2024-05-01 09:29:32 +00:00
|
|
|
#!/bin/bash -e
|
|
|
|
set -o pipefail
|
|
|
|
|
|
|
|
function kapply() {
|
|
|
|
for f in "$@"; do
|
2024-12-23 03:35:45 +00:00
|
|
|
kubectl apply -f <(envsubst < "manifests/$f")
|
2024-05-01 09:29:32 +00:00
|
|
|
done
|
2024-12-23 03:35:45 +00:00
|
|
|
}; export -f kapply
|
2024-05-01 09:29:32 +00:00
|
|
|
|
|
|
|
function kcreatesec() {
|
2024-12-23 03:35:45 +00:00
|
|
|
kubectl create secret generic --dry-run=client -oyaml "$@" | kubectl replace -f-
|
|
|
|
}; export -f kcreatesec
|
2024-05-01 09:29:32 +00:00
|
|
|
|
|
|
|
function kcreatecm() {
|
2024-12-23 03:35:45 +00:00
|
|
|
kubectl create configmap --dry-run=client -oyaml "$@" | kubectl replace -f-
|
|
|
|
}; export -f kcreatecm
|
2024-05-01 09:29:32 +00:00
|
|
|
|
|
|
|
function kgseckey() {
|
|
|
|
local sec="$1"; shift
|
|
|
|
local key="$1"; shift
|
|
|
|
|
2024-12-23 03:35:45 +00:00
|
|
|
if ! kubectl get secret "$sec" -ojson | jq -re ".data.\"$key\" // empty" | base64 -d; then
|
|
|
|
return 1
|
|
|
|
fi
|
|
|
|
}; export -f kgseckey
|
2024-05-01 09:29:32 +00:00
|
|
|
|
|
|
|
function kgcmkey() {
|
2024-12-23 03:35:45 +00:00
|
|
|
local cm="$1"; shift
|
2024-05-01 09:29:32 +00:00
|
|
|
local key="$1"; shift
|
|
|
|
|
2024-12-23 03:35:45 +00:00
|
|
|
if ! kubectl get configmap "$cm" -ojson | jq -re ".data.\"$key\" // empty"; then
|
|
|
|
return 1
|
|
|
|
fi
|
|
|
|
}; export -f kgcmkey
|
2024-05-01 09:29:32 +00:00
|
|
|
|
|
|
|
function get_synapse_key() {
|
2024-12-28 13:02:43 +00:00
|
|
|
kgcmkey synapse homeserver.yaml | awk -F\" "/^\s*$1/{print \$2}" || openssl rand -hex 32
|
2024-05-01 09:29:32 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
kapply common/db.yaml
|
|
|
|
|
|
|
|
export POSTGRES_HOST; POSTGRES_HOST="$(kgseckey postgres-app host)"
|
|
|
|
export POSTGRES_PORT; POSTGRES_PORT="$(kgseckey postgres-app port)"
|
|
|
|
export POSTGRES_DB; POSTGRES_DB="$(kgseckey postgres-app dbname)"
|
|
|
|
export POSTGRES_USER; POSTGRES_USER="$(kgseckey postgres-app user)"
|
|
|
|
export POSTGRES_PASSWORD; POSTGRES_PASSWORD="$(kgseckey postgres-app password)"
|
|
|
|
|
|
|
|
export API_SECRET; API_SECRET="$(get_synapse_key macaroon_secret_key)"
|
|
|
|
export TURN_SHARED_SECRET; TURN_SHARED_SECRET="$(get_synapse_key turn_shared_secret)"
|
|
|
|
export REGISTRATION_SECRET; REGISTRATION_SECRET="$(get_synapse_key registration_shared_secret)"
|
|
|
|
|
2024-05-15 21:43:25 +00:00
|
|
|
kcreatecm synapse \
|
2024-12-28 13:02:43 +00:00
|
|
|
--from-file=homeserver.yaml=<(envsubst < config/homeserver.yaml) \
|
|
|
|
--from-file=log.config=<(envsubst < config/log.config)
|
2024-05-01 09:29:32 +00:00
|
|
|
|
2024-05-15 21:49:45 +00:00
|
|
|
kapply common/keys.yaml common/app.yaml
|
2024-05-01 09:29:32 +00:00
|
|
|
|
|
|
|
kubectl rollout restart statefulset app
|