diff --git a/deployment/certificate.yml b/deployment/certificate.yml new file mode 100644 index 0000000..bbac368 --- /dev/null +++ b/deployment/certificate.yml @@ -0,0 +1,24 @@ +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: exim-forwarder-cert +spec: + secretName: exim-forwarder-cert + duration: 2160h + renewBefore: 360h + subject: + organizations: + - hottis-de + isCA: false + privateKey: + algorithm: RSA + encoding: PKCS1 + size: 2048 + usages: + - server auth + dnsNames: + - mx.hottis.de + issuerRef: + name: letsencrypt-staging-http + kind: ClusterIssuer + group: cert-manager.io \ No newline at end of file diff --git a/deployment/deploy-yml.tmpl b/deployment/deploy-yml.tmpl index f13adee..f510147 100644 --- a/deployment/deploy-yml.tmpl +++ b/deployment/deploy-yml.tmpl @@ -1,28 +1,3 @@ -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: exim-forwarder-cert -spec: - secretName: exim-forwarder-cert - duration: 2160h - renewBefore: 360h - subject: - organizations: - - hottis-de - isCA: false - privateKey: - algorithm: RSA - encoding: PKCS1 - size: 2048 - usages: - - server auth - dnsNames: - - mx.hottis.de - issuerRef: - name: letsencrypt-staging-http - kind: ClusterIssuer - group: cert-manager.io ---- apiVersion: v1 kind: ConfigMap metadata: diff --git a/deployment/deploy.sh b/deployment/deploy.sh index 58a326b..dae0a54 100755 --- a/deployment/deploy.sh +++ b/deployment/deploy.sh @@ -17,7 +17,18 @@ kubectl create namespace $NAMESPACE \ -o yaml | \ kubectl -f - apply +echo "Applying certificate..." +kubectl apply -f $DEPLOYMENT_DIR/certificate.yml -n $NAMESPACE +echo "Waiting for certificate secret to be created..." +kubectl wait --for=condition=Ready certificate/exim-forwarder-cert -n $NAMESPACE --timeout=300s + +if [ $? -ne 0 ]; then + echo "Certificate secret creation failed or timed out" + exit 1 +fi + +echo "Certificate ready, applying deployment..." cat $DEPLOYMENT_DIR/deploy-yml.tmpl | \ sed -e 's,%IMAGE%,'$IMAGE_NAME':'$IMAGE_TAG','g | \ kubectl apply -f - -n $NAMESPACE diff --git a/tools/forward_addresses b/tools/forward_addresses new file mode 100644 index 0000000..5342a83 --- /dev/null +++ b/tools/forward_addresses @@ -0,0 +1,2 @@ +wn@mainscnt.eu: wolfgang.hottgenroth@icloud.com +wn@ib-hottgenroth.de: wolfgang.hottgenroth@icloud.com diff --git a/tools/forward_domains b/tools/forward_domains new file mode 100644 index 0000000..dc250fd --- /dev/null +++ b/tools/forward_domains @@ -0,0 +1,2 @@ +mainscnt.eu +ib-hottgenroth.de diff --git a/tools/update-addresses.sh b/tools/update-addresses.sh new file mode 100755 index 0000000..fb4c3a0 --- /dev/null +++ b/tools/update-addresses.sh @@ -0,0 +1,44 @@ +#!/bin/bash + +# Script to create and apply a ConfigMap from forward_addresses and forward_domains files +# Usage: ./tools/update-addresses.sh [--dry-run] + +set -e + +SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +CONFIGMAP_NAME="exim-forwarder-config" +NAMESPACE="forwarder" + +# Parse command line arguments +DRY_RUN_FLAG="" +if [[ "$1" == "--dry-run" ]]; then + DRY_RUN_FLAG="--dry-run=client" + echo "Running in dry-run mode..." +fi + +# Check if files exist +if [[ ! -f "$SCRIPT_DIR/forward_addresses" ]]; then + echo "Error: forward_addresses file not found" + exit 1 +fi + +if [[ ! -f "$SCRIPT_DIR/forward_domains" ]]; then + echo "Error: forward_domains file not found" + exit 1 +fi + +echo "Creating ConfigMap '$CONFIGMAP_NAME'..." + +# Create ConfigMap directly from files +kubectl create configmap "$CONFIGMAP_NAME" \ + --from-file=addresses="$SCRIPT_DIR/forward_addresses" \ + --from-file=domains="$SCRIPT_DIR/forward_domains" \ + --namespace="$NAMESPACE" \ + --dry-run=client -o yaml | kubectl apply $DRY_RUN_FLAG -f - + +if [[ $? -eq 0 ]]; then + echo "ConfigMap successfully applied!" +else + echo "Failed to apply ConfigMap" + exit 1 +fi \ No newline at end of file