120 lines
5.5 KiB
Plaintext
Executable File
120 lines
5.5 KiB
Plaintext
Executable File
#!/usr/bin/env nu
|
|
# Info: Prepare for kubernetes default installation
|
|
# Author: JesusPerezLorenzo
|
|
# Release: 1.0.2
|
|
# Date: 30-12-2023
|
|
|
|
use lib_provisioning/cmd/env.nu *
|
|
use lib_provisioning/cmd/lib.nu *
|
|
|
|
use lib_provisioning/utils/ui.nu *
|
|
|
|
print $"(_ansi green_bold)OS(_ansi reset) with ($env.PROVISIONING_VARS) "
|
|
|
|
let defs = load_defs
|
|
|
|
if $env.PROVISIONING_RESOURCES == null {
|
|
print $"🛑 PROVISIONING_RESOURCES not found"
|
|
exit 1
|
|
}
|
|
let resources_path = $env.PROVISIONING_RESOURCES
|
|
if not ($resources_path | path exists) { ^mkdir -p $resources_path }
|
|
|
|
#let WORK_PATH = ${WORK_PATH:-/tmp}
|
|
#[ ! -d "$WORK_PATH" ] && mkdir -p "$WORK_PATH"
|
|
#export LC_CTYPE=C.UTF-8
|
|
#export LANG=C.UTF-8
|
|
|
|
export def copy_certs [
|
|
run_root: string
|
|
] {
|
|
let provision_path = ($defs.taskserv.prov_etcd_path | default "" | str replace "~" $env.HOME)
|
|
if $provision_path == "" {
|
|
print $"🛑 prov_path not found taskserv definition"
|
|
return false
|
|
}
|
|
let src = if ($defs.taskserv.prov_etcd_path | str starts-with "/" ) {
|
|
$defs.taskserv.prov_etcd_path
|
|
} else if ($defs.taskserv.prov_etcd_path | str starts-with "resources/" ) {
|
|
($env.PROVISIONING_SETTINGS_SRC_PATH | path join $defs.taskserv.prov_etcd_path)
|
|
} else {
|
|
($env.PROVISIONING_SETTINGS_SRC_PATH | path join "resources" | path join $defs.taskserv.prov_etcd_path)
|
|
}
|
|
let etcd_certs_path = ($defs.taskserv.etcd_certs_path | default "" | str replace "~" $env.HOME)
|
|
if $etcd_certs_path == "" { print "Error etcd_certs_path not found" ; exit 1 }
|
|
if not ($run_root | path join $etcd_certs_path | path exists) { ^mkdir -p ($run_root | path join $etcd_certs_path) }
|
|
let etcd_cluster_name = ($defs.taskserv.etcd_cluster_name | default "")
|
|
if $etcd_cluster_name == "" {
|
|
print $"🛑 etcd_cluster_name not found in taskserv definition"
|
|
return false
|
|
}
|
|
let etcd_peer = ($defs.taskserv.etcd_peers | default "")
|
|
for name in [ca $etcd_peer $etcd_cluster_name] {
|
|
if not ($src | path join $"($name).key" | path exists) { continue }
|
|
open ($src | path join $"($name).key") -r | from json |
|
|
if (sops_cmd "is_sops" ($src | path join $"($name).key")) {
|
|
let content = (sops_cmd "decrypt" ($src | path join $"($name).key") --error_exit)
|
|
if $content != "" { $content | save -f ($run_root | path join $etcd_certs_path | path join $"($name).key") }
|
|
} else {
|
|
cp ($src | path join $"($name).key") ($run_root | path join $etcd_certs_path | path join $"($name).key" )
|
|
}
|
|
}
|
|
if ($run_root | path join $etcd_certs_path | path join $"($etcd_peer).key" | path exists ) {
|
|
(cp ($run_root | path join $etcd_certs_path | path join $"($etcd_peer).key")
|
|
($run_root | path join $etcd_certs_path | path join "server.key"))
