-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcloudflared.sh
executable file
·65 lines (59 loc) · 2.53 KB
/
cloudflared.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
#!/usr/bin/env bash
# small IntelliJ hack to prevent warning on non-existing variables
if [[ "THIS_WILL_NEVER_BE_TRUE" == "true" ]]; then
AUTH_EMAIL=${AUTH_EMAIL}
AUTH_KEY=${AUTH_KEY}
fi
while true; do
# read Cloudflare authentication Email
if [[ -z "${AUTH_EMAIL}" ]]; then
echo "AUTH_EMAIL environment variable not defined" >&2
exit 1
fi
# read Cloudflare authentication key
if [[ -z "${AUTH_KEY}" ]]; then
echo "AUTH_KEY environment variable not defined" >&2
exit 1
fi
# fetch list of services from Kubernetes as JSON, filtering to only those with dns annotations, and redirecting them
# to our Python script which will ensure their DNS records are correctly defined in Cloudflare
kubectl get services --all-namespaces --output=json | jq -r '
[.items[] |
select(.spec.type == "LoadBalancer") |
select(.spec.loadBalancerIP) |
select(.metadata.annotations.dns) |
{
"kind": .kind,
"name": .metadata.name,
ips: [.status.loadBalancer.ingress[].ip],
"dns": .metadata.annotations.dns|fromjson
}]' | $(dirname $0)/update_dns_records.py "${AUTH_EMAIL}" "${AUTH_KEY}"
if [[ $? != 0 ]]; then
echo "Updating service DNS records failed!" >&2
exit 1
fi
# fetch list of ingresses from Kubernetes as JSON, filtering to only those that got their public IP, and redirecting
# them to our Python script which will ensure their DNS records are correctly defined in Cloudflare
kubectl get ingress --all-namespaces --output=json | jq -r '
[.items[] |
select(.metadata.name | startswith( "kube-lego-" ) | not ) |
select(.status.loadBalancer) |
select(.status.loadBalancer.ingress) |
select(.status.loadBalancer.ingress[].ip) |
{
"kind": .kind,
"name": .metadata.name,
ips: [.status.loadBalancer.ingress[].ip],
"dns": [ .spec.rules[].host ]
}]' | $(dirname $0)/update_dns_records.py "${AUTH_EMAIL}" "${AUTH_KEY}"
if [[ $? != 0 ]]; then
echo "Updating ingress DNS records failed!" >&2
exit 1
fi
# rinse & repeat
sleep 10
if [[ $? != 0 ]]; then
echo "Interrupted" >&2
exit 0
fi
done