deployments/bind
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

transfer key to secret
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details

Browse Source
This commit is contained in:
Wolfgang Hottgenroth
2025-10-27 13:52:11 +01:00
parent 6b6e5d969b
commit 92ddbcdf4d
4 changed files with 19 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored Normal file
View File

@@ -0,0 +1 @@
deployment/transfer-key.conf

24
deployment/deploy-yml.tmpl
View File

@@ -25,8 +25,9 @@ spec:
volumeMounts: volumeMounts:
- name: bind-zones - name: bind-zones
mountPath: /etc/named/zones mountPath: /etc/named/zones
- name: bind-keys - name: transfer-key-secret
mountPath: /etc/named/keys mountPath: /etc/named/keys
readOnly: true
resources: resources:
requests: requests:
memory: "128Mi" memory: "128Mi"
@@ -48,9 +49,9 @@ spec:
- name: bind-zones - name: bind-zones
persistentVolumeClaim: persistentVolumeClaim:
claimName: bind-hidden-primary-zones claimName: bind-hidden-primary-zones
- name: bind-keys - name: transfer-key-secret
persistentVolumeClaim: secret:
claimName: bind-hidden-primary-keys secretName: transfer-key
--- ---
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
@@ -81,19 +82,6 @@ spec:
- ReadWriteOnce - ReadWriteOnce
resources: resources:
requests: requests:
storage: 100Mi storage: 1Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: bind-hidden-primary-keys
labels:
app: bind-hidden-primary
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 100Mi

12
deployment/deploy.sh
View File

@@ -12,11 +12,23 @@ DEPLOYMENT_DIR=$PWD/deployment
pushd $DEPLOYMENT_DIR > /dev/null pushd $DEPLOYMENT_DIR > /dev/null
if [ ! -f transfer-key.conf ]; then
gpg --decrypt --passphrase $GPG_PASSPHRASE --yes --batch --homedir /tmp/.gnupg --output transfer-key.conf transfer-key.conf.asc
fi
kubectl create namespace $NAMESPACE \ kubectl create namespace $NAMESPACE \
--dry-run=client \ --dry-run=client \
-o yaml | \ -o yaml | \
kubectl -f - apply kubectl -f - apply
# Create secret for transfer-key
kubectl create secret generic transfer-key \
--from-file=transfer-key.conf=transfer-key.conf \
--namespace=$NAMESPACE \
--dry-run=client \
-o yaml | \
kubectl apply -f -
cat $DEPLOYMENT_DIR/deploy-yml.tmpl | \ cat $DEPLOYMENT_DIR/deploy-yml.tmpl | \
sed -e 's,%IMAGE%,'$IMAGE_NAME':'$IMAGE_TAG','g | \ sed -e 's,%IMAGE%,'$IMAGE_NAME':'$IMAGE_TAG','g | \

1
start.sh
View File

@@ -8,7 +8,6 @@ INITIALLY_INSTALLED_FLAG="/etc/named/zones/initialized"
if [ ! -f $INITIALLY_INSTALLED_FLAG ]; then if [ ! -f $INITIALLY_INSTALLED_FLAG ]; then
echo "Initialized ..." echo "Initialized ..."
touch $INITIALLY_INSTALLED_FLAG touch $INITIALLY_INSTALLED_FLAG
cp /etc/named-dist/transfer-key.conf /etc/named/keys/transfer-key.conf
cp /etc/named-dist/zones.conf /etc/named/zones/zones.conf cp /etc/named-dist/zones.conf /etc/named/zones/zones.conf
cp /etc/named-dist/whiskeylimahotel.de.zone /etc/named/zones/whiskeylimahotel.de.zone cp /etc/named-dist/whiskeylimahotel.de.zone /etc/named/zones/whiskeylimahotel.de.zone
else else