#!/bin/bash

kubectl -n staging get secret k3s-seyshiro-de-staging-tls -o jsonpath='{.data.tls\.crt}' | base64 -d >staging_tls.crt
kubectl -n staging get secret k3s-seyshiro-de-staging-tls -o jsonpath='{.data.tls\.key}' | base64 -d >staging_tls.key

kubectl -n production get secret k3s-seyshiro-de-tls -o jsonpath='{.data.tls\.crt}' | base64 -d >production_tls.crt
kubectl -n production get secret k3s-seyshiro-de-tls -o jsonpath='{.data.tls\.key}' | base64 -d >production_tls.key

scp ./{production,staging}_tls.{crt,key} k3s-loadbalancer:~

# onsite
# chmod 600 ./{production,staging}_tls.{crt,key}
# sudo mv ./{production,staging}_tls.{crt,key} /etc/nginx/ssl/