slim down scripts

README.md

@@ -647,13 +647,7 @@ This creates a user, namespace, and permissions with a simple script.
 ./setup.sh <server_fqdn>
 
 # Create a user, use "admin" to create an admin user
-./adduser <server_fqdn> <user>
+./upsertuser.sh <ssh_address> <server_fqdn (for kubectl)> <user>
-
-# Create a namespace and allow <user> to access it
-./createprojectspace <server_fqdn> <user> <project>
-
-# Update a project namespace with the contents of ./namespace
-./updateprojectspace <server_fqdn> <user> <project>
 
 # Remove a user, their namespace, and their access
 ./removeuserspace <server_fqdn> <user>

scripts/removeuser.sh

@@ -1,16 +1,17 @@
 #!/bin/bash
 
 # Use
-# ./removeuserspace <server_fqdn> <user>
+# ./removeuserspace <ssh_address> <server_fqdn (for kubectl)> <user>
 
 export SERVER=$1
-export USER=$2
+export FQDN=$2
+export USER=$3
 
-export CERT_DIR=$HOME/.kube/$SERVER/users/$USER
+export CERT_DIR=$HOME/.kube/$FQDN/users/$USER
-export CA_CERT_DIR=$HOME/.kube/$SERVER
+export CA_CERT_DIR=$HOME/.kube/$FQDN
 
 export SERVER_USER_DIR="~/.kube/users/$USER"
-export SERVER_NAME=$(echo "$SERVER" | sed 's/\./-/g')
+export SERVER_NAME=$(echo "$FQDN" | sed 's/\./-/g')
 export SERVER_USER="$USER-$SERVER_NAME"
 
 export KUBECONFIG="$HOME/.kube/$USER-config"
@@ -34,4 +35,4 @@ echo "Deleting local cert dir"
 rm -rf $CERT_DIR
 
 echo "Removing from kubeconfig"
-kubectl config delete-user $SERVER_USER
+rm $KUBECONFIG

scripts/updateprojectspace.sh

@@ -1,39 +0,0 @@
-#!/bin/bash
-
-# Use
-# ./updateprojectspace <server_fqdn> <user> <project>
-
-export SERVER=$1
-export USER=$2
-export PROJECT=$3
-
-export SERVER_PROJECT_DIR="~/.kube/projects/$PROJECT"
-
-export KUBECONFIG="$HOME/.kube/$USER-config"
-
-echo "Checking if project namespace exists"
-exists=$(ssh $SERVER "kubectl get namespace --output=jsonpath=\"{.items[?(@.metadata.name=='$PROJECT')].metadata.name}\"")
-if [ -z $exists ]; then
-    echo "Namespace not found, nothing to update"
-    exit 1
-else
-    echo "Namespace exists, updating"
-fi
-
-echo "Templating namespace with helm and copying to server"
-helm template $PROJECT ./helm/namespace --set user=$USER | ssh $SERVER "cat - > $SERVER_PROJECT_DIR/namespace.yaml"
-
-if [ $? -ne 0 ]; then
-    echo "Failed to template namespace. Is helm installed?"
-    exit 1
-fi
-
-echo "Updating namespace with template"
-ssh $SERVER "kubectl apply -f $SERVER_PROJECT_DIR/namespace.yaml"
-
-if [ $? -ne 0 ]; then
-    echo "Failed to update namespace"
-    exit 1
-fi
-
-echo "done"

scripts/upsertuser.sh

@@ -1,22 +1,27 @@
 #!/bin/bash
 
 # Use
-# ./adduser.sh <server_fqdn> <user>
+# ./upsert.sh <ssh_address> <server_fqdn (for kubectl)> <user>
+# Note, do not specify https:// or :port for the fqdn, just give the domain
+# Port is expected to be 6443. You can change this later in the generated conf 
+# ./upsert.sh node1 containers.reeseapps.com testuser
+# ./upsert.sh 192.168.1.10 mydomain.ddns.net admin
 
 export SERVER=$1
-export USER=$2
+export FQDN=$2
+export USER=$3
 
-export CERT_DIR=$HOME/.kube/$SERVER/users/$USER
+export CERT_DIR=$HOME/.kube/$FQDN/users/$USER
-export CA_CERT_DIR=$HOME/.kube/$SERVER
+export CA_CERT_DIR=$HOME/.kube/$FQDN
 
 export SERVER_USER_DIR="~/.kube/users/$USER"
-export SERVER_NAME=$(echo "$SERVER" | sed 's/\./-/g')
+export SERVER_NAME=$(echo "$FQDN" | sed 's/\./-/g')
 export SERVER_USER="$USER-$SERVER_NAME"
 
 export KUBECONFIG="$HOME/.kube/$USER-config"
 
 if [ -z $USER ]; then
-echo "No arguments supplied! Format is ./adduser.sh <SERVER_FQDN> <USER>"
+echo "No arguments supplied! Format is ./upsert.sh <SERVER_FQDN> <USER>"
 exit 1
 fi
 
@@ -89,17 +94,17 @@ echo "retrieving signed cert"
 scp $SERVER:$SERVER_USER_DIR/$USER.crt $CERT_DIR/$USER.crt
 
 echo "retrieving server ca"
-wget --no-check-certificate https://$SERVER:6443/cacerts -O $CA_CERT_DIR/server-ca.pem
+wget --no-check-certificate https://$FQDN:6443/cacerts -O $CA_CERT_DIR/server-ca.pem
 
-echo "creating $SERVER-$USER context"
+echo "creating $FQDN-$USER context"
-kubectl config set-context $SERVER-$USER
+kubectl config set-context $FQDN-$USER
 
-echo "setting $SERVER-$USER as current context"
+echo "setting $FQDN-$USER as current context"
-kubectl config set current-context $SERVER-$USER
+kubectl config set current-context $FQDN-$USER
 
-echo "adding server to config with new context $SERVER-$USER"
+echo "adding server to config with new context $FQDN-$USER"
-kubectl config set-cluster $SERVER --server=https://$SERVER:6443 --certificate-authority=$CA_CERT_DIR/server-ca.pem
+kubectl config set-cluster $FQDN --server=https://$FQDN:6443 --certificate-authority=$CA_CERT_DIR/server-ca.pem
-kubectl config set contexts.$(kubectl config current-context).cluster $SERVER
+kubectl config set contexts.$(kubectl config current-context).cluster $FQDN
 
 echo "adding user to config file"
 kubectl config set-credentials $SERVER_USER --client-certificate=$CERT_DIR/$USER.crt --client-key=$CERT_DIR/$USER.key