cert 2

deployment/certificate.yml

@@ -0,0 +1,24 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: exim-forwarder-cert
+spec:
+  secretName: exim-forwarder-cert
+  duration: 2160h
+  renewBefore: 360h
+  subject:
+    organizations:
+      - hottis-de
+  isCA: false
+  privateKey:
+    algorithm: RSA
+    encoding: PKCS1
+    size: 2048
+  usages:
+    - server auth
+  dnsNames:
+    - mx.hottis.de
+  issuerRef:
+    name: letsencrypt-staging-http
+    kind: ClusterIssuer
+    group: cert-manager.io

deployment/deploy-yml.tmpl

@@ -1,28 +1,3 @@
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
-  name: exim-forwarder-cert
-spec:
-  secretName: exim-forwarder-cert
-  duration: 2160h
-  renewBefore: 360h
-  subject:
-    organizations:
-      - hottis-de
-  isCA: false
-  privateKey:
-    algorithm: RSA
-    encoding: PKCS1
-    size: 2048
-  usages:
-    - server auth
-  dnsNames:
-    - mx.hottis.de
-  issuerRef:
-    name: letsencrypt-staging-http
-    kind: ClusterIssuer
-    group: cert-manager.io
----
 apiVersion: v1
 kind: ConfigMap
 metadata:

deployment/deploy.sh

@@ -17,7 +17,18 @@ kubectl create namespace $NAMESPACE \
   -o yaml | \
   kubectl -f - apply
 
+echo "Applying certificate..."
+kubectl apply -f $DEPLOYMENT_DIR/certificate.yml -n $NAMESPACE
 
+echo "Waiting for certificate secret to be created..."
+kubectl wait --for=condition=Ready certificate/exim-forwarder-cert -n $NAMESPACE --timeout=300s
+
+if [ $? -ne 0 ]; then
+  echo "Certificate secret creation failed or timed out"
+  exit 1
+fi
+
+echo "Certificate ready, applying deployment..."
 cat $DEPLOYMENT_DIR/deploy-yml.tmpl | \
   sed -e 's,%IMAGE%,'$IMAGE_NAME':'$IMAGE_TAG','g | \
   kubectl apply -f - -n $NAMESPACE

tools/forward_addresses

@@ -0,0 +1,2 @@
+wn@mainscnt.eu: wolfgang.hottgenroth@icloud.com
+wn@ib-hottgenroth.de: wolfgang.hottgenroth@icloud.com

tools/forward_domains

@@ -0,0 +1,2 @@
+mainscnt.eu
+ib-hottgenroth.de

tools/update-addresses.sh

@@ -0,0 +1,44 @@
+#!/bin/bash
+
+# Script to create and apply a ConfigMap from forward_addresses and forward_domains files
+# Usage: ./tools/update-addresses.sh [--dry-run]
+
+set -e
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+CONFIGMAP_NAME="exim-forwarder-config"
+NAMESPACE="forwarder"
+
+# Parse command line arguments
+DRY_RUN_FLAG=""
+if [[ "$1" == "--dry-run" ]]; then
+    DRY_RUN_FLAG="--dry-run=client"
+    echo "Running in dry-run mode..."
+fi
+
+# Check if files exist
+if [[ ! -f "$SCRIPT_DIR/forward_addresses" ]]; then
+    echo "Error: forward_addresses file not found"
+    exit 1
+fi
+
+if [[ ! -f "$SCRIPT_DIR/forward_domains" ]]; then
+    echo "Error: forward_domains file not found"
+    exit 1
+fi
+
+echo "Creating ConfigMap '$CONFIGMAP_NAME'..."
+
+# Create ConfigMap directly from files
+kubectl create configmap "$CONFIGMAP_NAME" \
+    --from-file=addresses="$SCRIPT_DIR/forward_addresses" \
+    --from-file=domains="$SCRIPT_DIR/forward_domains" \
+    --namespace="$NAMESPACE" \
+    --dry-run=client -o yaml | kubectl apply $DRY_RUN_FLAG -f -
+
+if [[ $? -eq 0 ]]; then
+    echo "ConfigMap successfully applied!"
+else
+    echo "Failed to apply ConfigMap"
+    exit 1
+fi