From 46fac59c3d8e9b4789d407f96cd953c1cea2574a Mon Sep 17 00:00:00 2001
From: Ian Fijolek <ian@iamthefij.com>
Date: Mon, 24 Feb 2025 10:06:17 -0800
Subject: [PATCH] Have lego get certs for my external domain as well

---
 core/lego.nomad | 31 +++++++++++++++++++------------
 1 file changed, 19 insertions(+), 12 deletions(-)

diff --git a/core/lego.nomad b/core/lego.nomad
index 299a5be..4ebce48 100644
--- a/core/lego.nomad
+++ b/core/lego.nomad
@@ -51,19 +51,26 @@ cd ${NOMAD_TASK_DIR}
 echo "Read certs from nomad vars"
 ${NOMAD_TASK_DIR}/nomad-var-dirsync-linux-{{ env "attr.cpu.arch" }} -root-var=secrets/certs read .
 
-action=run
-if [ -f /.lego/certificates/_.thefij.rocks.crt ]; then
-    action=renew
-fi
+function getcert() {
+  local domain=$1
+  action=run
+  if [ -f "/.lego/certificates/_.$domain.crt" ]; then
+      action=renew
+  fi
 
-echo "Attempt to $action certificates"
-${NOMAD_TASK_DIR}/lego \
-    --accept-tos --pem \
-    --email=iamthefij@gmail.com \
-    --domains="*.thefij.rocks" \
-    --dns="cloudflare" \
-    $action \
-    --$action-hook="${NOMAD_TASK_DIR}/nomad-var-dirsync-linux-{{ env "attr.cpu.arch" }} -root-var=secrets/certs write .lego" \
+  echo "Attempt to $action certificates"
+  ${NOMAD_TASK_DIR}/lego \
+      --accept-tos --pem \
+      --email=iamthefij@gmail.com \
+      --domains="*.$domain" \
+      --dns="cloudflare" \
+      $action \
+      --$action-hook="${NOMAD_TASK_DIR}/nomad-var-dirsync-linux-{{ env "attr.cpu.arch" }} -root-var=secrets/certs write .lego" \
+
+}
+
+getcert "thefij.rocks"
+getcert "iamthefij.com"
 EOH
         destination = "${NOMAD_TASK_DIR}/start.sh"
       }