use incron

Dockerfile

@@ -1,8 +1,6 @@
-FROM registry.gitlab.com/thallian/docker-confd-env:lego
+FROM registry.gitlab.com/thallian/docker-confd-env:master
 
 ENV PGDATA /var/lib/postgresql/data
-ENV CERT_HOME /var/lib/postgresql
-ENV CERT_USER postgres
 
 RUN apk add --no-cache postgresql postgresql-contrib ca-certificates
 
@@ -12,6 +10,6 @@ RUN chmod 775 /run/postgresql
 
 ADD /rootfs /
 
-VOLUME /var/lib/postgresql/data /var/lib/postgresql/.lego
+VOLUME /var/lib/postgresql/data /etc/ssl/postgresql/
 
 EXPOSE 5432

README.md

@@ -1,18 +1,16 @@
-[PostgreSQL](https://www.postgresql.org/) server which provisions
-tls certificates through [Let's Encrypt](https://letsencrypt.org/) with
-[lego](https://github.com/xenolf/lego). 
-
-Take a look at the [base image](https://gitlab.com/thallian/docker-confd-env/tree/lego)
-for the certificate configuration.
+[PostgreSQL](https://www.postgresql.org/) server.
 
 # Volumes
 - `/var/lib/postgresql/data`
-- `/var/lib/postgresql/.lego`: certificates directory
+- `/etc/ssl/postgresql/`: certificates directory
 
 # Environment Variables
 ## POSTGRES_PASSWORD
 
 Password for the postgre admin user.
 
+## CERT_DOMAIN
+Name of the certificate domain.
+
 # Ports
 - 5432

rootfs/etc/services.d/postgres/run

@@ -4,5 +4,5 @@ exec s6-setuidgid postgres postgres \
     -D $PGDATA \
     -c listen_addresses='*' \
     -c ssl=on \
-    -c ssl_cert_file="/var/lib/postgresql/.lego/certificates/${CERT_DOMAIN}.crt" \
-    -c ssl_key_file="/var/lib/postgresql/.lego/certificates/${CERT_DOMAIN}.key"
+    -c ssl_cert_file="/etc/ssl/lib/postgresql/${CERT_DOMAIN}.crt" \
+    -c ssl_key_file="/etc/ssl/postgresql/${CERT_DOMAIN}.key"

rootfs/var/spool/incron/root

@@ -0,0 +1 @@
+/etc/ssl/postgresql IN_ATTRIB /bin/restart-services