Merge branch 'main' of ssh://gt.hexor.cy:30022/ab/homelab
This commit is contained in:
@@ -97,6 +97,8 @@ spec:
|
|||||||
- name: init-uuid
|
- name: init-uuid
|
||||||
image: bitnami/kubectl:latest
|
image: bitnami/kubectl:latest
|
||||||
env:
|
env:
|
||||||
|
- name: GODEBUG
|
||||||
|
value: "x509sha1=1"
|
||||||
- name: NODE_NAME
|
- name: NODE_NAME
|
||||||
valueFrom:
|
valueFrom:
|
||||||
fieldRef:
|
fieldRef:
|
||||||
@@ -106,7 +108,7 @@ spec:
|
|||||||
- -c
|
- -c
|
||||||
- |
|
- |
|
||||||
set -e
|
set -e
|
||||||
|
echo "Started"
|
||||||
# NODE_NAME is already set via environment variable
|
# NODE_NAME is already set via environment variable
|
||||||
NAMESPACE=$(cat /var/run/secrets/kubernetes.io/serviceaccount/namespace)
|
NAMESPACE=$(cat /var/run/secrets/kubernetes.io/serviceaccount/namespace)
|
||||||
|
|
||||||
@@ -180,25 +182,27 @@ spec:
|
|||||||
echo "Certificate already exists"
|
echo "Certificate already exists"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Wait for certificate to be ready (max 60 seconds)
|
# Wait for certificate to be ready
|
||||||
|
|
||||||
echo "Waiting for certificate to be ready..."
|
echo "Waiting for certificate to be ready..."
|
||||||
for i in {1..60}; do
|
for i in {1..600}; do
|
||||||
if kubectl get secret "${CERT_NAME}-tls" -n "${NAMESPACE}" &>/dev/null; then
|
if kubectl get secret "${CERT_NAME}-tls" -n "${NAMESPACE}" &>/dev/null; then
|
||||||
echo "Certificate secret is ready!"
|
echo "Certificate secret is ready!"
|
||||||
break
|
break
|
||||||
fi
|
fi
|
||||||
echo "Waiting for certificate... ($i/60)"
|
echo "Waiting for certificate... ($i/600)"
|
||||||
sleep 1
|
sleep 1
|
||||||
done
|
done
|
||||||
|
|
||||||
if ! kubectl get secret "${CERT_NAME}-tls" -n "${NAMESPACE}" &>/dev/null; then
|
if ! kubectl get secret "${CERT_NAME}-tls" -n "${NAMESPACE}" &>/dev/null; then
|
||||||
echo "WARNING: Certificate secret not ready after 60 seconds"
|
echo "WARNING: Certificate secret not ready after 600 seconds"
|
||||||
else
|
else
|
||||||
# Extract certificate and key from secret to shared volume
|
# Extract certificate and key from secret to shared volume
|
||||||
echo "Extracting certificate and key..."
|
echo "Extracting certificate and key..."
|
||||||
kubectl get secret "${CERT_NAME}-tls" -n "${NAMESPACE}" -o jsonpath='{.data.tls\.crt}' | base64 -d > /shared/tls.crt
|
kubectl get secret "${CERT_NAME}-tls" -n "${NAMESPACE}" -o jsonpath='{.data.tls\.crt}' | base64 -d > /shared/tls.crt
|
||||||
kubectl get secret "${CERT_NAME}-tls" -n "${NAMESPACE}" -o jsonpath='{.data.tls\.key}' | base64 -d > /shared/tls.key
|
kubectl get secret "${CERT_NAME}-tls" -n "${NAMESPACE}" -o jsonpath='{.data.tls\.key}' | base64 -d > /shared/tls.key
|
||||||
echo "Certificate and key extracted successfully"
|
echo "Certificate and key extracted successfully."
|
||||||
|
cat /shared/tls.crt
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Create individual Service and Endpoints for this node
|
# Create individual Service and Endpoints for this node
|
||||||
|
|||||||
@@ -44,6 +44,8 @@ spec:
|
|||||||
value: "0.0.0.0"
|
value: "0.0.0.0"
|
||||||
- name: UVICORN_PORT
|
- name: UVICORN_PORT
|
||||||
value: "8000"
|
value: "8000"
|
||||||
|
- name: DOCS
|
||||||
|
value: "true"
|
||||||
- name: UVICORN_SSL_CERTFILE
|
- name: UVICORN_SSL_CERTFILE
|
||||||
value: "/app/tls/tls.crt"
|
value: "/app/tls/tls.crt"
|
||||||
- name: UVICORN_SSL_KEYFILE
|
- name: UVICORN_SSL_KEYFILE
|
||||||
|
|||||||
@@ -197,6 +197,7 @@ EOT
|
|||||||
meta_description = ""
|
meta_description = ""
|
||||||
skip_path_regex = <<-EOT
|
skip_path_regex = <<-EOT
|
||||||
/sub/
|
/sub/
|
||||||
|
/dashboard/
|
||||||
/
|
/
|
||||||
EOT
|
EOT
|
||||||
meta_icon = "https://img.icons8.com/?size=100&id=fqAD3lAB6zTe&format=png&color=000000"
|
meta_icon = "https://img.icons8.com/?size=100&id=fqAD3lAB6zTe&format=png&color=000000"
|
||||||
|
|||||||
Reference in New Issue
Block a user