diff options
Diffstat (limited to 'contrib/k8s-lwl/acme-hack/do.sh')
| -rwxr-xr-x | contrib/k8s-lwl/acme-hack/do.sh | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/contrib/k8s-lwl/acme-hack/do.sh b/contrib/k8s-lwl/acme-hack/do.sh new file mode 100755 index 0000000..f4c71ce --- /dev/null +++ b/contrib/k8s-lwl/acme-hack/do.sh @@ -0,0 +1,26 @@ +#!/bin/bash + +declare -A domains +domains[cdn]="cdn.lndwrbl.live" +domains[stats]="stats.lndwrbl.live" +domains[stream]="stream.lndwrbl.live" + +kubectl apply -f nginx-acme-cm.yml +kubectl apply -f nginx-acme-deploy.yml +kubectl apply -f nginx-acme-svc.yml +for name in "${!domains[@]}"; do + cat nginx-acme-ingress.yml | sed "s/<<name>>/$name/g" | sed "s/<<hostname>>/${domains[$name]}/g" | kubectl apply -f - +done + +for name in "${!domains[@]}"; do + cat acmetool-desired.yml | sed "s/<<hostname>>/${domains[$name]}/g" | ssh lw-live-00 "cat > /var/lib/acme/desired/${domains[$name]}" +done + +### TODO: wait for all pods and then contiune the script +#exit 0 + +ssh lw-live-00 systemctl start acmetool + +for name in "${!domains[@]}"; do + ssh lw-live-00 kubectl -n lwl create secret tls "$name\-tls" "--cert=/var/lib/acme/live/${domains[$name]}/fullchain" "--key=/var/lib/acme/live/${domains[$name]}/privkey" --dry-run -o json | kubectl apply -f - +done |