personal/vuko/shells initial commit Change-Id: Icba91e8d4ffe53fc8a7ab7946f3a1b45daf20290

commit: 6c678e391ef49e8242c07cc98cdd15ba3ea943f3 [log] [tgz]
author: vuko <vuko@hackerspace.pl> Fri May 22 22:02:22 2020 +0200
committer: vuko <vuko@hackerspace.pl> Fri May 22 22:02:22 2020 +0200
tree: f6370c42e0c191fe29cda2980b83c57bfa4b5adb
parent: 741c08f66c9eb9c44089ac8745df44c871bde42d [diff] [blame]
diff --git a/personal/vuko/shells/create-secrets.py b/personal/vuko/shells/create-secrets.py
new file mode 100644
index 0000000..7d5df82
--- /dev/null
+++ b/personal/vuko/shells/create-secrets.py

@@ -0,0 +1,26 @@
+#!/usr/bin/env python3
+""" generate ssh keys for shells SFTP container """
+from pathlib import Path
+from subprocess import run
+import json
+import tempfile
+
+with tempfile.TemporaryDirectory() as tmp:
+    tmp = Path(tmp).absolute()
+    keyfile = tmp.joinpath("ssh_host_ed25519_key")
+    run(["ssh-keygen", "-f", keyfile, "-N", "", "-t", "ed25519"], check=True)
+
+    # https://kubernetes.io/docs/concepts/configuration/secret/#generating-a-secret-from-files
+    generator = {
+        "secretGenerator": [
+            {
+                "name": "shells-ssh-host-key",
+                "files": [
+                    str(f.relative_to(tmp))
+                    for f in [keyfile, keyfile.with_suffix(".pub")]
+                ],
+            }
+        ]
+    }
+    tmp.joinpath("kustomization.yaml").write_text(json.dumps(generator))
+    run(["kubectl", "-n", "personal-vuko", "apply", "-k", tmp], check=True)
commit	6c678e391ef49e8242c07cc98cdd15ba3ea943f3	[log] [tgz]
author	vuko <vuko@hackerspace.pl>	Fri May 22 22:02:22 2020 +0200
committer	vuko <vuko@hackerspace.pl>	Fri May 22 22:02:22 2020 +0200
tree	f6370c42e0c191fe29cda2980b83c57bfa4b5adb
parent	741c08f66c9eb9c44089ac8745df44c871bde42d [diff] [blame]