add udi-berresheim

deployment/decrypt-secrets.sh

@@ -11,6 +11,7 @@ if [ "$MD5_CHECKSUM" = "" ]; then
 fi
 
 SECRETS_CIPHERTEXT_FILE=secrets.enc
+SECRETS_PLAINTEXT_FILE=/tmp/secrets
 TMP_FILE=`mktemp`
 POD_NAME_SUFFIX=`date +%s`
 
@@ -36,6 +37,7 @@ if [ "$MD5_CHECKSUM" != "$CALCULATED_CHECKSUM" ]; then
   exit 1
 fi
 
-mv $TMP_FILE /tmp/$SECRETS_PLAINTEXT_FILE
+# cat $TMP_FILE
+mv $TMP_FILE $SECRETS_PLAINTEXT_FILE
 
 

deployment/deploy.sh

@@ -39,8 +39,8 @@ for NAMESPACE_DIR in `find $INSTANCES_DIR -type d -mindepth 1 -maxdepth 1`; do
     MQTT_PASSWORD_VARIABLE="$NAMESPACE""_""$INSTANCE""_MQTT_PASSWORD"
     MQTT_PASSWORD_VARIABLE=`echo $MQTT_PASSWORD_VARIABLE | tr - _`
     MQTT_PASSWORD="${!MQTT_PASSWORD_VARIABLE}"
-    echo "MQTT_PASSWORD_VARIABLE: $MQTT_PASSWORD_VARIABLE"
+    # echo "MQTT_PASSWORD_VARIABLE: $MQTT_PASSWORD_VARIABLE"
-    echo "MQTT_PASSWORD: $MQTT_PASSWORD"
+    # echo "MQTT_PASSWORD: $MQTT_PASSWORD"
     kubectl create secret generic $INSTANCE-mqtt-password \
       --from-literal=MQTT_PASSWORD="$MQTT_PASSWORD" \
       --dry-run=client \

deployment/load-config.sh

@@ -1,55 +0,0 @@
-#!/bin/bash
-
-FILE=$1
-if [ "$FILE" = "" ]; then
-  echo "give config file to load as first argument"
-  exit 1
-fi
-MQTT_PASSWORD=$2
-if [ "$MQTT_PASSWORD" = "" ]; then
-  echo "give mqtt password as second argument"
-  exit 1
-fi
-NAMESPACE=$3
-if [ "$NAMESPACE" = "" ]; then
-  echo "give namespace as third argument"
-  exit 1
-fi
-
-kubectl create secret generic udi-conf \
-  --from-literal=UDI_CONF="`cat $FILE`" \
-  -n $NAMESPACE \
-  --dry-run=client \
-  -o yaml \
-  --save-config | \
-kubectl apply -f -
-
-kubectl create secret generic mqtt-password \
-  --from-literal=MQTT_PASSWORD="$MQTT_PASSWORD" \
-  -n $NAMESPACE \
-  --dry-run=client \
-  -o yaml \
-  --save-config | \
-kubectl apply -f -
-
-. ~/Workspace/MyKubernetesEnv/ENVDB
-DATABASE="udi-$NAMESPACE"
-LOGIN="udi-$NAMESPACE"
-PASSWORD=`openssl rand -base64 24` 
-psql <<EOF
-ALTER USER "$LOGIN" WITH PASSWORD '$PASSWORD';
-GRANT ALL PRIVILEGES ON DATABASE "$DATABASE" TO "$LOGIN";
-COMMIT;
-EOF
-
-kubectl create secret generic udi-db-cred \
-  --dry-run=client \
-  -o yaml \
-  --save-config \
-  --from-literal=PGUSER="$LOGIN" \
-  --from-literal=PGHOST="timescaledb.database.svc.cluster.local" \
-  --from-literal=PGPASSWORD="$PASSWORD" \
-  --from-literal=PGSSLMODE="require" \
-  --from-literal=PGDATABASE="$DATABASE" | \
-kubectl apply -f - -n $NAMESPACE
-

deployment/secrets.enc

@@ -1,4 +1,7 @@
-U2FsdGVkX1+235sIaS3YkXthSjtLu/5ky8o0KGw4E0Bh2avnKV6Qg9XiKe5JnJOk
+U2FsdGVkX18MnwKVJuGzBEYaQZ74xtcnsCE5MkWYg91pKG16suIW8scUjW14Bdxt
-IQcWgB9rwqg1oNFD1diaotk5AEGvejJawiUcsvHywx7U0XqGt7vhNdf3tp/Mjc0z
+Q4UfE5cMeGMOYP2Yj/HY7gXZeDMJlAh/2d09DhL17h44Gdi8q3TMLJTSEGxx83cT
-BzbHykKfwnFzX3PACw78HJb+zk10DyDgEQ09o7wE6CZVCx5MXdbcZzrJ1a7a3edQ
+RyrbLIRwne8QDQipxzNRp2PdDrOwflxOCB1cdrhBg63OM7o37NIdYUIPtbsSl0td
-+FKkrwK5L/byPJk7lOmdOxC+Kq+uVGWRToUniABbYYaBDvtpXytan8BVZcKSjQQ/
+rdcDsPC6c214JKKl3FvZGKVgVWo3EUBj9QUwK0IqucI6UHy3D2PaJ8/H++M6gA3U
+u3qbPMCjqvjBFRnMxKrMVhfkHPxM3tLyF9+932Gj6DFlJZbZInDNAEf9mty7z5Zm
+u4WbzejtKqnnZznwAesrlV9DndEkr1QGJkXBmkfZ5gMrfZSaLlXadUklGoOjDZ+K
+Z2Z9wAgA8UjyMEYFO5ZrJ8t7FG6uMlZpILv8HshrGUY=