wip

2024-01-25 17:07:18 +01:00 · 2024-01-25 17:07:18 +01:00 · d410d564f3
commit d410d564f3
parent 2eed379533
5 changed files with 162 additions and 0 deletions
--- a/clusters/cherry/manifests/vault/certificate.yaml
+++ b/clusters/cherry/manifests/vault/certificate.yaml
@ -0,0 +1,21 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: server
+spec:
+  secretName: server-tls
+  duration: 24h
+  renewBefore: 144m # 10% of 24h
+  dnsNames:
+    - vault-0.vault-internal
+    - vault-1.vault-internal
+    - vault-2.vault-internal
+    - vault-0.vault-internal.vault
+    - vault-1.vault-internal.vault
+    - vault-2.vault-internal.vault
+    - vault-0.vault-internal.vault.svc
+    - vault-1.vault-internal.vault.svc
+    - vault-2.vault-internal.vault.svc
+  issuerRef:
+    name: server-ca-issuer
+  commonName: Server Certificate