#!/bin/sh

export DOMAIN="pass.tretkowski.dev"

export CLUSTER="gaia"
export NAMESPACE="ntretkowski-passbolt"

SSLDIR="$HOME/.ssl"

kubectl config use-context $CLUSTER

kubectl delete namespace $NAMESPACE
kubectl create namespace $NAMESPACE

kubectl -n $NAMESPACE create secret tls passbolt-tls \
  --key $SSLDIR/certs/archive/$DOMAIN/privkey1.pem \
  --cert $SSLDIR/certs/archive/$DOMAIN/fullchain1.pem

cat > passbolt_values.yaml << EOF
ingress:
  enabled: true
  annotations:
    kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/ssl-redirect: "true"
    nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
    nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
  hosts:
    - host: $DOMAIN
      paths:
        - path: /
          port: https
          pathType: ImplementationSpecific
  tls:
    - autogenerate: false
      existingSecret: "passbolt-tls"
      hosts:
        - $DOMAIN
passboltEnv:
  plain:
    APP_FULL_BASE_URL: https://$DOMAIN
EOF

helm install -f passbolt_values.yaml passbolt passbolt/passbolt --namespace $NAMESPACE

rm -f passbolt_values.yaml