From abfa94b499e4d079a65d06de5d1f4bbcf4e56934 Mon Sep 17 00:00:00 2001 From: zwa Date: Sat, 30 Oct 2021 13:59:42 +0200 Subject: [PATCH] get nc working with localstack - use 2 different hostnames for localstack resp. nextcloud - upd README --- .../local-integration-test/README.md | 33 ++++++++++++++----- .../local-integration-test/certificate.yaml | 4 +-- .../local-integration-test/localstack.yaml | 4 +-- .../local-integration-test/setup-local-s3.sh | 7 ++-- .../local-integration-test/start-k3s.sh | 2 +- 5 files changed, 34 insertions(+), 16 deletions(-) diff --git a/src/test/resources/local-integration-test/README.md b/src/test/resources/local-integration-test/README.md index e31de71..0505232 100644 --- a/src/test/resources/local-integration-test/README.md +++ b/src/test/resources/local-integration-test/README.md @@ -1,19 +1,20 @@ # Requirements -* Restic +* Restic (install with: `sudo apt install restic` ) * (optional) AWS-CLI # Usage `setup-local-s3.sh [BUCKET_NAME]`: +- [BUCKET_NAME] is optional, "mybucket" will be used if not specified - sets up a k3s instance - installs a localstack pod - creates http and https routing to localstack via localhost - saves the self-signed certificate as ca.crt -- uses the certificate to initialize a restic repo at `https://localhost/BUCKET_NAME` +- uses the certificate to initialize a restic repo at `https://k3stesthost/BUCKET_NAME` -Note: In case of not being able to connect to "localhost/health", you might need to ensure that the ip of localhost matches with the ingress' ip. (See file /etc/hosts). With `sudo k3s kubectl get ingress` you can show the ingress' ip. +Note: In case of not being able to connect to "k3stesthost/health", you might need to ensure that the ingress' ip matches with the required host names: k3stesthost and cloudhost. With `sudo k3s kubectl get ingress` you can view the ingress' ip (e.g. 10.0.2.15), then add a line to file "/etc/hosts" e.g. `10.0.2.15 k3stesthost cloudhost` `start-k3s.sh`: - creates and starts a k3s instance @@ -23,16 +24,32 @@ Note: In case of not being able to connect to "localhost/health", you might need ## Other useful commands - `sudo k3s kubectl get pods` -- `curl localhost/health` +- `curl k3stesthost/health` expected: `{"services": {"s3": "running"}, "features": {"persistence": "disabled", "initScripts": "initialized"}}` #### Requires AWS-CLI -- create bucket `aws --endpoint-url=http://localhost s3 mb s3://mybucket` -- list buckets `aws --endpoint-url=http://localhost s3 ls` -- upload something `aws --endpoint-url=http://localhost s3 cp test.txt s3://mybucket` -- check files `aws --endpoint-url=http://localhost s3 ls s3://mybucket` +- create bucket `aws --endpoint-url=http://k3stesthost s3 mb s3://mybucket` +- list buckets `aws --endpoint-url=http://k3stesthost s3 ls` +- upload something `aws --endpoint-url=http://k3stesthost s3 cp test.txt s3://mybucket` +- check files `aws --endpoint-url=http://k3stesthost s3 ls s3://mybucket` +## Deploy nextcloud + +### Requirements + +* leiningen (install with: `sudo apt install leiningen` ) + +### Deploy + +* In the project's root execute: +`lein uberjar` + +* Change file "valid-config.edn" according to your settings (e.g. `:fqdn "cloudhost"` and `:restic-repository "s3://k3stesthost:mybucket"`). + +* Create and deploy the k8s yaml: +`java -jar target/uberjar/c4k-nextcloud-standalone.jar valid-config.edn valid-auth.edn | sudo k3s kubectl apply -f -` + # TODO * add possibility to use local certificate in dda-backup backup function diff --git a/src/test/resources/local-integration-test/certificate.yaml b/src/test/resources/local-integration-test/certificate.yaml index 96554a3..28437c8 100644 --- a/src/test/resources/local-integration-test/certificate.yaml +++ b/src/test/resources/local-integration-test/certificate.yaml @@ -5,9 +5,9 @@ metadata: namespace: default spec: secretName: localstack-secret - commonName: localhost + commonName: k3stesthost dnsNames: - - localhost + - k3stesthost issuerRef: name: selfsigning-issuer kind: ClusterIssuer diff --git a/src/test/resources/local-integration-test/localstack.yaml b/src/test/resources/local-integration-test/localstack.yaml index 11480bd..325a4cf 100644 --- a/src/test/resources/local-integration-test/localstack.yaml +++ b/src/test/resources/local-integration-test/localstack.yaml @@ -50,10 +50,10 @@ metadata: spec: tls: - hosts: - - localhost + - k3stesthost secretName: localstack-secret rules: - - host: localhost + - host: k3stesthost http: paths: - path: / diff --git a/src/test/resources/local-integration-test/setup-local-s3.sh b/src/test/resources/local-integration-test/setup-local-s3.sh index 048656c..206d569 100755 --- a/src/test/resources/local-integration-test/setup-local-s3.sh +++ b/src/test/resources/local-integration-test/setup-local-s3.sh @@ -10,13 +10,14 @@ function main() until sudo k3s kubectl apply -f certificate.yaml do + echo "*** Waiting for certificate ... ***" sleep 10 done echo echo echo "[INFO] Waiting for localstack health endpoint" - until curl --connect-timeout 3 -s -f -o /dev/null "localhost/health" + until curl --connect-timeout 3 -s -f -o /dev/null "k3stesthost/health" do sleep 5 done @@ -25,8 +26,8 @@ function main() sudo k3s kubectl get secret localstack-secret -o jsonpath="{.data.ca\.crt}" | base64 --decode > ca.crt #aws --endpoint-url=http://localhost s3 mb s3://$bucket_name - export RESTIC_PASSWORD="temporary-test-password" - restic init --cacert ca.crt -r s3://localhost/$bucket_name + export RESTIC_PASSWORD="test-password" + restic init --cacert ca.crt -r s3://k3stesthost/$bucket_name } diff --git a/src/test/resources/local-integration-test/start-k3s.sh b/src/test/resources/local-integration-test/start-k3s.sh index 27a6f60..ea45aa1 100755 --- a/src/test/resources/local-integration-test/start-k3s.sh +++ b/src/test/resources/local-integration-test/start-k3s.sh @@ -1 +1 @@ -curl -sfL https://get.k3s.io | K3S_NODE_NAME=localhost sh - +curl -sfL https://get.k3s.io | K3S_NODE_NAME=k3stesthost INSTALL_K3S_EXEC='--tls-san cloudhost' sh -