add cert sync

cert-sync/docker-compose.yml

@@ -0,0 +1,24 @@
+services:
+  cert-sync:
+    image: alpine:3.19
+    container_name: cert-sync
+    restart: always
+    volumes:
+      # NPM Zertifikate (read-only)
+      - /opt/npmplus/tls/certbot/live/npm-28:/src:ro
+      # Mailcow SSL Ziel (write)
+      - /opt/mailcow-dockerized/data/assets/ssl:/dst
+      # Docker Socket, um Mailcow-Container neu zu starten
+      - /var/run/docker.sock:/var/run/docker.sock
+    command: >
+      sh -c "
+        apk add --no-cache inotify-tools docker-cli &&
+        while true; do
+          inotifywait -e close_write /src/fullchain.pem /src/privkey.pem &&
+          cp /src/fullchain.pem /dst/cert.pem &&
+          cp /src/privkey.pem /dst/key.pem &&
+          chmod 600 /dst/key.pem &&
+          echo '[cert-sync] Zertifikate aktualisiert, Mailcow wird neu gestartet...' &&
+          docker compose -f /opt/mailcow-dockerized/docker-compose.yml restart postfix dovecot nginx-mailcow
+        done
+      "