dags/narwhal/acme_renew/justfile

87 lines
2.2 KiB
Plaintext
Executable File

dag := justfile_directory()
run:
make --directory "{{dag}}"
render:
make --file ../../common/render-dag.make
acme_data_dir := "/mnt/docker_volumes/acmesh/data"
domain := "monotremata.xyz"
certs_path := "/srv/certs/acme"
hetzner_token := `cat /srv/secrets/hetzner_token`
acmesh *args:
docker run --rm -it \
-v {{acme_data_dir}}:/acme.sh \
-v {{certs_path}}:/certs \
-e "HETZNER_Token={{hetzner_token}}" \
neilpang/acme.sh \
/root/.acme.sh/acme.sh {{args}}
issue *args:
just acmesh \
--issue \
--dns dns_hetzner \
--server letsencrypt \
{{args}}
install-monotremata-xyz:
just acmesh \
--install-cert \
-d {{domain}} \
--cert-file /certs/{{domain}}/cert.pem \
--key-file /certs/{{domain}}/key.pem \
--fullchain-file /certs/{{domain}}/fullchain.pem
install-vault:
just acmesh \
--install-cert \
-d vault.{{domain}} \
--cert-file /certs/vault.{{domain}}/cert.pem \
--key-file /certs/vault.{{domain}}/key.pem \
--fullchain-file /certs/vault.{{domain}}/fullchain.pem
install-mail:
just acmesh \
--install-cert \
-d mail.{{domain}} \
--cert-file /certs/mail.{{domain}}/cert.pem \
--key-file /certs/mail.{{domain}}/key.pem \
--fullchain-file /certs/mail.{{domain}}/fullchain.pem
issue-monotremata-xyz:
just issue \
-d {{domain}} \
-d '*.{{domain}}' \
-d '*.narwhal.{{domain}}' \
-d '*.caladan.{{domain}}' \
-d '*.xmpp.{{domain}}'
just install-monotremata-xyz
issue-vault:
just issue \
-d 'vault.{{domain}}' \
-d '*.vault.{{domain}}'
just install-vault
issue-mail:
just issue \
-d 'mail.{{domain}}'
just install-mail
install-cuina:
mkdir -p {{certs_path}}/cuina.monotremata.xyz
just acmesh \
--install-cert \
-d cuina.{{domain}} \
--cert-file /certs/cuina.{{domain}}/cert.pem \
--key-file /certs/cuina.{{domain}}/key.pem \
--fullchain-file /certs/cuina.{{domain}}/fullchain.pem
issue-cuina:
just issue \
-d 'cuina.{{domain}}' \
-d '*.cuina.{{domain}}'
just install-cuina