jeff/nixos-kubernetes
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

fix prestart

Browse source
This commit is contained in:
Jeffrey C. Ollie 2023-08-15 14:38:06 -05:00
parent 125896c611
commit 1600bc356f
Signed by: jeff
GPG key ID: 6F86035A6D97044E
1 changed files with 16 additions and 10 deletions

26
flake.nix
View file

@ -692,7 +692,8 @@
cat ${healthcheck-client-csr-json} | ${pkgs.cfssl}/bin/cfssl gencert -ca=${cfg.etcd.certPath} -ca-key=${cfg.etcd.keyPath} -config=${ca-config-json} -profile=client - | ${pkgs.cfssl}/bin/cfssljson -bare healthcheck-client
fi
''
else "";
else
null;
services.etcd = lib.mkIf (cfg.hosts.${name}.role == "etcd") {
enable = true;
@ -757,16 +758,21 @@
After = [ "network-online.target" ];
Wants = [ "network-online.target" ];
};
preStart = lib.mkIf (cfg.hosts.${name}.role == "master") ''
mkdir -p /etc/kubernetes/pki
cd /etc/kubernetes/pki
if [ ! -f apiserver-etcd-client.crt ]
preStart =
if (cfg.hosts.${name}.role == "master")
then
cat ${apiserver-etcd-client-csr-json} | ${pkgs.cfssl}/bin/cfssl gencert -ca=${cfg.etcd.certPath} -ca-key=${cfg.etcd.keyPath} -config=${ca-config-json} -profile=client - | ${pkgs.cfssl}/bin/cfssljson -bare apiserver-etcd-client
mv apiserver-etcd-client.pem apiserver-etcd-client.crt
mv apiserver-etcd-client-key.pem apiserver-etcd-client.key
fi
'';
''
mkdir -p /etc/kubernetes/pki
cd /etc/kubernetes/pki
if [ ! -f apiserver-etcd-client.crt ]
then
cat ${apiserver-etcd-client-csr-json} | ${pkgs.cfssl}/bin/cfssl gencert -ca=${cfg.etcd.certPath} -ca-key=${cfg.etcd.keyPath} -config=${ca-config-json} -profile=client - | ${pkgs.cfssl}/bin/cfssljson -bare apiserver-etcd-client
mv apiserver-etcd-client.pem apiserver-etcd-client.crt
mv apiserver-etcd-client-key.pem apiserver-etcd-client.key
fi
''
else
null;
serviceConfig = {
Slice = "kubernetes.slice";
CPUAccounting = true;