myLimbo/casa
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

imp: sync certs removed ansible playbook, changed env names - working using gitactions ci/cd
All checks were successful
/ deploy-to-homesrv01 (push) Successful in 3m18s
Details

Browse Source
This commit is contained in:
Márcio Fernandes
2025-10-18 20:40:48 +00:00
parent 8b5601f9db
commit f448b03ed7
4 changed files with 10 additions and 69 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
.gitea/workflows/deploy-sync-certs-job.yml
View File

@@ -13,9 +13,9 @@ jobs:
- name: docker compose up - name: docker compose up
env: env:
KUBERNETES_SERVER: ${{ secrets.KUBERNETES_SERVER }} KUBERNETES_SERVER: ${{ secrets.KUBERNETES_SERVER }}
KUBERNETES_CLIENT_CRT_DATA: ${{ secrets.KUBERNETES_CLIENT_CRT_DATA }} KUBERNETES_CLIENT_CRT_BASE64: ${{ secrets.KUBERNETES_CLIENT_CRT_BASE64 }}
KUBERNETES_CLIENT_KEY_DATA: ${{ secrets.KUBERNETES_CLIENT_KEY_DATA }} KUBERNETES_CLIENT_KEY_BASE64: ${{ secrets.KUBERNETES_CLIENT_KEY_BASE64 }}
KUBERNETES_CRT_AUTHORITY_DATA: ${{ secrets.KUBERNETES_CRT_AUTHORITY_DATA }} KUBERNETES_CRT_AUTHORITY_BASE64: ${{ secrets.KUBERNETES_CRT_AUTHORITY_BASE64 }}
run: | run: |
docker compose -f ./casa-limbosolutions-com/sync-certs-job/docker-compose.yaml up -d --pull always docker compose -f ./casa-limbosolutions-com/sync-certs-job/docker-compose.yaml up -d --pull always

0
casa-limbosolutions-com/sync-certs-job/README.md
View File

55
casa-limbosolutions-com/sync-certs-job/deploy.ansible.yaml
View File

@@ -1,55 +0,0 @@
- name: Deploy Sync certificates Job
hosts:
- homesrv01
vars:
context:
copy: true
register_cron: true
run_now: true
target_folder: "/etc/myLimbo/casa-limbo-solutions-com/sync-cert-jobs"
tasks:
- name: Enforce Target Folder
become: true
ansible.builtin.file:
path: "{{ context.target_folder }}"
state: directory
mode: '700' #only root
recurse: true
when: context.copy
- name: Copy Files
become: true
ansible.builtin.copy:
dest: "{{ context.target_folder }}"
src: "{{ item }}"
mode: '700' #only root
loop:
- ./docker-compose.yaml
- ./.env
when: context.copy
- name: Register Cron job
become: true
ansible.builtin.cron:
user: root
name: auto-update
weekday: "*"
minute: "0"
hour: "0"
job: "/usr/bin/docker compose -f {{ context.target_folder }}/docker-compose.yaml up | /usr/bin/logger -t mylimbo.casa-limbosolutions-com"
cron_file: mylimbo_casa-limbosolutions-com
when: context.register_cron
- name: Execute now
become: true
ansible.builtin.shell:
"/usr/bin/docker compose -f {{ context.target_folder }}/docker-compose.yaml up"
register: exec_now_output
when: context.run_now
- name: Execute now - stdout
ansible.builtin.debug:
var: exec_now_output.stdout_lines
when: context.run_now

18
casa-limbosolutions-com/sync-certs-job/docker-compose.yaml
View File

@@ -4,22 +4,18 @@ configs:
content: | content: |
#!/bin/bash #!/bin/bash
############################################################################################################################## ##############################################################################################################################
# notes:
# --certificate-authority="$${KUBERNETES_CRT_AUTHORITY}" not working, dont hnow why, so using --insecure-skip-tls-verify
##############################################################################################################################
set -e set -e
mkdir -p /tmp/.kube mkdir -p /tmp/.kube
echo "Trace: Setup kube" echo "Trace: Setup kube"
echo "Trace: Processing KUBERNETES_CRT_AUTHORITY_DATA" echo "Trace: Processing KUBERNETES_CRT_AUTHORITY_BASE64"
base64 -d <<< "${KUBERNETES_CRT_AUTHORITY_DATA}" > "$${KUBERNETES_CRT_AUTHORITY}" base64 -d <<< "${KUBERNETES_CRT_AUTHORIT_BASE64}" > "$${KUBERNETES_CRT_AUTHORITY}"
echo "Trace: Processing KUBERNETES_CLIENT_CRT_DATA" echo "Trace: Processing KUBERNETES_CLIENT_CRT_BASE64"
base64 -d <<< "${KUBERNETES_CLIENT_CRT_DATA}" > "$${KUBERNETES_CLIENT_CRT}" base64 -d <<< "${KUBERNETES_CLIENT_CRT_BASE64}" > "$${KUBERNETES_CLIENT_CRT}"
echo "Trace: Processing KUBERNETES_CLIENT_KEY_DATA" echo "Trace: Processing KUBERNETES_CLIENT_KEY_BASE64"
base64 -d <<< "${KUBERNETES_CLIENT_KEY_DATA}" > "$${KUBERNETES_CLIENT_KEY}" base64 -d <<< "${KUBERNETES_CLIENT_KEY_BASE64}" > "$${KUBERNETES_CLIENT_KEY}"
# while true ; do # while true ; do
# sleep 5 # sleep 5
@@ -48,7 +44,7 @@ configs:
while IFS=' ' read -r KEY VALUE; do while IFS=' ' read -r KEY VALUE; do
echo "Processing key: $$KEY" echo "Processing key: $$KEY"
# Decode the base64 value and save it to the appropriate file # Decode the base64 value and save it to the appropriate file
echo "Trace: Saving key: $$KEY" echo "Trace: Saving key: /etc/ssl/certs/casa-limbosolutions-com-certs/$${CERT_NAME}_$${KEY}"
echo "$$VALUE" | base64 -d > "/etc/ssl/certs/casa-limbosolutions-com-certs/$${CERT_NAME}_$${KEY}" echo "$$VALUE" | base64 -d > "/etc/ssl/certs/casa-limbosolutions-com-certs/$${CERT_NAME}_$${KEY}"
done done
done done