cert-manager update

kubernetes/certmanager/examples/certificate.yaml.example

@@ -0,0 +1,13 @@
+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: your-certificate  # <-- Replace with your certificate name
+  namespace: your-namespace  # <-- Replace with your namespace
+spec:
+  secretName: your-secret  # <-- Replace with your secret name
+  issuerRef:
+    name: clusterissuer  # <-- Replace with your issuer name
+    kind: ClusterIssuer
+  dnsNames:
+    - your-hostname  # <-- Replace with your hostname

kubernetes/certmanager/examples/clusterissuer.yaml.example

@@ -0,0 +1,17 @@
+---
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: clusterissuer  # <-- Replace with your clsuterissuer name
+spec:
+  acme:
+    email: your-email@address  # <-- Replace with your email address
+    server: https://acme-v02.api.letsencrypt.org/directory
+    privateKeySecretRef:
+      name: example-clusterissuer-account-key  # <-- Replace with your secret name
+    solvers:
+      - dns01:
+          cloudflare:
+            apiTokenSecretRef:
+              name: cloudflare-api-token-secret  # <-- Replace with your secret name
+              key: api-token        

kubernetes/certmanager/examples/example-certificate.yaml

@@ -1,12 +0,0 @@
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
-  name: your-certificate
-  namespace: your-namespace
-spec:
-  secretName: your-secret
-  issuerRef:
-    name: ssl-issuer
-    kind: ClusterIssuer
-  dnsNames:
-    - your-hostname

kubernetes/certmanager/examples/example-clusterissuer.yaml

@@ -1,52 +0,0 @@
-apiVersion: cert-manager.io/v1
-kind: ClusterIssuer
-metadata:
-  name: acme-issuer
-spec:
-  # -- (Choice) Self-signed Issuer
-  # selfSigned: {}
-  # -- or --
-  # -- (Choice) ACME Issuer
-  acme:
-    # Configure your email here...
-    # ---
-    # email: your-email@address
-
-    # Configure your server here...
-    # ---
-    # Letsencrypt Production
-    # server: https://acme-v02.api.letsencrypt.org/directory
-    # - or -
-    # Letsencrypt Staging
-    # server: https://acme-staging-v02.api.letsencrypt.org/directory
-
-    privateKeySecretRef:
-      name: example-issuer-account-key
-    solvers:
-    # Configure DNS or HTTP Challenge here...
-    # ---
-    # DNS Challenge:
-    # - dns01:
-        # Configure your DNS Provider here...
-        # ---
-        # cloudflare:
-        #   email: your-email@address
-        # API Key:
-        #   apiKeySecretRef:
-        #     name: cloudflare-api-key-secret
-        #     key: api-key
-        # - or -
-        # API Token:
-        #   apiTokenSecretRef:
-        #     name: cloudflare-api-token-secret
-        #     key: api-token        
-      # (Optional) Add DNS selectors
-      # ---
-      # selector:
-      #   dnsZones:
-      #   - 'your-domain'
-
-    # HTTP Challenge:
-    # - http01:
-    #    ingress:
-    #      class: traefik

kubernetes/certmanager/examples/example-issuer.yaml

@@ -1,55 +0,0 @@
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
-  name: acme-issuer
-  # (Optional) Metadata
-  # ---
-  # namespace: your-namespace
-spec:
-  # -- (Choice) Self-signed Issuer
-  # selfSigned: {}
-  # -- or --
-  # -- (Choice) ACME Issuer
-  acme:
-    # Configure your email here...
-    # ---
-    # email: your-email@address
-
-    # Configure your server here...
-    # ---
-    # Letsencrypt Production
-    # server: https://acme-v02.api.letsencrypt.org/directory
-    # - or -
-    # Letsencrypt Staging
-    # server: https://acme-staging-v02.api.letsencrypt.org/directory
-
-    privateKeySecretRef:
-      name: example-issuer-account-key
-    solvers:
-    # Configure DNS or HTTP Challenge here...
-    # ---
-    # DNS Challenge:
-    # - dns01:
-        # Configure your DNS Provider here...
-        # ---
-        # cloudflare:
-        #   email: your-email@address
-        # API Key:
-        #   apiKeySecretRef:
-        #     name: cloudflare-api-key-secret
-        #     key: api-key
-        # - or -
-        # API Token:
-        #   apiTokenSecretRef:
-        #     name: cloudflare-api-token-secret
-        #     key: api-token        
-      # (Optional) Add DNS selectors
-      # ---
-      # selector:
-      #   dnsZones:
-      #   - 'your-domain'
-
-    # HTTP Challenge:
-    # - http01:
-    #    ingress:
-    #      class: traefik

kubernetes/certmanager/examples/issuer-secret.yaml.example

@@ -0,0 +1,9 @@
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: cloudflare-api-token-secret
+  namespace: cert-manager
+type: Opaque
+data:
+  api-token: your-api-token  # <-- Replace with your Cloudflare API token

kubernetes/certmanager/examples/issuer.yaml.example

@@ -0,0 +1,18 @@
+---
+apiVersion: cert-manager.io/v1
+kind: Issuer
+metadata:
+  name: issuer  # <-- Replace with your issuer name
+  namespace: your-namespace  # <-- Replace with your namespace
+spec:
+  acme:
+    email: your-email@address  # <-- Replace with your email address
+    server: https://acme-v02.api.letsencrypt.org/directory
+    privateKeySecretRef:
+      name: example-issuer-account-key  # <-- Replace with your secret name
+    solvers:
+      - dns01:
+          cloudflare:
+            apiTokenSecretRef:
+              name: cloudflare-api-token-secret  # <-- Replace with your secret name
+              key: api-token        

kubernetes/certmanager/values.yaml

@@ -1,5 +1,4 @@
-# Cert-Manager Helm Chart Values Template
-# ---
+---
 image:
   repository: quay.io/jetstack/cert-manager-controller
   tag: v1.16.0
@@ -11,12 +10,8 @@ cainjector:
   image:
     repository: quay.io/jetstack/cert-manager-cainjector
     tag: v1.16.0
-
-# Enable the CRD install job
 crds: 
   enabled: true
-
-# Add DNS01 recursive nameserver configuration
 extraArgs:
   - --dns01-recursive-nameservers-only
   - --dns01-recursive-nameservers=1.1.1.1:53,1.0.0.1:53