From cfbd3f5ad3fadc8db7d6d689b3eeb8b478816df7 Mon Sep 17 00:00:00 2001
From: Shane <chown_tee@proton.me>
Date: Sun, 11 Jan 2026 00:44:14 +0000
Subject: [PATCH] update deploy stuff for nginx

---
 Makefile          | 40 ++++++++++++++++++++++++++++++++++++++++
 scripts/deploy.sh | 22 ++++++++++++++++++++++
 2 files changed, 62 insertions(+)

diff --git a/Makefile b/Makefile
index 039af56..719f17b 100644
--- a/Makefile
+++ b/Makefile
@@ -57,6 +57,16 @@ deploy/nginx: ##H @Remote Deploy staged files to remote
 	@echo "Deploying checked-in nginx config to $(VPS_HOST)..."
 	ssh -t $(VPS) "bash ~/.nginx-staging/deploy.sh"
 
+.PHONY: test/nginx
+test/nginx: ##H @Remote Test staged configuration without deploying
+	@echo "Testing staged config on $(VPS_HOST)..."
+	ssh -t $(VPS) "bash ~/.nginx-staging/deploy.sh test"
+
+.PHONY: certbot/nginx
+certbot/nginx: ##H @Remote Run certbot on remote VPS
+	@echo "Running certbot on $(VPS_HOST)..."
+	ssh -t $(VPS) "sudo certbot --nginx"
+
 .PHONY: stage/local
 stage/local: ##H @Local Stage files locally (supports SUDO_USER)
 ifdef SUDO_USER
@@ -98,3 +108,33 @@ else
 	@echo "Deploying locally..."
 	bash ~/.nginx-staging/deploy.sh
 endif
+
+.PHONY: test/local
+test/local: stage/local ##H @Local Test staged configuration locally (supports SUDO_USER)
+ifdef SUDO_USER
+	@echo "Testing locally as $(SUDO_USER)..."
+	su -P $(SUDO_USER) -c "bash /tmp/nginx-staging/deploy.sh test"
+else
+	@echo "Testing locally..."
+	bash ~/.nginx-staging/deploy.sh test
+endif
+
+.PHONY: certbot/local
+certbot/local: ##H @Local Run certbot locally (supports SUDO_USER)
+ifdef SUDO_USER
+	@echo "Running certbot locally as $(SUDO_USER)..."
+	su -P $(SUDO_USER) -c "sudo certbot --nginx"
+else
+	@echo "Running certbot locally..."
+	sudo certbot --nginx
+endif
+
+.PHONY: certbot/list-certs
+certbot/list-certs: ##H @Local List managed certificates (supports SUDO_USER)
+ifdef SUDO_USER
+	@echo "Listing certificates as $(SUDO_USER)..."
+	su -P $(SUDO_USER) -c "sudo certbot certificates"
+else
+	@echo "Listing certificates..."
+	sudo certbot certificates
+endif
diff --git a/scripts/deploy.sh b/scripts/deploy.sh
index ee7fd55..d1c213c 100755
--- a/scripts/deploy.sh
+++ b/scripts/deploy.sh
@@ -17,6 +17,28 @@ if [ "$1" = "diff" ]; then
     exit 0
 fi
 
+if [ "$1" = "test" ]; then
+    echo "Running pre-flight validation on staged config..."
+    TMP_NGINX_CONF=$(mktemp)
+
+    # Create a temporary nginx.conf that points to STAGING_DIR instead of /etc/nginx/conf.d
+    # We assume the standard include is "/etc/nginx/conf.d/*.conf"
+    # We strictly replace that string with our staging path.
+    sed "s|/etc/nginx/conf.d/\*\.conf|$STAGING_DIR/*.conf|g" /etc/nginx/nginx.conf >"$TMP_NGINX_CONF"
+
+    if sudo nginx -t -c "$TMP_NGINX_CONF"; then
+        echo "â Pre-flight validation passed."
+        # Run debug dump by default for test target
+        sudo nginx -T -c "$TMP_NGINX_CONF"
+        rm "$TMP_NGINX_CONF"
+        exit 0
+    else
+        echo "â Pre-flight validation FAILED."
+        rm "$TMP_NGINX_CONF"
+        exit 1
+    fi
+fi
+
 # Create timestamped backup
 BACKUP_DIR=~/nginx_backup_$(date +%s)
 echo "Creating backup at $BACKUP_DIR..."
-- 
2.52.0