#!/bin/bash # Shared TLS op-level hook methods — sourced by generated run-*.sh scripts. # Requires TLS_HOOK_* env vars exported by env- (see tls-hook section in env-*.j2). # Depends on _lib_* functions from gateway-tls.sh (sourced here as fallback). # shellcheck source=gateway-tls.sh [ -f "${SCRIPT_DIR}/lib/gateway-tls.sh" ] && source "${SCRIPT_DIR}/lib/gateway-tls.sh" _method_create-cf-secret() { [ -f "${SCRIPT_DIR}/_credentials.env" ] && set -a \ && source "${SCRIPT_DIR}/_credentials.env" && set +a if [ -z "${TLS_HOOK_CF_SECRET_NAME:-}" ]; then echo " [error] TLS_HOOK_CF_SECRET_NAME not set — missing tls-hook vars in env file" >&2 exit 1 fi local env_key="CF_TOKEN_$(echo "${TLS_HOOK_CF_SECRET_NAME}" \ | tr '[:lower:]' '[:upper:]' | tr '-' '_')" local cf_token="${!env_key:-}" if [ -z "$cf_token" ]; then echo " [error] CF token not found — expected env var: ${env_key}" >&2 exit 1 fi _lib_create_cf_secret "${TLS_HOOK_CF_SECRET_NAME}" "$cf_token" } _method_patch-gateway-https() { _lib_gateway_patch_https \ "${TLS_HOOK_GATEWAY_NAME:-libre-wuji}" \ "${TLS_HOOK_GATEWAY_NS:-kube-system}" \ "${TLS_HOOK_LISTENER_NAME}" \ "${TLS_HOOK_DOMAIN}" \ "${TLS_HOOK_TLS_SECRET}" \ "${TLS_HOOK_NAMESPACE}" } _method_remove-gateway-https() { _lib_gateway_remove_https \ "${TLS_HOOK_GATEWAY_NAME:-libre-wuji}" \ "${TLS_HOOK_GATEWAY_NS:-kube-system}" \ "${TLS_HOOK_LISTENER_NAME}" }