certs/acme"
|
|
hetzner_token := `cat /srv/secrets/hetzner_token`
|
|
|
|
acmesh *args:
|
|
docker run --rm -it \
|
|
-v {{acme_data_dir}}:/acme.sh \
|
|
-v {{certs_path}}:/certs \
|
|
-e "HETZNER_Token={{hetzner_token}}" \
|
|
neilpang/acme.sh \
|
|
/root/.acme.sh/acme.sh {{args}}
|
|
|
|
issue *args:
|
|
just acmesh \
|
|
--issue \
|
|
--dns dns_hetzner \
|
|
--server letsencrypt \
|
|
{{args}}
|
|
|
|
install-monotremata-xyz:
|
|
just acmesh \
|
|
--install-cert \
|
|
-d {{domain}} \
|
|
--cert-file /certs/{{domain}}/cert.pem \
|
|
--key-file /certs/{{domain}}/key.pem \
|
|
--fullchain-file /certs/{{domain}}/fullchain.pem
|
|
|
|
install-vault:
|
|
just acmesh \
|
|
--install-cert \
|
|
-d vault.{{domain}} \
|
|
--cert-file /certs/vault.{{domain}}/cert.pem \
|
|
--key-file /certs/vault.{{domain}}/key.pem \
|
|
--fullchain-file /certs/vault.{{domain}}/fullchain.pem
|
|
|
|
install-mail:
|
|
just acmesh \
|
|
--install-cert \
|
|
-d mail.{{domain}} \
|
|
--cert-file /certs/mail.{{domain}}/cert.pem \
|
|
--key-file /certs/mail.{{domain}}/key.pem \
|
|
--fullchain-file /certs/mail.{{domain}}/fullchain.pem
|
|
|
|
issue-monotremata-xyz:
|
|
just issue \
|
|
-d {{domain}} \
|
|
-d '*.{{domain}}' \
|
|
-d '*.narwhal.{{domain}}' \
|
|
-d '*.caladan.{{domain}}' \
|
|
-d '*.xmpp.{{domain}}'
|
|
just install-monotremata-xyz
|
|
|
|
issue-vault:
|
|
just issue \
|
|
-d 'vault.{{domain}}' \
|
|
-d '*.vault.{{domain}}'
|
|
just install-vault
|
|
|
|
issue-mail:
|
|
just issue \
|
|
-d 'mail.{{domain}}'
|
|
just install-mail
|
|
|
|
install-cuina:
|
|
mkdir -p {{certs_path}}/cuina.monotremata.xyz
|
|
just acmesh \
|
|
--install-cert \
|
|
-d cuina.{{domain}} \
|
|
--cert-file /certs/cuina.{{domain}}/cert.pem \
|
|
--key-file /certs/cuina.{{domain}}/key.pem \
|
|
--fullchain-file /certs/cuina.{{domain}}/fullchain.pem
|
|
|
|
issue-cuina:
|
|
just issue \
|
|
-d 'cuina.{{domain}}' \
|
|
-d '*.cuina.{{domain}}'
|
|
just install-cuina
|