From cf63a8a32e552d4986325509c5476e259d71fc19 Mon Sep 17 00:00:00 2001 From: Jonas Juselius Date: Tue, 27 Oct 2020 18:47:05 +0100 Subject: [PATCH] Fix cfssl certificate path, and bootstrap scripts --- lib/k8s.nix | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/lib/k8s.nix b/lib/k8s.nix index 84af010..71965c1 100644 --- a/lib/k8s.nix +++ b/lib/k8s.nix @@ -38,9 +38,11 @@ let name = "kube-system-bootstrap"; src = ../bootstrap; buildCommand = '' + share=$out/share/kube-system-bootstrap mkdir -p $out/bin - mkdir -p $out/share/kube-system-bootstrap/config - mkdir -p $out/share/kube-system-bootstrap/charts + mkdir -p $share/bin + mkdir -p $share/config + mkdir -p $share/charts export bash="${pkgs.bash}" export apiserver="${settings.master.name}" @@ -54,20 +56,23 @@ let export grafana_ldap_toml="$(cat ${grafana_ldap} | base64 -w0)" export workers="$(cat ${worker_nodes})" - substituteAll $src/initial-kube-system-bootstrap $out/bin/initial-kube-system-bootstrap - chmod 755 $out/bin/initial-kube-system-bootstrap + substituteAll $src/bin/initial-kube-system-bootstrap $share/bin/initial-kube-system-bootstrap + chmod 755 $share/bin/initial-kube-system-bootstrap + + substituteAll $src/copy-kube-system-bootstrap $out/bin/copy-kube-system-bootstrap + chmod 755 $out/bin/copy-kube-system-bootstrap cd $src/config for i in *; do - substituteAll $i $out/share/kube-system-bootstrap/config/$i + substituteAll $i $share/config/$i done cd $src/charts for i in *; do - substituteAll $i $out/share/kube-system-bootstrap/charts/$i + substituteAll $i $share/charts/$i done - cp $src/bin/* $out/bin + cp $src/bin/* $share/bin ''; }; @@ -96,7 +101,7 @@ let clusterCidr = settings.cidr; pki.genCfsslCACert = false; pki.genCfsslAPIToken = false; - pki.caCertPathPrefix = "${pki.initca}"; + pki.caCertPathPrefix = "${pki.initca}/ca"; kubelet = { clusterDomain = "${settings.clusterName}.local";