From fdc923263f30b456e99a15c2825de3de9e2a5741 Mon Sep 17 00:00:00 2001
From: Alexander Dahl <alex@netz39.de>
Date: Thu, 8 Sep 2022 21:41:01 +0200
Subject: [PATCH] :beers: pottwal: jabber/prosody: Add deploy cert hook

Hook works outside of ansible in personal prosody instance. Hope I
understood the template correctly, docs of dehydrated role are quite
sparse on that.

The dehydrated cert path variable is only available since recent change
c4af7754b219 (":sparkles: Use variables to configure dehydrated
locations").

Link: https://prosody.im/doc/certificates
---
 pottwal.yml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/pottwal.yml b/pottwal.yml
index ba721da..f12f09e 100644
--- a/pottwal.yml
+++ b/pottwal.yml
@@ -33,6 +33,8 @@
         - name: uritools-api.n39.eu
         - name: sl.n39.eu
         - name: pad.n39.eu
+        - name: jabber.n39.eu
+          deploy_cert_hook: "docker exec prosody prosodyctl --root cert import ${DOMAIN} /var/lib/dehydrated/certs"
     - role: penguineer.dehydrated_cron
     - role: dd24-dyndns-cron
       # variables are set in the inventory
@@ -138,8 +140,7 @@
           - "{{ prosody_data }}/etc/prosody:/etc/prosody:rw"
           - "{{ prosody_data }}/var/lib/prosody:/var/lib/prosody:rw"
           - "{{ prosody_data }}/var/log/prosody:/var/log/prosody:rw"
-          # TODO  Migrate to dehydrated role
-          # - /var/lib/dehydrated:/var/lib/dehydrated:ro
+          - "{{ dehydrated_certs_dir }}/jabber.n39.eu:/var/lib/dehydrated/certs/jabber.n39.eu:ro"
 
     - name: Ensure container for static XMPP website is running
       docker_container: