freezer/gitops-cluster-bee
Archived
1
0
Fork 0
Code Activity

feat: add ClusterIssuer letsencrypt-mareshq

Browse source 
This issuer has the connection to Cloudflare for DNS ACME challenge
This commit is contained in:
Vojtěch Mareš 2022-09-03 15:49:22 +02:00
parent 152d191adc
commit c77b0de063
Signed by: vojtech.mares
GPG key ID: C6827B976F17240D
6 changed files with 22 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

2
_argocd/values.yaml
View file

@ -25,7 +25,7 @@ argo-cd:
- argocd.cloud.mareshq.com
ingressClassName: nginx
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
cert-manager.io/cluster-issuer: letsencrypt-mareshq
kubernetes.io/tls-acme: "true"
nginx.ingress.kubernetes.io/server-snippet: |
proxy_ssl_verify off;

2
apps/vault/values.yaml
View file

@ -10,7 +10,7 @@ vault:
enabled: true
ingressClassName: nginx
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
cert-manager.io/cluster-issuer: letsencrypt-mareshq
pathType: Prefix
tls:
- secretName: vault-tls

4
cluster-components/cert-manager/templates/clusterissuer-letsencrypt.yaml → cluster-components/cert-manager/templates/clusterissuer-letsencrypt-mareshq.yaml
View file

@ -1,13 +1,13 @@
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-prod
name: letsencrypt-mareshq
spec:
acme:
email: me+infra@vojtechmares.com
server: https://acme-v02.api.letsencrypt.org/directory
privateKeySecretRef:
name: letsencrypt-prod
name: letsencrypt-mareshq
solvers:
- http01:
ingress:

14
cluster-components/cert-manager/templates/clusterissuer-letsencrypt-prod.yaml Normal file
View file

@ -0,0 +1,14 @@
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-prod
spec:
acme:
email: me+infra@vojtechmares.com
server: https://acme-v02.api.letsencrypt.org/directory
privateKeySecretRef:
name: letsencrypt-prod
solvers:
- http01:
ingress:
class: nginx

2
cluster-components/longhorn/values.yaml
View file

@ -7,4 +7,4 @@ longhorn:
tlsSecret: longhorn-tls
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
cert-manager.io/cluster-issuer: letsencrypt-mareshq

6
cluster-components/monitoring/values.yaml
View file

@ -21,7 +21,7 @@ kube-prometheus-stack:
enabled: true
pathType: Prefix
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
cert-manager.io/cluster-issuer: letsencrypt-mareshq
# nginx.ingress.kubernetes.io/auth-url: "https://auth.cloud.mareshq.com/oauth2/auth"
# nginx.ingress.kubernetes.io/auth-signin: "https://auth.cloud.mareshq.com/oauth2/start?rd=$scheme://$host$request_uri"
hosts:
@ -47,7 +47,7 @@ kube-prometheus-stack:
enabled: true
pathType: Prefix
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
cert-manager.io/cluster-issuer: letsencrypt-mareshq
hosts:
- grafana.cloud.mareshq.com
paths:
@ -87,7 +87,7 @@ kube-prometheus-stack:
enabled: true
pathType: Prefix
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
cert-manager.io/cluster-issuer: letsencrypt-mareshq
# nginx.ingress.kubernetes.io/auth-url: "https://auth.cloud.mareshq.com/oauth2/auth"
# nginx.ingress.kubernetes.io/auth-signin: "https://auth.cloud.mareshq.com/oauth2/start?rd=$scheme://$host$request_uri"
hosts: