meissa/c4k-jitsi
6
0
Fork 0
Code Issues Pull requests Projects Releases 11 Packages Wiki Activity

Add certificates with renew

Browse source
This commit is contained in:
bom 2022-06-24 10:44:44 +02:00
parent 7345c6364a
commit 0e341c98e6
6 changed files with 57 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/main/cljc/dda/c4k_jitsi/core.cljc
View file

@ -17,6 +17,8 @@
(defn k8s-objects [config] (defn k8s-objects [config]
(map yaml/to-string (map yaml/to-string
[(jitsi/generate-secret-jitsi config) [(jitsi/generate-secret-jitsi config)
(jitsi/generate-certificate-jitsi config)
(jitsi/generate-certificate-etherpad config)
(jitsi/generate-jvb-service) (jitsi/generate-jvb-service)
(jitsi/generate-web-service) (jitsi/generate-web-service)
(jitsi/generate-etherpad-service) (jitsi/generate-etherpad-service)

24
src/main/cljc/dda/c4k_jitsi/jitsi.cljc
View file

@ -71,4 +71,26 @@
(yaml/from-string (yaml/load-resource "jitsi/deployment.yaml")) (yaml/from-string (yaml/load-resource "jitsi/deployment.yaml"))
(cm/replace-all-matching-values-by-new-value "REPLACE_JITSI_FQDN" fqdn) (cm/replace-all-matching-values-by-new-value "REPLACE_JITSI_FQDN" fqdn)
(cm/replace-all-matching-values-by-new-value "REPLACE_ETHERPAD_URL" (cm/replace-all-matching-values-by-new-value "REPLACE_ETHERPAD_URL"
(str "https://etherpad." fqdn "/p/"))))) (str "https://etherpad." fqdn "/p/")))))
(defn generate-certificate-jitsi
[config]
(let [{:keys [fqdn issuer ingress-type]
:or {issuer :staging ingress-type :default}} config
letsencrypt-issuer (name issuer)
ingress-kind (if (= :default ingress-type) "" (name ingress-type))]
(->
(yaml/load-as-edn "jitsi/certificate-jitsi.yaml")
(assoc-in [:spec :issuerRef :name] letsencrypt-issuer)
(cm/replace-all-matching-values-by-new-value "REPLACE_JITSI_FQDN" fqdn))))
(defn generate-certificate-etherpad
[config]
(let [{:keys [fqdn issuer ingress-type]
:or {issuer :staging ingress-type :default}} config
letsencrypt-issuer (name issuer)
ingress-kind (if (= :default ingress-type) "" (name ingress-type))]
(->
(yaml/load-as-edn "jitsi/certificate-etherpad.yaml")
(assoc-in [:spec :issuerRef :name] letsencrypt-issuer)
(cm/replace-all-matching-values-by-new-value "REPLACE_ETHERPAD_FQDN" (str "etherpad." fqdn)))))

15
src/main/resources/jitsi/certificate-etherpad.yaml Normal file
View file

@ -0,0 +1,15 @@
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: etherpad-cert
namespace: default
spec:
secretName: etherpad-cert
commonName: REPLACE_ETHERPAD_FQDN
duration: 2160h # 90d
renewBefore: 360h # 15d
dnsNames:
- REPLACE_ETHERPAD_FQDN
issuerRef:
name: REPLACEME
kind: ClusterIssuer

15
src/main/resources/jitsi/certificate-jitsi.yaml Normal file
View file

@ -0,0 +1,15 @@
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: jitsi-cert
namespace: default
spec:
secretName: jitsi-cert
commonName: REPLACE_JITSI_FQDN
duration: 2160h # 90d
renewBefore: 360h # 15d
dnsNames:
- REPLACE_JITSI_FQDN
issuerRef:
name: REPLACEME
kind: ClusterIssuer

2
src/main/resources/jitsi/ingress-etherpad.yaml
View file

@ -9,7 +9,7 @@ spec:
tls: tls:
- hosts: - hosts:
- REPLACE_ETHERPAD_FQDN - REPLACE_ETHERPAD_FQDN
secretName: tls-etherpad secretName: etherpad-cert
rules: rules:
- host: REPLACE_ETHERPAD_FQDN - host: REPLACE_ETHERPAD_FQDN
http: http:

2
src/main/resources/jitsi/ingress-jitsi.yaml
View file

@ -9,7 +9,7 @@ spec:
tls: tls:
- hosts: - hosts:
- REPLACE_JITSI_FQDN - REPLACE_JITSI_FQDN
secretName: tls-jitsi secretName: jitsi-cert
rules: rules:
- host: REPLACE_JITSI_FQDN - host: REPLACE_JITSI_FQDN
http: http: