Commit dca035d8 authored by Dmytro Bogatov's avatar Dmytro Bogatov 💕

Finally get ready for production.

parent b98b6589
......@@ -20,8 +20,19 @@ do
cp sources/service/{ingress,service,deployment}.yaml services/$service
if [ "$service" == "moon-travel-com-ua" ]
then
URL="moon-travel.com.ua"
elif [ "$service" == "veles-russia-com" ]
then
URL="veles-russia.com"
else
URL=${service//-/.}
fi
sed -i -e "s#__NAME__#$service#g" services/$service/{ingress,service,deployment}.yaml
sed -i -e "s#__IMAGE__#${SERVICES[${service}]}#g" services/$service/{ingress,service,deployment}.yaml
sed -i -e "s#__URL__#$URL#g" services/$service/{ingress,service,deployment}.yaml
done
### Dashboard OAuth
......
......@@ -24,13 +24,24 @@ for domain in "${!DOMAINS[@]}"
do
echo "Setting $domain..."
curl -X PUT -d "${DOMAINS[${domain}]}" --user $EMAIL:$PASSWORD https://box.dbogatov.org/admin/dns/custom/$domain/A
curl -X PUT -d "${DOMAINS[${domain}]}" --user $EMAIL:$PASSWORD https://box.dbogatov.org/admin/dns/custom/www.$domain/A
curl -X PUT -d "${DOMAINS[${domain}]}" --user $EMAIL:$PASSWORD https://box.dbogatov.org/admin/dns/custom/*.$domain/A
VALUES=($(dig +short A ${DOMAINS[${domain}]}))
curl -X DELETE --user $EMAIL:$PASSWORD https://box.dbogatov.org/admin/dns/custom/$domain/CNAME
curl -X DELETE --user $EMAIL:$PASSWORD https://box.dbogatov.org/admin/dns/custom/www.$domain/CNAME
curl -X DELETE --user $EMAIL:$PASSWORD https://box.dbogatov.org/admin/dns/custom/*.$domain/CNAME
echo "Removing A records for $domain, *.$domain and www.$domain"
curl -X DELETE --user $EMAIL:$PASSWORD https://box.dbogatov.org/admin/dns/custom/$domain/A
curl -X DELETE --user $EMAIL:$PASSWORD https://box.dbogatov.org/admin/dns/custom/www.$domain/A
curl -X DELETE --user $EMAIL:$PASSWORD https://box.dbogatov.org/admin/dns/custom/*.$domain/A
for value in ${VALUES[@]}
do
echo "Setting A record value $value for $domain, *.$domain and www.$domain"
curl -X POST -d "$value" --user $EMAIL:$PASSWORD https://box.dbogatov.org/admin/dns/custom/$domain/A
curl -X POST -d "$value" --user $EMAIL:$PASSWORD https://box.dbogatov.org/admin/dns/custom/www.$domain/A
curl -X POST -d "$value" --user $EMAIL:$PASSWORD https://box.dbogatov.org/admin/dns/custom/*.$domain/A
done
done
......
......@@ -19,9 +19,17 @@ spec:
serviceName: kubernetes-dashboard
servicePort: 443
path: /
- host: dashboard.dbogatov.org
http:
paths:
- backend:
serviceName: kubernetes-dashboard
servicePort: 443
path: /
tls:
- hosts:
- dashboard-dbogatov-org.cluster.dbogatov.org
- dashboard.dbogatov.org
secretName: lets-encrypt
---
......@@ -42,7 +50,15 @@ spec:
serviceName: oauth2-proxy
servicePort: 4180
path: /oauth2
- host: dashboard.dbogatov.org
http:
paths:
- backend:
serviceName: oauth2-proxy
servicePort: 4180
path: /oauth2
tls:
- hosts:
- dashboard-dbogatov-org.cluster.dbogatov.org
- dashboard.dbogatov.org
secretName: lets-encrypt
......@@ -39,21 +39,20 @@ SERVICES["blog-bogatov-kiev-ua"]="registry.dbogatov.org/daddy/blog-bogatov-kiev-
declare -A DOMAINS
MAINADDR="165.227.217.186"
PHOTOBARRATADDR="192.241.158.207"
DOMAINS["dbogatov.org"]=$MAINADDR
DOMAINS["bogatov.kiev.ua"]=$MAINADDR
DOMAINS["darinagulley.com"]=$MAINADDR
DOMAINS["moon-travel.com.ua"]=$MAINADDR
DOMAINS["nigmatullina.org"]=$MAINADDR
DOMAINS["photobarrat.com"]=$PHOTOBARRATADDR
DOMAINS["res-public.net"]=$MAINADDR
DOMAINS["shevastream.com"]=$MAINADDR
DOMAINS["travelus.com.ua"]=$MAINADDR
DOMAINS["veles-russia.com"]=$MAINADDR
DOMAINS["visajapan.com.ua"]=$MAINADDR
DOMAINS["visasupport.com.ua"]=$MAINADDR
DOMAINS["visasupport.kiev.ua"]=$MAINADDR
DOMAINS["vleskniga.com"]=$MAINADDR
DOMAINS["votings.net"]=$MAINADDR
AVALUE="dolores-workers.digital-ocean.dbogatov.org"
DOMAINS["dbogatov.org"]=$AVALUE
DOMAINS["bogatov.kiev.ua"]=$AVALUE
DOMAINS["darinagulley.com"]=$AVALUE
DOMAINS["moon-travel.com.ua"]=$AVALUE
DOMAINS["nigmatullina.org"]=$AVALUE
DOMAINS["photobarrat.com"]=$AVALUE
DOMAINS["res-public.net"]=$AVALUE
DOMAINS["shevastream.com"]=$AVALUE
DOMAINS["travelus.com.ua"]=$AVALUE
DOMAINS["veles-russia.com"]=$AVALUE
DOMAINS["visajapan.com.ua"]=$AVALUE
DOMAINS["visasupport.com.ua"]=$AVALUE
DOMAINS["visasupport.kiev.ua"]=$AVALUE
DOMAINS["vleskniga.com"]=$AVALUE
DOMAINS["votings.net"]=$AVALUE
......@@ -6,7 +6,7 @@ metadata:
labels:
application: __NAME__
spec:
replicas: 2
replicas: 3
selector:
matchLabels:
application: __NAME__
......
