From 60569568d1196462fec768d4bc6e23e4afe52cc5 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Tue, 3 Mar 2020 04:04:38 +0100 Subject: matomo/graphite/grafana work now --- contrib/k8s-emc/acme-hack/do.sh | 33 ++++++++++++------------ contrib/k8s-emc/acme-hack/nginx-acme-deploy.yml | 10 +++---- contrib/k8s-emc/acme-hack/nginx-acme-ingress.yml | 2 +- contrib/k8s-emc/acme-hack/nginx-acme-svc.yml | 6 ++--- 4 files changed, 26 insertions(+), 25 deletions(-) (limited to 'contrib/k8s-emc/acme-hack') diff --git a/contrib/k8s-emc/acme-hack/do.sh b/contrib/k8s-emc/acme-hack/do.sh index beaae3a..3c2b5e3 100755 --- a/contrib/k8s-emc/acme-hack/do.sh +++ b/contrib/k8s-emc/acme-hack/do.sh @@ -1,22 +1,23 @@ #!/bin/bash -if [ -z "$1" ]; then - echo "usage: $0 (create|replace)" - exit 1 -fi +declare -A domains +domains[emc-live]="emc-live.elev8.at" +domains[emc-stats]="emc-stats.elev8.at" +domains[stream-elev8]="stream.elev8.at" +domains[stream-elevate]="stream.elevate.at" -#HOSTS="emc-00 emc-01 emc-02 emc-03 emc-04 emc-05 emc-06 helene" -HOSTS="emc-00" - -kubectl "$1" -f nginx-acme-cm.yml -for node in $HOSTS; do - cat nginx-acme-deploy.yml | sed "s/<>/$node/g" | kubectl "$1" -f - - cat nginx-acme-svc.yml | sed "s/<>/$node/g" | kubectl "$1" -f - - cat nginx-acme-ingress.yml | sed "s/<>/$node/g" | sed "s/<>/$node/g" | sed "s/<>/$node.spreadspace.org/g" | kubectl "$1" -f - +kubectl apply -f nginx-acme-cm.yml +kubectl apply -f nginx-acme-deploy.yml +kubectl apply -f nginx-acme-svc.yml +for name in "${!domains[@]}"; do + cat nginx-acme-ingress.yml | sed "s/<>/$name/g" | sed "s/<>/${domains[$name]}/g" | kubectl apply -f - done -cat nginx-acme-ingress.yml | sed "s/<>/elevate-live/g" | sed "s/<>/emc-00/g" | sed "s/<>/elevate-live.spreadspace.org/g" | kubectl "$1" -f - -cat nginx-acme-ingress.yml | sed "s/<>/elevate-stats/g" | sed "s/<>/emc-00/g" | sed "s/<>/elevate-stats.spreadspace.org/g" | kubectl "$1" -f - -cat nginx-acme-ingress.yml | sed "s/<>/elevate-stream/g" | sed "s/<>/emc-00/g" | sed "s/<>/stream.elevate.at/g" | kubectl "$1" -f - +### TODO: wait for all pods and then contiune the script +#exit 0 + +ssh emc-00 systemctl start acmetool -cat nginx-acme-ingress.yml | sed "s/<>/elevate-feed/g" | sed "s/<>/helene/g" | sed "s/<>/elevate-feed.spreadspace.org/g" | kubectl "$1" -f - +for name in "${!domains[@]}"; do + ssh emc-00 kubectl -n emc create secret tls "$name\-tls" "--cert=/var/lib/acme/live/${domains[$name]}/fullchain" "--key=/var/lib/acme/live/${domains[$name]}/privkey" --dry-run -o json | kubectl apply -f - +done diff --git a/contrib/k8s-emc/acme-hack/nginx-acme-deploy.yml b/contrib/k8s-emc/acme-hack/nginx-acme-deploy.yml index 7800b32..3549f0d 100644 --- a/contrib/k8s-emc/acme-hack/nginx-acme-deploy.yml +++ b/contrib/k8s-emc/acme-hack/nginx-acme-deploy.yml @@ -2,12 +2,12 @@ apiVersion: apps/v1 kind: Deployment metadata: namespace: emc - name: nginx-acme-hack-<> + name: nginx-acme-hack-emc-00 labels: app: nginx type: acme-challenge tier: hack - worker: <> + worker: emc-00 spec: replicas: 1 selector: @@ -15,7 +15,7 @@ spec: app: nginx type: acme-challenge tier: hack - worker: <> + worker: emc-00 strategy: type: Recreate revisionHistoryLimit: 5 @@ -25,9 +25,9 @@ spec: app: nginx type: acme-challenge tier: hack - worker: <> + worker: emc-00 spec: - nodeName: <> + nodeName: emc-00 securityContext: runAsUser: 998 fsGroup: 998 diff --git a/contrib/k8s-emc/acme-hack/nginx-acme-ingress.yml b/contrib/k8s-emc/acme-hack/nginx-acme-ingress.yml index 4e47cf2..c6c2b0b 100644 --- a/contrib/k8s-emc/acme-hack/nginx-acme-ingress.yml +++ b/contrib/k8s-emc/acme-hack/nginx-acme-ingress.yml @@ -15,5 +15,5 @@ spec: paths: - path: /.well-known/acme-challenge/ backend: - serviceName: nginx-acme-hack-<> + serviceName: nginx-acme-hack-emc-00 servicePort: 8080 diff --git a/contrib/k8s-emc/acme-hack/nginx-acme-svc.yml b/contrib/k8s-emc/acme-hack/nginx-acme-svc.yml index 318d1ca..7bc3540 100644 --- a/contrib/k8s-emc/acme-hack/nginx-acme-svc.yml +++ b/contrib/k8s-emc/acme-hack/nginx-acme-svc.yml @@ -2,18 +2,18 @@ apiVersion: v1 kind: Service metadata: namespace: emc - name: nginx-acme-hack-<> + name: nginx-acme-hack-emc-00 labels: app: nginx type: acme-challenge tier: hack - worker: <> + worker: emc-00 spec: selector: app: nginx type: acme-challenge tier: hack - worker: <> + worker: emc-00 clusterIP: None ports: - name: http -- cgit v1.2.3