From bdab6d8701d736bddfe72a0413ef667a03b2a284 Mon Sep 17 00:00:00 2001
From: Norbert Tretkowski <norbert@tretkowski.de>
Date: Fri, 16 May 2025 13:21:44 +0200
Subject: [PATCH] Initial commit

---
 deploy_passbolt.sh | 45 +++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 45 insertions(+)
 create mode 100755 deploy_passbolt.sh

diff --git a/deploy_passbolt.sh b/deploy_passbolt.sh
new file mode 100755
index 0000000..51dda04
--- /dev/null
+++ b/deploy_passbolt.sh
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+export DOMAIN="pass.tretkowski.dev"
+
+export CLUSTER="gaia"
+export NAMESPACE="ntretkowski-passbolt"
+
+SSLDIR="$HOME/.ssl"
+
+kubectl config use-context $CLUSTER
+
+kubectl delete namespace $NAMESPACE
+kubectl create namespace $NAMESPACE
+
+kubectl -n $NAMESPACE create secret tls passbolt-tls \
+  --key $SSLDIR/certs/archive/$DOMAIN/privkey1.pem \
+  --cert $SSLDIR/certs/archive/$DOMAIN/fullchain1.pem
+
+cat > passbolt_values.yaml << EOF
+ingress:
+  enabled: true
+  annotations:
+    kubernetes.io/ingress.class: nginx
+    nginx.ingress.kubernetes.io/ssl-redirect: "true"
+    nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
+    nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
+  hosts:
+    - host: $DOMAIN
+      paths:
+        - path: /
+          port: https
+          pathType: ImplementationSpecific
+  tls:
+    - autogenerate: false
+      existingSecret: "passbolt-tls"
+      hosts:
+        - $DOMAIN
+passboltEnv:
+  plain:
+    APP_FULL_BASE_URL: https://$DOMAIN
+EOF
+
+helm install -f passbolt_values.yaml passbolt passbolt/passbolt --namespace $NAMESPACE
+
+rm -f passbolt_values.yaml