#!/bin/bash

declare -A domains
domains[cdn]="cdn.lndwrbl.live"
domains[stats]="stats.lndwrbl.live"
domains[stream]="stream.lndwrbl.live"

kubectl apply -f nginx-acme-cm.yml
kubectl apply -f nginx-acme-deploy.yml
kubectl apply -f nginx-acme-svc.yml
for name in "${!domains[@]}"; do
  cat nginx-acme-ingress.yml | sed "s/<<name>>/$name/g" | sed "s/<<hostname>>/${domains[$name]}/g" | kubectl apply -f -
done

for name in "${!domains[@]}"; do
  cat acmetool-desired.yml | sed "s/<<hostname>>/${domains[$name]}/g" | ssh lw-live-00 "cat > /var/lib/acme/desired/${domains[$name]}"
done

### TODO: wait for all pods and then contiune the script
#exit 0

ssh lw-live-00 systemctl start acmetool

for name in "${!domains[@]}"; do
  ssh lw-live-00 kubectl -n lwl create secret tls "$name\-tls" "--cert=/var/lib/acme/live/${domains[$name]}/fullchain" "--key=/var/lib/acme/live/${domains[$name]}/privkey" --dry-run -o json | kubectl apply -f -
done