Last active
January 31, 2023 09:48
-
-
Save juunini/cf579a0d9945c7eeb0e7b3a2ab8dc9b6 to your computer and use it in GitHub Desktop.
Getting start cert manager with ingress nginx tutorial
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#! /bin/bash | |
curl -s https://gist.githubusercontent.com/juunini/a30a6aad37d6e0b1c51c2418bf1664a3/raw/40fe0cdae6b5dd6ac6fd8e496dbf464f2b25d044/color.sh -o color.sh | |
source color.sh | |
rm color.sh | |
DOMAIN=kuard.test.tlqkf.wtf | |
EMAIL=juuni.kim@cloudmt.co.kr | |
echo -ne "Insert hostname [$RED$DOMAIN$COLOR_RESET] " && read _DOMAIN | |
echo -ne "Insert email [$RED$EMAIL$COLOR_RESET] " && read _EMAIL | |
DOMAIN=${_DOMAIN:-$DOMAIN} | |
EMAIL=${_EMAIL:-$EMAIL} | |
curl -s https://gist.githubusercontent.com/juunini/91ce1b4062d102a0cbc42a49bc34fb51/raw/f193dbf4368f0a1db19545fcf2bffb2b173fc34e/loading.sh -o loading.sh | |
source loading.sh | |
rm loading.sh | |
i=0 | |
loadingAnimation() { | |
loading $i | |
(( i += 1 )) | |
sleep 1 | |
} | |
################################################ | |
# ingress-nginx | |
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.5.1/deploy/static/provider/cloud/deploy.yaml | |
printf "\nwaiting ingress-nginx external IP... " | |
while : | |
do | |
INGRESS_NGINX=$(kubectl get service -n ingress-nginx) | |
if [[ $INGRESS_NGINX == *"pending"* ]]; then | |
loadingAnimation | |
continue | |
fi | |
printf " \n\n\n" | |
kubectl get service -n ingress-nginx | |
break | |
done | |
printf "\n\nwaiting ingress-nginx deployments... " | |
while : | |
do | |
DEPLOYMENT_INGRESS_NGINX=$(kubectl get deployments -n ingress-nginx) | |
if [[ $DEPLOYMENT_INGRESS_NGINX == *"0/1"* ]]; then | |
loadingAnimation | |
continue | |
fi | |
printf " \n\n\n" | |
break | |
done | |
printf "\nRegister your domain upper EXTERNAL-IP.\nIf you done, press enter" | |
read IS_REGISTERED | |
# kuard | |
kubectl apply -f https://raw.githubusercontent.com/cert-manager/website/master/content/docs/tutorials/acme/example/deployment.yaml | |
kubectl apply -f https://raw.githubusercontent.com/cert-manager/website/master/content/docs/tutorials/acme/example/service.yaml | |
# cert-manager | |
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.11.0/cert-manager.yaml | |
printf "\nwaiting cert-manager... " | |
while : | |
do | |
CERT_MANAGER=$(kubectl get deployments -n cert-manager) | |
if [[ $CERT_MANAGER == *"0/1"* ]]; then | |
loadingAnimation | |
continue | |
fi | |
printf " \n\n\n" | |
break | |
done | |
# Let's Encrypt TLS certificate | |
curl https://raw.githubusercontent.com/cert-manager/website/master/content/docs/tutorials/acme/example/production-issuer.yaml | sed "s/user@example.com/$EMAIL/g" | kubectl create -f - | |
# add kuard on ingress-nginx | |
curl https://raw.githubusercontent.com/cert-manager/website/master/content/docs/tutorials/acme/example/ingress-tls-final.yaml | sed "s/example.example.com/$DOMAIN/g" | kubectl create -f - | |
printf "\nwaiting TLS finish... " | |
sleep 3s | |
while : | |
do | |
CHECK_TLS=$(kubectl describe secret quickstart-example-tls) | |
if [[ $CHECK_TLS == *"tls.key"* && $CHECK_TLS == *"tls.crt"* ]]; then | |
printf " \n\nfinished \n" | |
break | |
fi | |
loadingAnimation | |
done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment