44 lines
1.3 KiB
Bash
44 lines
1.3 KiB
Bash
gen_password() { head -c 16 /dev/urandom | sha256sum | cut -d " " -f 1; }
|
|
|
|
kube_run() {
|
|
eval "kubectl run --quiet -i --rm --tty kube-run-${RANDOM} \
|
|
--image=${1} --restart=Never -- ${@:2}"
|
|
}
|
|
|
|
htpasswd() {
|
|
kube_run alpine /bin/sh -c \""apk add --no-cache apache2-utils \
|
|
&> /dev/null && \
|
|
htpasswd -Bbn ${1} ${2} | head -n 1 2> /dev/null\""
|
|
}
|
|
|
|
K3S_HOST=ntwl.xyz
|
|
REGISTRY_ADMIN=ntr
|
|
REGISTRY_PASSWORD=$(gen_password)
|
|
REGISTRY_AUTH=$(htpasswd ${REGISTRY_ADMIN} ${REGISTRY_PASSWORD})
|
|
REGISTRY_HTTP_SECRET=$(gen_password)
|
|
|
|
echo "-------------------------------"
|
|
echo REGISTRY_ADMIN is ${REGISTRY_ADMIN}
|
|
echo REGISTRY_PASSWORD is ${REGISTRY_PASSWORD}
|
|
echo REGISTRY_AUTH is ${REGISTRY_AUTH}
|
|
echo REGISTRY_HTTP_SECRET is ${REGISTRY_HTTP_SECRET}
|
|
|
|
kubectl create secret generic registry \
|
|
-n ops \
|
|
--from-literal=REGISTRY_ADMIN=${REGISTRY_ADMIN} \
|
|
--from-literal=REGISTRY_PASSWORD=${REGISTRY_PASSWORD} \
|
|
--from-literal=REGISTRY_HTTP_SECRET=${REGISTRY_HTTP_SECRET} \
|
|
--from-literal=REGISTRY_AUTH=${REGISTRY_AUTH}
|
|
|
|
# cat <<EOF | ssh root@strix tee /etc/rancher/k3s/registries.yaml
|
|
# mirrors:
|
|
# registry.ntwl.xyz:
|
|
# endpoint:
|
|
# - "https://registry.ntwl.xyz"
|
|
# configs:
|
|
# "registry.ntwl.xyz":
|
|
# auth:
|
|
# username: ntr
|
|
# password: pw
|
|
# EOF
|