From b6e0c310c410e59ae210108d33fdc66bedb7cbf1 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Wed, 29 Apr 2020 15:55:18 +0200
Subject: add k8s-lwl

---
 contrib/k8s-lwl/acme-hack/do.sh | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100755 contrib/k8s-lwl/acme-hack/do.sh

(limited to 'contrib/k8s-lwl/acme-hack/do.sh')

diff --git a/contrib/k8s-lwl/acme-hack/do.sh b/contrib/k8s-lwl/acme-hack/do.sh
new file mode 100755
index 0000000..f4c71ce
--- /dev/null
+++ b/contrib/k8s-lwl/acme-hack/do.sh
@@ -0,0 +1,26 @@
+#!/bin/bash
+
+declare -A domains
+domains[cdn]="cdn.lndwrbl.live"
+domains[stats]="stats.lndwrbl.live"
+domains[stream]="stream.lndwrbl.live"
+
+kubectl apply -f nginx-acme-cm.yml
+kubectl apply -f nginx-acme-deploy.yml
+kubectl apply -f nginx-acme-svc.yml
+for name in "${!domains[@]}"; do
+  cat nginx-acme-ingress.yml | sed "s/<<name>>/$name/g" | sed "s/<<hostname>>/${domains[$name]}/g" | kubectl apply -f -
+done
+
+for name in "${!domains[@]}"; do
+  cat acmetool-desired.yml | sed "s/<<hostname>>/${domains[$name]}/g" | ssh lw-live-00 "cat > /var/lib/acme/desired/${domains[$name]}"
+done
+
+### TODO: wait for all pods and then contiune the script
+#exit 0
+
+ssh lw-live-00 systemctl start acmetool
+
+for name in "${!domains[@]}"; do
+  ssh lw-live-00 kubectl -n lwl create secret tls "$name\-tls" "--cert=/var/lib/acme/live/${domains[$name]}/fullchain" "--key=/var/lib/acme/live/${domains[$name]}/privkey" --dry-run -o json | kubectl apply -f -
+done
-- 
cgit v1.2.3