diff options
Diffstat (limited to 'jobs/certificates.nomad.hcl')
| -rw-r--r-- | jobs/certificates.nomad.hcl | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/jobs/certificates.nomad.hcl b/jobs/certificates.nomad.hcl index f5452a3..7284deb 100644 --- a/jobs/certificates.nomad.hcl +++ b/jobs/certificates.nomad.hcl @@ -16,6 +16,20 @@ job "certificates" { source = "ca-certificates" } + network { + port "http" { } + } + + service { + name = "certificates" + port = "http" + provider = "nomad" + + tags = [ + "nginx.hijack_http=.dinlugnastund.se", + ] + } + task "lego" { driver = "exec" @@ -31,6 +45,7 @@ job "certificates" { template { data = <<EOF #!/usr/bin/env bash + function dns() { [ -f "/lego/certificates/$1.key" ] && cmd="renew --days 45" || cmd=run /local/lego \ @@ -41,9 +56,22 @@ function dns() { $${@/#/-d=} \ $cmd } + +function http() { + [ -f "/lego/certificates/$1.key" ] && cmd="renew --days 45" || cmd=run + /local/lego \ + --accept-tos \ + --path /lego \ + --email mathias+certs@magnusson.space \ + --http --http.port ":$NOMAD_PORT_http" \ + $${@/#/-d=} \ + $cmd +} + dns magnusson.space *.magnusson.space dns magnusson.wiki *.magnusson.wiki dns xn--srskildakommandorrelsegruppen-0pc88c.se *.xn--srskildakommandorrelsegruppen-0pc88c.se +http dinlugnastund.se www.dinlugnastund.se EOF destination = "local/certs.sh" } |