......@@ -11,9 +11,25 @@ metadata:
spec:
tls:
- hosts:
- __URL__
- www.__URL__
- __NAME__.cluster.dbogatov.org
secretName: lets-encrypt
rules:
- host: "__URL__"
http:
paths:
- path: /
backend:
serviceName: __NAME__
servicePort: 80
- host: "www.__URL__"
http:
paths:
- path: /
backend:
serviceName: __NAME__
servicePort: 80
- host: "__NAME__.cluster.dbogatov.org"
http:
paths:
......
......@@ -12,6 +12,7 @@ spec:
tls:
- hosts:
- status-dbogatov-org.cluster.dbogatov.org
- status.dbogatov.org
secretName: lets-encrypt
rules:
- host: "status-dbogatov-org.cluster.dbogatov.org"
......@@ -21,3 +22,10 @@ spec:
backend:
serviceName: nginx
servicePort: 80
- host: "status.dbogatov.org"
http:
paths:
- path: /
backend:
serviceName: nginx
servicePort: 80
......@@ -16,8 +16,8 @@ module "digital-ocean-dolores" {
image = "coreos-stable"
controller_count = 1
controller_type = "s-1vcpu-1gb"
worker_count = 2
worker_type = "s-1vcpu-2gb"
worker_count = 3
worker_type = "s-2vcpu-2gb"
ssh_fingerprints = ["df:a9:7f:e1:e5:e8:c7:3e:2c:c3:a9:ac:7c:bd:e7:a6"]
# output assets dir
......
......@@ -4,13 +4,53 @@ set -e
shopt -s globstar
source sources/data.sh
declare -A DOMAINS
for service in "${!SERVICES[@]}"
# Have not decided what the value should mean...
DOMAINS["dbogatov.org"]=true
DOMAINS["status.dbogatov.org"]=false
DOMAINS["blog.dbogatov.org"]=false
DOMAINS["legacy.dbogatov.org"]=false
DOMAINS["push.dbogatov.org"]=false
DOMAINS["socialimps.dbogatov.org"]=false
DOMAINS["mail.dbogatov.org"]=false
DOMAINS["dns.dbogatov.org"]=false
DOMAINS["dashboard.dbogatov.org"]=false
DOMAINS["bogatov.kiev.ua"]=true
DOMAINS["blog.bogatov.kiev.ua"]=false
DOMAINS["visasupport.com.ua"]=true
DOMAINS["zima.visasupport.com.ua"]=false
DOMAINS["visasupport.kiev.ua"]=true
DOMAINS["eu.visasupport.kiev.ua"]=false
DOMAINS["lp.visasupport.kiev.ua"]=false
DOMAINS["darinagulley.com"]=true
DOMAINS["moon-travel.com.ua"]=true
DOMAINS["nigmatullina.org"]=true
DOMAINS["photobarrat.com"]=true
DOMAINS["shevastream.com/home"]=true
DOMAINS["travelus.com.ua"]=true
DOMAINS["veles-russia.com"]=true
DOMAINS["visajapan.com.ua"]=true
DOMAINS["vleskniga.com"]=true
for domain in "${!DOMAINS[@]}"
do
echo "Testing $service..."
code=$(curl -s -o /dev/null -I -w "%{http_code}" https://$domain)
curl -I $service.cluster.dbogatov.org
echo "$code : $domain"
done
echo "Done!"
#!/usr/bin/env bash
set -e
shopt -s globstar
if [ $# -ne 1 ]
then
echo "Usage: $0 <CLIENT_KEY_NAME>"
exit
fi
KEY_NAME=$1
NAMESPACE=$(kubectl get pods --all-namespaces -l type=openvpn -o jsonpath='{.items[0].metadata.namespace}')
POD_NAME=$(kubectl get pods -n $NAMESPACE -l type=openvpn -o jsonpath='{.items[0].metadata.name}')
SERVICE_NAME=$(kubectl get svc -n $NAMESPACE -l type=openvpn -o jsonpath='{.items[0].metadata.name}')
SERVICE_IP="159.89.32.60"
# $(kubectl get svc -n $NAMESPACE $SERVICE_NAME -o go-template='{{range $k, $v := (index .status.loadBalancer.ingress 0)}}{{$v}}{{end}}')
kubectl -n $NAMESPACE exec -it $POD_NAME /etc/openvpn/setup/newClientCert.sh $KEY_NAME $SERVICE_IP
kubectl -n $NAMESPACE exec -it $POD_NAME cat /etc/openvpn/certs/pki/$KEY_NAME.ovpn > $KEY_NAME.ovpn
......@@ -21,7 +21,6 @@ DOMAINS["mattermost.dbogatov.org"]=false
DOMAINS["minecraft.dbogatov.org"]=false
DOMAINS["ci.dbogatov.org"]=false
DOMAINS["registry.dbogatov.org"]=false
DOMAINS["dns.dbogatov.org"]=false
DOMAINS["bogatov.kiev.ua"]=true
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment