Deploy oas-cluster-variables from .env file

9f18912e · Varac · fe6c3302 · 9f18912e · 9f18912e · fe6c3302
Unverified Commit 9f18912e authored 3 years ago by Varac
--- a/flux2/apps/nextcloud/release.yaml
+++ b/flux2/apps/nextcloud/release.yaml
@@ -24,7 +24,7 @@ spec:
        password: "${nextcloud_password}"
        mail:
          enabled: ${outgoing_mail_enabled}
-          fromAddress: "${outgoing_mail_from_prefix}"
+          fromAddress: "${outgoing_mail_from_address}"
          domain: "${outgoing_mail_domain}"
          smtp:
            host: "${outgoing_mail_smtp_host}"

--- a/install/.env.example
+++ b/install/.env.example
+ip_address=1.2.3.4
+domain=example.org
+# Needs to be a real email address (or at least not @example.com) for LE
+admin_email=admin@example.org
+
+# Outgoing mail: even though we disable it, we need values for them, because
+# Kustomize still wants to substitute them.
+outgoing_mail_enabled=false
+outgoing_mail_from_address=admin@example.org
+outgoing_mail_domain=oas.example.org
+outgoing_mail_smtp_password=CHANGEME
+# Example data for Greenhost SMTP login
+outgoing_mail_smtp_host=smtp.greenhost.nl
+outgoing_mail_smtp_authtype=LOGIN
+outgoing_mail_smtp_port=587
+outgoing_mail_smtp_user=info@example.org
+
+# ACME staging server address
+acme_server=https://acme-v02.api.letsencrypt.org/directory
+# Used to let some programs accept insecure certificates
+acme_staging=false
+# On development setups please use Letsencrypts staging API *AND*
+# set the `acme_staging` var to true
+# acme_server=https://acme-staging-v02.api.letsencrypt.org/directory
+# acme_staging=true
+
+
+# (Example) backup data
+backup_s3_bucket=oas.greenhost.net
+backup_s3_prefix=ci-prefix
+backup_s3_url=https://store.greenhost.net
+backup_s3_region=ceph
+backup_s3_aws_access_key_id=example-access-key-id
+backup_s3_aws_secret_access_key=example-secret-access-key
--- a/install/ci-write-variable-files.sh
+++ b/install/ci-write-variable-files.sh
-#!/bin/bash
-# Writes variables to files, then applies the kustomization that makes the
-# `oas-cluster-variables` secret that is needed by OAS installation
-
-ip_address=$1
-domain=$2
-
-echo "running with IP address: '$ip_address' and domain: '$domain'"
-
-cd "$( dirname "${BASH_SOURCE[0]}" )/installation-kustomization"
-
-
-echo "$domain" > domain
-# Needs to be a real email address (or at least not @example.com) for LE
-echo "info@openappstack.net" > admin_email
-
-# Outgoing mail: even though we disable it, we need values for them, because
-# Kustomize still wants to substitute them.
-echo "false" > outgoing_mail_enabled
-echo "admin@example.com" > outgoing_mail_from_address
-echo "admin" > outgoing_mail_from_prefix
-echo "example.com" > outgoing_mail_domain
-echo "example-password" > outgoing_mail_smtp_password
-
-# Example data for Greenhost SMTP login
-echo "smtp.greenhost.nl" > outgoing_mail_smtp_host
-echo "LOGIN" > outgoing_mail_smtp_authtype
-echo "587" > outgoing_mail_smtp_port
-echo "info@example.com" > outgoing_mail_smtp_user
-
-# ACME staging server address
-echo "https://acme-staging-v02.api.letsencrypt.org/directory" > acme_server
-# Used to let some programs accept insecure certificates
-echo "true" > acme_staging
-
-echo "$ip_address" > ip_address
-
-# (Example) backup data
-echo "oas.greenhost.net" > backup_s3_bucket
-echo "ci-prefix" > backup_s3_prefix
-echo "https://store.greenhost.net" > backup_s3_url
-echo "ceph" > backup_s3_region
-echo "example-access-key-id" > backup_s3_aws_access_key_id
-echo "example-secret-access-key" > backup_s3_aws_secret_access_key
-
-kubectl apply -k .
--- a/install/installation-kustomization/kustomization.yaml
+++ b/install/installation-kustomization/kustomization.yaml
---
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-namespace: flux-system
-secretGenerator:
-  - name: oas-cluster-variables
-    files:
-      - domain
-      - admin_email
-      - outgoing_mail_enabled
-      - outgoing_mail_domain
-      - outgoing_mail_from_address
-      - outgoing_mail_from_prefix
-      - outgoing_mail_smtp_host
-      - outgoing_mail_smtp_authtype
-      - outgoing_mail_smtp_password
-      - outgoing_mail_smtp_port
-      - outgoing_mail_smtp_user
-      - acme_staging
-      - acme_server
-      - ip_address
-      - backup_s3_bucket
-      - backup_s3_prefix
-      - backup_s3_url
-      - backup_s3_region
-      - backup_s3_aws_access_key_id
-      - backup_s3_aws_secret_access_key
-generatorOptions:
-  disableNameSuffixHash: true
--- a/install/kustomization.yaml
+++ b/install/kustomization.yaml
+---
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: flux-system
+secretGenerator:
+  - name: oas-cluster-variables
+    envs:
+      - .env
+generatorOptions:
+  disableNameSuffixHash: true