19 lines
523 B
Bash
Executable file
19 lines
523 B
Bash
Executable file
#!/bin/bash
|
|
cat << EOH > pihole.hcl
|
|
path "kv/data/pihole" {
|
|
capabilities = ["read"]
|
|
}
|
|
EOH
|
|
vault policy write pihole pihole.hcl
|
|
rm pihole.hcl
|
|
|
|
HOST_IP=$(ip addr show eth0 | grep -Po 'inet \K[\d.]+')
|
|
TOKEN="$(kubectl get secret serviceaccounttoken -n external-dns -o go-template='{{ .data.token }}' | base64 -d)"
|
|
|
|
vault write auth/${VAULT_AUTH_NAMESPACE}/role/external-dns \
|
|
bound_service_account_names=default,external-dns \
|
|
bound_service_account_namespaces=external-dns \
|
|
policies=external-dns \
|
|
ttl=24h
|
|
|