Merge branch 'main' of ssh://gt.hexor.cy:30022/ab/homelab

2025-11-06 22:49:10 +02:00
parent 7d7906edc7 30a3b1cd60
commit a19648aacc
3 changed files with 13 additions and 6 deletions
--- a/k8s/apps/pasarguard/daemonset.yaml
+++ b/k8s/apps/pasarguard/daemonset.yaml
@@ -97,6 +97,8 @@ spec:
        - name: init-uuid
          image: bitnami/kubectl:latest
          env:
+            - name: GODEBUG
+              value: "x509sha1=1"
            - name: NODE_NAME
              valueFrom:
                fieldRef:
@@ -106,7 +108,7 @@ spec:
            - -c
            - |
              set -e
-
+              echo "Started"
              # NODE_NAME is already set via environment variable
              NAMESPACE=$(cat /var/run/secrets/kubernetes.io/serviceaccount/namespace)

@@ -180,25 +182,27 @@ spec:
                echo "Certificate already exists"
              fi

-              # Wait for certificate to be ready (max 60 seconds)
+              # Wait for certificate to be ready
+              
              echo "Waiting for certificate to be ready..."
-              for i in {1..60}; do
+              for i in {1..600}; do
                if kubectl get secret "${CERT_NAME}-tls" -n "${NAMESPACE}" &>/dev/null; then
                  echo "Certificate secret is ready!"
                  break
                fi
-                echo "Waiting for certificate... ($i/60)"
+                echo "Waiting for certificate... ($i/600)"
                sleep 1
              done

              if ! kubectl get secret "${CERT_NAME}-tls" -n "${NAMESPACE}" &>/dev/null; then
-                echo "WARNING: Certificate secret not ready after 60 seconds"
+                echo "WARNING: Certificate secret not ready after 600 seconds"
              else
                # Extract certificate and key from secret to shared volume
                echo "Extracting certificate and key..."
                kubectl get secret "${CERT_NAME}-tls" -n "${NAMESPACE}" -o jsonpath='{.data.tls\.crt}' | base64 -d > /shared/tls.crt
                kubectl get secret "${CERT_NAME}-tls" -n "${NAMESPACE}" -o jsonpath='{.data.tls\.key}' | base64 -d > /shared/tls.key
-                echo "Certificate and key extracted successfully"
+                echo "Certificate and key extracted successfully."
+                cat /shared/tls.crt
              fi

              # Create individual Service and Endpoints for this node
--- a/k8s/apps/pasarguard/deployment.yaml
+++ b/k8s/apps/pasarguard/deployment.yaml
@@ -44,6 +44,8 @@ spec:
              value: "0.0.0.0"
            - name: UVICORN_PORT
              value: "8000"
+            - name: DOCS
+              value: "true"
            - name: UVICORN_SSL_CERTFILE
              value: "/app/tls/tls.crt"
            - name: UVICORN_SSL_KEYFILE