extern/christianlempa-boilerplates
1
0
Fork 0
mirror of https://github.com/ChristianLempa/boilerplates.git synced 2025-02-17 19:10:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

cert-manager update

Browse Source
This commit is contained in:
Christian Lempa 2024-11-08 12:06:13 +01:00
parent 6288d0faa2
commit 3d55786e36
8 changed files with 58 additions and 125 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
kubernetes/certmanager/examples/certificate.yaml.example Normal file
View File

@ -0,0 +1,13 @@
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: your-certificate # <-- Replace with your certificate name
namespace: your-namespace # <-- Replace with your namespace
spec:
secretName: your-secret # <-- Replace with your secret name
issuerRef:
name: clusterissuer # <-- Replace with your issuer name
kind: ClusterIssuer
dnsNames:
- your-hostname # <-- Replace with your hostname

17
kubernetes/certmanager/examples/clusterissuer.yaml.example Normal file
View File

@ -0,0 +1,17 @@
---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: clusterissuer # <-- Replace with your clsuterissuer name
spec:
acme:
email: your-email@address # <-- Replace with your email address
server: https://acme-v02.api.letsencrypt.org/directory
privateKeySecretRef:
name: example-clusterissuer-account-key # <-- Replace with your secret name
solvers:
- dns01:
cloudflare:
apiTokenSecretRef:
name: cloudflare-api-token-secret # <-- Replace with your secret name
key: api-token

12
kubernetes/certmanager/examples/example-certificate.yaml
View File

@ -1,12 +0,0 @@
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: your-certificate
namespace: your-namespace
spec:
secretName: your-secret
issuerRef:
name: ssl-issuer
kind: ClusterIssuer
dnsNames:
- your-hostname

52
kubernetes/certmanager/examples/example-clusterissuer.yaml
View File

@ -1,52 +0,0 @@
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: acme-issuer
spec:
# -- (Choice) Self-signed Issuer
# selfSigned: {}
# -- or --
# -- (Choice) ACME Issuer
acme:
# Configure your email here...
# ---
# email: your-email@address
# Configure your server here...
# ---
# Letsencrypt Production
# server: https://acme-v02.api.letsencrypt.org/directory
# - or -
# Letsencrypt Staging
# server: https://acme-staging-v02.api.letsencrypt.org/directory
privateKeySecretRef:
name: example-issuer-account-key
solvers:
# Configure DNS or HTTP Challenge here...
# ---
# DNS Challenge:
# - dns01:
# Configure your DNS Provider here...
# ---
# cloudflare:
# email: your-email@address
# API Key:
# apiKeySecretRef:
# name: cloudflare-api-key-secret
# key: api-key
# - or -
# API Token:
# apiTokenSecretRef:
# name: cloudflare-api-token-secret
# key: api-token
# (Optional) Add DNS selectors
# ---
# selector:
# dnsZones:
# - 'your-domain'
# HTTP Challenge:
# - http01:
# ingress:
# class: traefik

55
kubernetes/certmanager/examples/example-issuer.yaml
View File

@ -1,55 +0,0 @@
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
name: acme-issuer
# (Optional) Metadata
# ---
# namespace: your-namespace
spec:
# -- (Choice) Self-signed Issuer
# selfSigned: {}
# -- or --
# -- (Choice) ACME Issuer
acme:
# Configure your email here...
# ---
# email: your-email@address
# Configure your server here...
# ---
# Letsencrypt Production
# server: https://acme-v02.api.letsencrypt.org/directory
# - or -
# Letsencrypt Staging
# server: https://acme-staging-v02.api.letsencrypt.org/directory
privateKeySecretRef:
name: example-issuer-account-key
solvers:
# Configure DNS or HTTP Challenge here...
# ---
# DNS Challenge:
# - dns01:
# Configure your DNS Provider here...
# ---
# cloudflare:
# email: your-email@address
# API Key:
# apiKeySecretRef:
# name: cloudflare-api-key-secret
# key: api-key
# - or -
# API Token:
# apiTokenSecretRef:
# name: cloudflare-api-token-secret
# key: api-token
# (Optional) Add DNS selectors
# ---
# selector:
# dnsZones:
# - 'your-domain'
# HTTP Challenge:
# - http01:
# ingress:
# class: traefik

9
kubernetes/certmanager/examples/issuer-secret.yaml.example Normal file
View File

@ -0,0 +1,9 @@
---
apiVersion: v1
kind: Secret
metadata:
name: cloudflare-api-token-secret
namespace: cert-manager
type: Opaque
data:
api-token: your-api-token # <-- Replace with your Cloudflare API token

18
kubernetes/certmanager/examples/issuer.yaml.example Normal file
View File

@ -0,0 +1,18 @@
---
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
name: issuer # <-- Replace with your issuer name
namespace: your-namespace # <-- Replace with your namespace
spec:
acme:
email: your-email@address # <-- Replace with your email address
server: https://acme-v02.api.letsencrypt.org/directory
privateKeySecretRef:
name: example-issuer-account-key # <-- Replace with your secret name
solvers:
- dns01:
cloudflare:
apiTokenSecretRef:
name: cloudflare-api-token-secret # <-- Replace with your secret name
key: api-token

7
kubernetes/certmanager/values.yaml
View File

@ -1,5 +1,4 @@
# Cert-Manager Helm Chart Values Template ---
# ---
image: image:
repository: quay.io/jetstack/cert-manager-controller repository: quay.io/jetstack/cert-manager-controller
tag: v1.16.0 tag: v1.16.0
@ -11,12 +10,8 @@ cainjector:
image: image:
repository: quay.io/jetstack/cert-manager-cainjector repository: quay.io/jetstack/cert-manager-cainjector
tag: v1.16.0 tag: v1.16.0
# Enable the CRD install job
crds: crds:
enabled: true enabled: true
# Add DNS01 recursive nameserver configuration
extraArgs: extraArgs:
- --dns01-recursive-nameservers-only - --dns01-recursive-nameservers-only
- --dns01-recursive-nameservers=1.1.1.1:53,1.0.0.1:53 - --dns01-recursive-nameservers=1.1.1.1:53,1.0.0.1:53