tvl-depot/users/glittershark/gws.fyi/Makefile
Griffin Smith 3678a33327 fix(gws.fyi): Explicitly specify personal profile to AWS
Explicitly pass --profile personal to AWS commands, to avoid deploying
this to the wrong aws account on accident

Change-Id: Iff8236967adcfdedfbace8930031db9adf60e3d1
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2699
Reviewed-by: glittershark <grfn@gws.fyi>
Tested-by: BuildkiteCI
2021-03-29 00:00:30 +00:00

31 lines
1 KiB
Makefile

.PHONY: deploy
deploy:
@$(shell nix-build `git rev-parse --show-toplevel` -A 'users.glittershark."gws.fyi"')
renew:
@echo Renewing...
@certbot certonly \
--manual \
--domain www.gws.fyi \
--preferred-challenges dns \
--server https://acme-v02.api.letsencrypt.org/directory \
--agree-tos \
--work-dir $(shell pwd)/letsencrypt/work \
--logs-dir $(shell pwd)/letsencrypt/logs \
--config-dir $(shell pwd)/letsencrypt/config
@echo "Reimporting certificate"
@aws acm import-certificate \
--profile personal \
--certificate file://letsencrypt/config/live/www.gws.fyi/cert.pem \
--certificate-chain file://letsencrypt/config/live/www.gws.fyi/fullchain.pem \
--private-key file://letsencrypt/config/live/www.gws.fyi/privkey.pem \
--certificate-arn arn:aws:acm:us-east-1:797089351721:certificate/628e54f3-55f9-49c0-811a-eba516b68e30 \
--region us-east-1
backup:
@tarsnap -cf $(shell uname -n)-letsencrypt-$(shell date +%Y-%m-%d_%H-%M-%S) \
letsencrypt/
open:
$$BROWSER "https://www.gws.fyi"