update deploy stuff for nginx

diff --git a/Makefile b/Makefile
index 039af56f0537d06df929045058ba430c31117808..719f17baa4de836e66025dd65ee1cf1c4eaf242d 100644 (file)
--- a/Makefile
+++ b/Makefile
@@ -57,6 +57,16 @@ deploy/nginx: ##H @Remote Deploy staged files to remote
        @echo "Deploying checked-in nginx config to $(VPS_HOST)..."
        ssh -t $(VPS) "bash ~/.nginx-staging/deploy.sh"
 
+.PHONY: test/nginx
+test/nginx: ##H @Remote Test staged configuration without deploying
+       @echo "Testing staged config on $(VPS_HOST)..."
+       ssh -t $(VPS) "bash ~/.nginx-staging/deploy.sh test"
+
+.PHONY: certbot/nginx
+certbot/nginx: ##H @Remote Run certbot on remote VPS
+       @echo "Running certbot on $(VPS_HOST)..."
+       ssh -t $(VPS) "sudo certbot --nginx"
+
 .PHONY: stage/local
 stage/local: ##H @Local Stage files locally (supports SUDO_USER)
 ifdef SUDO_USER
@@ -98,3 +108,33 @@ else
        @echo "Deploying locally..."
        bash ~/.nginx-staging/deploy.sh
 endif
+
+.PHONY: test/local
+test/local: stage/local ##H @Local Test staged configuration locally (supports SUDO_USER)
+ifdef SUDO_USER
+       @echo "Testing locally as $(SUDO_USER)..."
+       su -P $(SUDO_USER) -c "bash /tmp/nginx-staging/deploy.sh test"
+else
+       @echo "Testing locally..."
+       bash ~/.nginx-staging/deploy.sh test
+endif
+
+.PHONY: certbot/local
+certbot/local: ##H @Local Run certbot locally (supports SUDO_USER)
+ifdef SUDO_USER
+       @echo "Running certbot locally as $(SUDO_USER)..."
+       su -P $(SUDO_USER) -c "sudo certbot --nginx"
+else
+       @echo "Running certbot locally..."
+       sudo certbot --nginx
+endif
+
+.PHONY: certbot/list-certs
+certbot/list-certs: ##H @Local List managed certificates (supports SUDO_USER)
+ifdef SUDO_USER
+       @echo "Listing certificates as $(SUDO_USER)..."
+       su -P $(SUDO_USER) -c "sudo certbot certificates"
+else
+       @echo "Listing certificates..."
+       sudo certbot certificates
+endif

diff --git a/scripts/deploy.sh b/scripts/deploy.sh
index ee7fd553117360d9ef174e2dde0f434602c2d438..d1c213c351a4202a803bb5ac66d2bc3d275950bb 100755 (executable)
--- a/scripts/deploy.sh
+++ b/scripts/deploy.sh
@@ -17,6 +17,28 @@ if [ "$1" = "diff" ]; then
     exit 0
 fi
 
+if [ "$1" = "test" ]; then
+    echo "Running pre-flight validation on staged config..."
+    TMP_NGINX_CONF=$(mktemp)
+
+    # Create a temporary nginx.conf that points to STAGING_DIR instead of /etc/nginx/conf.d
+    # We assume the standard include is "/etc/nginx/conf.d/*.conf"
+    # We strictly replace that string with our staging path.
+    sed "s|/etc/nginx/conf.d/\*\.conf|$STAGING_DIR/*.conf|g" /etc/nginx/nginx.conf >"$TMP_NGINX_CONF"
+
+    if sudo nginx -t -c "$TMP_NGINX_CONF"; then
+        echo "✓ Pre-flight validation passed."
+        # Run debug dump by default for test target
+        sudo nginx -T -c "$TMP_NGINX_CONF"
+        rm "$TMP_NGINX_CONF"
+        exit 0
+    else
+        echo "✗ Pre-flight validation FAILED."
+        rm "$TMP_NGINX_CONF"
+        exit 1
+    fi
+fi
+
 # Create timestamped backup
 BACKUP_DIR=~/nginx_backup_$(date +%s)
 echo "Creating backup at $BACKUP_DIR..."