diff options
author | Christian Albrecht <christian.albrecht@mayflower.de> | 2019-03-11 11:42:48 +0100 |
---|---|---|
committer | Christian Albrecht <christian.albrecht@mayflower.de> | 2019-03-11 12:22:59 +0100 |
commit | e3a80ebc40c9ce68db32a20dc806710b36393080 (patch) | |
tree | 6935e2031c4ec59211097c4fc6100898916be406 /nixos/modules/services/cluster/kubernetes/pki.nix | |
parent | 45e683fbd6bc2b8ccf57b6425f4877deed618569 (diff) | |
download | nixpkgs-e3a80ebc40c9ce68db32a20dc806710b36393080.tar nixpkgs-e3a80ebc40c9ce68db32a20dc806710b36393080.tar.gz nixpkgs-e3a80ebc40c9ce68db32a20dc806710b36393080.tar.bz2 nixpkgs-e3a80ebc40c9ce68db32a20dc806710b36393080.tar.lz nixpkgs-e3a80ebc40c9ce68db32a20dc806710b36393080.tar.xz nixpkgs-e3a80ebc40c9ce68db32a20dc806710b36393080.tar.zst nixpkgs-e3a80ebc40c9ce68db32a20dc806710b36393080.zip |
Cleanup pki: remove mkWaitCurl
Diffstat (limited to 'nixos/modules/services/cluster/kubernetes/pki.nix')
-rw-r--r-- | nixos/modules/services/cluster/kubernetes/pki.nix | 22 |
1 files changed, 12 insertions, 10 deletions
diff --git a/nixos/modules/services/cluster/kubernetes/pki.nix b/nixos/modules/services/cluster/kubernetes/pki.nix index 1d0232fa235..4cf3269e18f 100644 --- a/nixos/modules/services/cluster/kubernetes/pki.nix +++ b/nixos/modules/services/cluster/kubernetes/pki.nix @@ -182,12 +182,12 @@ in description = "Wait for ${remote} to be reachable."; wantedBy = [ "cfssl-online.target" ]; before = [ "cfssl-online.target" ]; + path = [ pkgs.curl ]; preStart = '' - ${top.lib.mkWaitCurl { - address = remote; - path = "/api/v1/cfssl/info"; - args = "-kd '{}' -o /dev/null"; - }} + until curl --fail-early -fskd '{}' ${remote}/api/v1/cfssl/info -o /dev/null; do + echo curl ${remote}/api/v1/cfssl/info: exit status $? + sleep 2 + done ''; script = "echo Ok"; serviceConfig = { @@ -200,6 +200,7 @@ in wantedBy = [ "cfssl-online.target" ]; after = [ "cfssl-online.target" ]; before = [ "certmgr.service" ]; + path = with pkgs; [ curl cfssl ]; script = concatStringsSep "\n" ['' set -e @@ -218,11 +219,12 @@ in '' (optionalString (cfg.pkiTrustOnBootstrap) '' if [ ! -s "${top.caFile}" ]; then - ${top.lib.mkWaitCurl { - address = "https://${top.masterAddress}:${cfsslPort}"; - path = "/api/v1/cfssl/info"; - args = "-kd '{}' -o - | ${pkgs.cfssl}/bin/cfssljson -stdout >${top.caFile}"; - }} + until test -s ${top.caFile}.json; do + sleep 2 + curl --fail-early -fskd '{}' ${remote}/api/v1/cfssl/info -o ${top.caFile}.json + done + cfssljson -f ${top.caFile}.json -stdout >${top.caFile} + rm ${top.caFile}.json fi '') ]; |