oceanbox/platform
6
0
Fork 0
Code Issues 10 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Restart cfssl periodically

Browse Source
This commit is contained in:
Jonas Juselius
2020-01-28 13:29:55 +01:00
parent e50f7908df
commit 83d4a54a80
1 changed files with 9 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
lib/k8s.nix
View File

@@ -45,7 +45,8 @@ let
mkdir -p $out/share/kube-system-bootstrap/charts mkdir -p $out/share/kube-system-bootstrap/charts
export bash="${pkgs.bash}" export bash="${pkgs.bash}"
export apiserver="${settings.master.address}" export apiserver="${settings.master.name}"
export apiserverAddress="${settings.master.address}"
export initca="${initca}" export initca="${initca}"
export cluster="${clusterName}" export cluster="${clusterName}"
export fileserver="${fileserver}" export fileserver="${fileserver}"
@@ -110,6 +111,7 @@ let
securePort = 4443; securePort = 4443;
insecurePort = 8080; insecurePort = 8080;
extraOpts = "--requestheader-client-ca-file ${cluster-ca}/ca.pem"; extraOpts = "--requestheader-client-ca-file ${cluster-ca}/ca.pem";
# verbosity = 4;
}; };
controllerManager = { controllerManager = {
@@ -154,6 +156,12 @@ let
Restart = "on-failure"; Restart = "on-failure";
}; };
}; };
systemd.services.cfssl-restart = {
enable = true;
startAt = "00/6:00";
description = "Restrart cfssl which regularly locks up";
script = "systemctl restart cfssl.service";
};
}; };
kubeWorker = { kubeWorker = {