Update certificate job

author: Mathias Magnusson <mathias@magnusson.space> 2023-09-03 18:40:42 +0200
committer: Mathias Magnusson <mathias@magnusson.space> 2023-09-03 18:40:42 +0200
commit: 7690a171aee87b9c57e016a41068d20b3e3085a3 (patch)
tree: 2e920e5939de54e69888d0cd29b098cdfd26e0f6
parent: 22fc57cd5cd620fed99d40adeb28656c04f16f6e (diff)
download: garm-7690a171aee87b9c57e016a41068d20b3e3085a3.tar.gz
1 files changed, 11 insertions, 5 deletions
diff --git a/jobs/certificates.nomad.hcl b/jobs/certificates.nomad.hcl
index 68d8779..f5452a3 100644
--- a/jobs/certificates.nomad.hcl
+++ b/jobs/certificates.nomad.hcl
@@ -6,6 +6,11 @@ job "certificates" {
   }
 
   group "lego" {
+    restart {
+      attempts = 1
+      delay    = "1h"
+    }
+
     volume "certs" {
       type   = "host"
       source = "ca-certificates"
@@ -27,17 +32,18 @@ job "certificates" {
         data = <<EOF
 #!/usr/bin/env bash
 function dns() {
+    [ -f "/lego/certificates/$1.key" ] && cmd="renew --days 45" || cmd=run
     /local/lego \
         --accept-tos \
         --path /lego \
         --email mathias+certs@magnusson.space \
         --dns cloudflare \
-        $@ \
-        run
+        $${@/#/-d=} \
+        $cmd
 }
-dns -d magnusson.space -d *.magnusson.space
-dns -d magnusson.wiki -d *.magnusson.wiki
-# dns -d xn--srskildakommandorrelsegruppen-0pc88c.se -d *.xn--srskildakommandorrelsegruppen-0pc88c.se
+dns magnusson.space *.magnusson.space
+dns magnusson.wiki *.magnusson.wiki
+dns xn--srskildakommandorrelsegruppen-0pc88c.se *.xn--srskildakommandorrelsegruppen-0pc88c.se
 EOF
         destination = "local/certs.sh"
       }
author	Mathias Magnusson <mathias@magnusson.space>	2023-09-03 18:40:42 +0200
committer	Mathias Magnusson <mathias@magnusson.space>	2023-09-03 18:40:42 +0200
commit	7690a171aee87b9c57e016a41068d20b3e3085a3 (patch)
tree	2e920e5939de54e69888d0cd29b098cdfd26e0f6
parent	22fc57cd5cd620fed99d40adeb28656c04f16f6e (diff)
download	garm-7690a171aee87b9c57e016a41068d20b3e3085a3.tar.gz