test/bin/dumpcerts

#!/bin/bash
#
# Dump Traefik certs and install into containers that need them

if ! command -v traefik-certs-dumper &> /dev/null; then
	failcheck "FAILED - traefik-certs-dumper tool not installed"
fi

fail() {
  echo -ne "\n\nFAILED - $1\n\n"
  exit 2;
}

. /etc/federated

echo -ne "\n* Dumping certs from traefik into /federated/certs.."

traefik-certs-dumper file --version v2 --source /federated/apps/traefik/data/letsencrypt/acme.json --dest /federated/certs &> /dev/null
[ $? -ne 0 ] && fail "Couldn't dump certs from traefik-certs-dumper"

echo -ne "done.\n"

echo -ne "* Installing certs into /federated/apps that use it.."

# Install into PostgreSQL container
cp /federated/certs/certs/$DOMAIN.crt /federated/apps/postgresql/data/var/lib/postgresql/server.crt
cp /federated/certs/private/$DOMAIN.key /federated/apps/postgresql/data/var/lib/postgresql/server.key
chown 999 /federated/apps/postgresql/data/var/lib/postgresql/server.crt /federated/apps/postgresql/data/var/lib/postgresql/server.key
chmod 600 /federated/apps/postgresql/data/var/lib/postgresql/server.crt /federated/apps/postgresql/data/var/lib/postgresql/server.key

# Install into LDAP container
cp /federated/certs/certs/$DOMAIN.crt /federated/certs/private/$DOMAIN.key /federated/apps/ldap/data/certs/

# Install into Mail container
cp /federated/certs/certs/$DOMAIN.crt /federated/certs/private/$DOMAIN.key /federated/apps/mail/data/root/certs/

# Install into Collabora container
cp /federated/certs/certs/$DOMAIN.crt /federated/certs/private/$DOMAIN.key /federated/apps/collabora/data/root/certs/
chown 104 /federated/apps/collabora/data/root/certs/*

# Install into Matrix container
cp /federated/certs/certs/$DOMAIN.crt /federated/certs/private/$DOMAIN.key /federated/apps/matrix/data/matrix/
chmod 644 /federated/apps/matrix/data/matrix/$DOMAIN.crt /federated/apps/matrix/data/matrix/$DOMAIN.key

echo -ne "done.\n\n"