Have lego get certs for my external domain as well

2025-02-24 10:06:17 -08:00 · 2025-02-24 10:06:17 -08:00 · 46fac59c3d
commit 46fac59c3d
parent 3a90b097c8
1 changed files with 19 additions and 12 deletions
--- a/core/lego.nomad
+++ b/core/lego.nomad
@ -51,8 +51,10 @@ cd ${NOMAD_TASK_DIR}
 echo "Read certs from nomad vars"
 ${NOMAD_TASK_DIR}/nomad-var-dirsync-linux-{{ env "attr.cpu.arch" }} -root-var=secrets/certs read .

+function getcert() {
+  local domain=$1
  action=run
-if [ -f /.lego/certificates/_.thefij.rocks.crt ]; then
+  if [ -f "/.lego/certificates/_.$domain.crt" ]; then
      action=renew
  fi

@ -60,10 +62,15 @@ echo "Attempt to $action certificates"
  ${NOMAD_TASK_DIR}/lego \
      --accept-tos --pem \
      --email=iamthefij@gmail.com \
-    --domains="*.thefij.rocks" \
+      --domains="*.$domain" \
      --dns="cloudflare" \
      $action \
      --$action-hook="${NOMAD_TASK_DIR}/nomad-var-dirsync-linux-{{ env "attr.cpu.arch" }} -root-var=secrets/certs write .lego" \
+
+}
+
+getcert "thefij.rocks"
+getcert "iamthefij.com"
 EOH
        destination = "${NOMAD_TASK_DIR}/start.sh"
      }