feat(gws.fyi): Reimport cert after renewing

Change-Id: Iebd5c9bc3a62838a862cc4b37b2f43f62ad8018e Reviewed-on: https://cl.tvl.fyi/c/depot/+/1213 Reviewed-by: glittershark <grfn@gws.fyi> Tested-by: BuildkiteCI
2020-07-16 11:43:19 -04:00 · 2020-07-16 11:43:19 -04:00 · 4c340cbeb8
commit 4c340cbeb8
parent 9a4a4058a8
1 changed files with 9 additions and 1 deletions
--- a/users/glittershark/gws.fyi/Makefile
+++ b/users/glittershark/gws.fyi/Makefile
@ -5,14 +5,22 @@ deploy:

 renew:
 	@echo Renewing...
-	@certbot renew \
+	@certbot certonly \
 		--manual \
+		--domain gws.fyi \
 		--preferred-challenges dns \
 		--server https://acme-v02.api.letsencrypt.org/directory \
 		--agree-tos \
 		--work-dir $(shell pwd)/letsencrypt/work \
 		--logs-dir $(shell pwd)/letsencrypt/logs \
 		--config-dir $(shell pwd)/letsencrypt/config
+	@echo "Reimporting certificate"
+	@aws acm import-certificate \
+	    --certificate file://letsencrypt/config/live/gws.fyi/cert.pem \
+	    --certificate-chain file://letsencrypt/config/live/gws.fyi/fullchain.pem \
+	    --private-key file://letsencrypt/config/live/gws.fyi/privkey.pem \
+	    --certificate-arn arn:aws:acm:us-east-1:797089351721:certificate/628e54f3-55f9-49c0-811a-eba516b68e30 \
+		--region us-east-1

 backup:
 	@tarsnap -cf $(shell uname -n)-letsencrypt-$(shell date +%Y-%m-%d_%H-%M-%S) \