|
|
(mv ($run_root | path join $etcd_certs_path | path join $"($etcd_peer).key")
|
|
($run_root | path join $etcd_certs_path | path join "peer.key"))
|
|
}
|
|
if ($src | path join "ca.crt" | path exists) {
|
|
cp ($src | path join "ca.crt") ($run_root | path join $etcd_certs_path | path join "ca.crt")
|
|
}
|
|
if ($src | path join $"($etcd_peer).crt" | path exists) {
|
|
cp ($src | path join $"($etcd_peer).crt") ($run_root | path join $etcd_certs_path | path join "server.crt")
|
|
cp ($src | path join $"($etcd_peer).crt") ($run_root | path join $etcd_certs_path | path join "peer.crt")
|
|
}
|
|
if ($run_root | path join $etcd_certs_path | path join $"($etcd_cluster_name).key" | path exists) {
|
|
( mv ($run_root | path join $etcd_certs_path | path join $"($etcd_cluster_name).key")
|
|
($run_root | path join $etcd_certs_path | path join "healthcheck-client.key"))
|
|
}
|
|
if ($src | path join $"($etcd_cluster_name).crt" | path exists) {
|
|
( cp ($src | path join $"($etcd_cluster_name).crt")
|
|
($run_root | path join $etcd_certs_path | path join "healthcheck-client.crt"))
|
|
}
|
|
print $"ETCD Certs copied from ($src) to ($run_root | path join $etcd_certs_path)"
|
|
true
|
|
}
|
|
|
|
def main [] {
|
|
let K8S_MODE = ( $defs.taskserv.mode | default "")
|
|
let run_root = $env.PROVISIONING_WK_ENV_PATH
|
|
let TEMPLATES_PATH = ($run_root | path join "templates")
|
|
|
|
# If HOSTNAME == K8S_MASTER it will be MASTER_0
|
|
# othewise set HOSTNAME value to be resolved in same K8S_MASTER network
|
|
# By using -cp- as part of HOSTNAME will be consider node as controlpanel
|
|
# Other options = "-wk-0" or "-wkr-0" for worker nodes
|
|
|
|
#if ($defs.server.hostname | str contains "-cp-") and $K8S_MODE != "controlplane" and $K8S_MODE == "" {
|
|
let K8S_MASTER = if $defs.taskserv.cp_name == $defs.server.hostname {
|
|
($defs.server.hostname | default "")
|
|
} else {
|
|
($defs.taskserv.cp_name | default "")
|
|
}
|
|
let K8S_TPL = ($defs.taskserv.tpl | default "" | str replace ".j2" "")
|
|
let K8S_CONFIG = ($K8S_TPL | str replace ".j2" "")
|
|
#if ( $defs.server.hostname != "" and $defs.server.hostname == $K8S_MASTER
|
|
if ($K8S_MODE == "controlplane" and $K8S_TPL != "" ) {
|
|
if not ($run_root | path join "resources" | path exists) { ^mkdir -p ($run_root | path join "resources") }
|
|
if ($TEMPLATES_PATH | path join $K8S_TPL | path exists ) {
|
|
cp ($TEMPLATES_PATH | path join $K8S_TPL) ($run_root | path join "resources"| path join $K8S_CONFIG)
|
|
} else if ($TEMPLATES_PATH | path join $"($K8S_TPL).j2" | path exists) {
|
|
cp ($TEMPLATES_PATH | path join $"($K8S_TPL).j2") ($run_root | path join "resources"| path join $"($K8S_CONFIG).j2")
|
|
}
|
|
}
|
|
let res = if $K8S_MODE == "controlplane" and $defs.taskserv.etcd_mode == "external" {
|
|
copy_certs $run_root
|
|
} else { true }
|
|
rm -rf ($run_root | path join "templates")
|
|
$res
|
|
}
|