Fix cfssl certificate path, and bootstrap scripts

2020-10-27 18:47:05 +01:00
parent 3fa8a154d8
commit cf63a8a32e
1 changed files with 13 additions and 8 deletions
--- a/lib/k8s.nix
+++ b/lib/k8s.nix
@@ -38,9 +38,11 @@ let
      name = "kube-system-bootstrap";
      src = ../bootstrap;
      buildCommand = ''
+        share=$out/share/kube-system-bootstrap
        mkdir -p $out/bin
-        mkdir -p $out/share/kube-system-bootstrap/config
-        mkdir -p $out/share/kube-system-bootstrap/charts
+        mkdir -p $share/bin
+        mkdir -p $share/config
+        mkdir -p $share/charts

        export bash="${pkgs.bash}"
        export apiserver="${settings.master.name}"
@@ -54,20 +56,23 @@ let
        export grafana_ldap_toml="$(cat ${grafana_ldap} | base64 -w0)"
        export workers="$(cat ${worker_nodes})"

-        substituteAll $src/initial-kube-system-bootstrap $out/bin/initial-kube-system-bootstrap
-        chmod 755 $out/bin/initial-kube-system-bootstrap
+        substituteAll $src/bin/initial-kube-system-bootstrap $share/bin/initial-kube-system-bootstrap
+        chmod 755 $share/bin/initial-kube-system-bootstrap
+
+        substituteAll $src/copy-kube-system-bootstrap $out/bin/copy-kube-system-bootstrap
+        chmod 755 $out/bin/copy-kube-system-bootstrap

        cd $src/config
        for i in *; do
-          substituteAll $i $out/share/kube-system-bootstrap/config/$i
+          substituteAll $i $share/config/$i
        done

        cd $src/charts
        for i in *; do
-          substituteAll $i $out/share/kube-system-bootstrap/charts/$i
+          substituteAll $i $share/charts/$i
        done

-        cp $src/bin/* $out/bin
+        cp $src/bin/* $share/bin
      '';
    };

@@ -96,7 +101,7 @@ let
      clusterCidr = settings.cidr;
      pki.genCfsslCACert = false;
      pki.genCfsslAPIToken = false;
-      pki.caCertPathPrefix = "${pki.initca}";
+      pki.caCertPathPrefix = "${pki.initca}/ca";

      kubelet = {
        clusterDomain = "${settings.clusterName}.local";