deployments/exim-forwarder
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

cert 2
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details

Browse Source
This commit is contained in:
Wolfgang Hottgenroth
2025-10-23 20:55:27 +02:00
parent d448547067
commit 7d05462d3f
6 changed files with 83 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
deployment/certificate.yml Normal file
View File

@@ -0,0 +1,24 @@
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: exim-forwarder-cert
spec:
secretName: exim-forwarder-cert
duration: 2160h
renewBefore: 360h
subject:
organizations:
- hottis-de
isCA: false
privateKey:
algorithm: RSA
encoding: PKCS1
size: 2048
usages:
- server auth
dnsNames:
- mx.hottis.de
issuerRef:
name: letsencrypt-staging-http
kind: ClusterIssuer
group: cert-manager.io

25
deployment/deploy-yml.tmpl
View File

@@ -1,28 +1,3 @@
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: exim-forwarder-cert
spec:
secretName: exim-forwarder-cert
duration: 2160h
renewBefore: 360h
subject:
organizations:
- hottis-de
isCA: false
privateKey:
algorithm: RSA
encoding: PKCS1
size: 2048
usages:
- server auth
dnsNames:
- mx.hottis.de
issuerRef:
name: letsencrypt-staging-http
kind: ClusterIssuer
group: cert-manager.io
---
apiVersion: v1 apiVersion: v1
kind: ConfigMap kind: ConfigMap
metadata: metadata:

11
deployment/deploy.sh
View File

@@ -17,7 +17,18 @@ kubectl create namespace $NAMESPACE \
-o yaml | \ -o yaml | \
kubectl -f - apply kubectl -f - apply
echo "Applying certificate..."
kubectl apply -f $DEPLOYMENT_DIR/certificate.yml -n $NAMESPACE
echo "Waiting for certificate secret to be created..."
kubectl wait --for=condition=Ready certificate/exim-forwarder-cert -n $NAMESPACE --timeout=300s
if [ $? -ne 0 ]; then
echo "Certificate secret creation failed or timed out"
exit 1
fi
echo "Certificate ready, applying deployment..."
cat $DEPLOYMENT_DIR/deploy-yml.tmpl | \ cat $DEPLOYMENT_DIR/deploy-yml.tmpl | \
sed -e 's,%IMAGE%,'$IMAGE_NAME':'$IMAGE_TAG','g | \ sed -e 's,%IMAGE%,'$IMAGE_NAME':'$IMAGE_TAG','g | \
kubectl apply -f - -n $NAMESPACE kubectl apply -f - -n $NAMESPACE

2
tools/forward_addresses Normal file
View File

@@ -0,0 +1,2 @@
wn@mainscnt.eu: wolfgang.hottgenroth@icloud.com
wn@ib-hottgenroth.de: wolfgang.hottgenroth@icloud.com

2
tools/forward_domains Normal file
View File

@@ -0,0 +1,2 @@
mainscnt.eu
ib-hottgenroth.de

44
tools/update-addresses.sh Executable file
View File

@@ -0,0 +1,44 @@
#!/bin/bash
# Script to create and apply a ConfigMap from forward_addresses and forward_domains files
# Usage: ./tools/update-addresses.sh [--dry-run]
set -e
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
CONFIGMAP_NAME="exim-forwarder-config"
NAMESPACE="forwarder"
# Parse command line arguments
DRY_RUN_FLAG=""
if [[ "$1" == "--dry-run" ]]; then
DRY_RUN_FLAG="--dry-run=client"
echo "Running in dry-run mode..."
fi
# Check if files exist
if [[ ! -f "$SCRIPT_DIR/forward_addresses" ]]; then
echo "Error: forward_addresses file not found"
exit 1
fi
if [[ ! -f "$SCRIPT_DIR/forward_domains" ]]; then
echo "Error: forward_domains file not found"
exit 1
fi
echo "Creating ConfigMap '$CONFIGMAP_NAME'..."
# Create ConfigMap directly from files
kubectl create configmap "$CONFIGMAP_NAME" \
--from-file=addresses="$SCRIPT_DIR/forward_addresses" \
--from-file=domains="$SCRIPT_DIR/forward_domains" \
--namespace="$NAMESPACE" \
--dry-run=client -o yaml | kubectl apply $DRY_RUN_FLAG -f -
if [[ $? -eq 0 ]]; then
echo "ConfigMap successfully applied!"
else
echo "Failed to apply ConfigMap"
exit 1
fi