add just command to refresh client cert

2026-01-01 15:20:06 -07:00
parent 6117c9d826
commit dff2f4871e
2 changed files with 15 additions and 1 deletions
--- a/14
+++ b/14
@@ -38,3 +38,17 @@ goatchat-register-review:
    bws run 'curl -v -H '\"'Authorization: SharedSecret $GOATCHAT_REGISTRATION_ADMIN_API_SHARE_SECRET'\"' \
        -H "Content-Type: application/json" \
        https://goatchat.ca/gate/api/token' | jq
+
+refresh-client-cert:
+    #!/bin/bash
+    yq -r .machine.ca.crt controlplane.yaml | base64 -d > ca.crt
+    yq -r .machine.ca.key controlplane.yaml | base64 -d > ca.key
+    talosctl gen key --name admin           
+    talosctl gen csr --key admin.key --ip 127.0.0.1
+    talosctl gen crt --ca ca --csr admin.csr --name admin
+    yq -i '.contexts.fog.ca = "'"$(base64 -w0 ca.crt)"\
+    '" | .contexts.fog.crt = "'"$(base64 -w0 admin.crt)"\
+    '" | .contexts.fog.key = "'"$(base64 -w0 admin.key)"'"' \
+    .config/talosconfig
+
+    talosctl kubeconfig .config/kubeconfig -n 192.168.1.43