blob: f4c71ce056323b3b8fe9ab51e2da0d9bb7a29e78 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
#!/bin/bash
declare -A domains
domains[cdn]="cdn.lndwrbl.live"
domains[stats]="stats.lndwrbl.live"
domains[stream]="stream.lndwrbl.live"
kubectl apply -f nginx-acme-cm.yml
kubectl apply -f nginx-acme-deploy.yml
kubectl apply -f nginx-acme-svc.yml
for name in "${!domains[@]}"; do
cat nginx-acme-ingress.yml | sed "s/<<name>>/$name/g" | sed "s/<<hostname>>/${domains[$name]}/g" | kubectl apply -f -
done
for name in "${!domains[@]}"; do
cat acmetool-desired.yml | sed "s/<<hostname>>/${domains[$name]}/g" | ssh lw-live-00 "cat > /var/lib/acme/desired/${domains[$name]}"
done
### TODO: wait for all pods and then contiune the script
#exit 0
ssh lw-live-00 systemctl start acmetool
for name in "${!domains[@]}"; do
ssh lw-live-00 kubectl -n lwl create secret tls "$name\-tls" "--cert=/var/lib/acme/live/${domains[$name]}/fullchain" "--key=/var/lib/acme/live/${domains[$name]}/privkey" --dry-run -o json | kubectl apply -f -
done
|
