From 85b8048aa92616a3e8f2a9dbaf8117e2e3bb9162 Mon Sep 17 00:00:00 2001
From: Fanch <fanch@kaz.bzh>
Date: Fri, 18 Apr 2025 13:36:44 +0200
Subject: [PATCH] certificats pour mail et listes

---
 bin/getX509Certificates.sh                   | 17 +++++++++++++++++
 dockers/traefik/docker-compose.tmpl.yml.dist |  2 ++
 2 files changed, 19 insertions(+)
 create mode 100644 bin/getX509Certificates.sh

diff --git a/bin/getX509Certificates.sh b/bin/getX509Certificates.sh
new file mode 100644
index 0000000..dc83ce9
--- /dev/null
+++ b/bin/getX509Certificates.sh
@@ -0,0 +1,17 @@
+#/bin/bash
+
+#koi: récupération des certifs traefik vers x509 pour mail et listes
+#ki: fanch
+#kan: 18/04/2025
+
+KAZ_ROOT=$(cd "$(dirname $0)"/..; pwd)
+. "${KAZ_ROOT}/bin/.commonFunctions.sh"
+setKazVars
+. "${DOCKERS_ENV}"
+
+certificates="mail listes"
+
+for i in ${certificates}; do
+  jq -r ".letsencrypt.Certificates[] | select(.domain.main==\"${i}.${domain}\") | .certificate" /var/lib/docker/volumes/traefik_letsencrypt/_data/acme.json | base64 -d > /etc/ssl/certs/${i}.pem
+  jq -r ".letsencrypt.Certificates[] | select(.domain.main==\"${i}.${domain}\") | .key" /var/lib/docker/volumes/traefik_letsencrypt/_data/acme.json | base64 -d > /etc/ssl/private/${i}.key
+done
diff --git a/dockers/traefik/docker-compose.tmpl.yml.dist b/dockers/traefik/docker-compose.tmpl.yml.dist
index 1f695d3..e92b0f3 100644
--- a/dockers/traefik/docker-compose.tmpl.yml.dist
+++ b/dockers/traefik/docker-compose.tmpl.yml.dist
@@ -43,6 +43,8 @@ services:
       - "traefik.http.middlewares.reg-webmails.redirectregex.permanent=true"
       - "traefik.http.routers.webmails.middlewares=reg-webmails"
       - "traefik.http.routers.webmails.rule=Host(`webmail.kaz.bzh`)"
+      - "traefik.http.routers.mail.rule=Host(`mail.${domain}`) || Host(`smtp.${domain}`)" || Host(`imap.${domain}`)"
+      - "traefik.http.routers.listes.rule=Host(`listes.${domain}`)
 
     networks:
       - traefikNet