mirror of
https://github.com/ChristianLempa/boilerplates.git
synced 2024-11-24 17:24:25 +01:00
cert-manager update
This commit is contained in:
parent
6288d0faa2
commit
3d55786e36
13
kubernetes/certmanager/examples/certificate.yaml.example
Normal file
13
kubernetes/certmanager/examples/certificate.yaml.example
Normal file
@ -0,0 +1,13 @@
|
||||
---
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: Certificate
|
||||
metadata:
|
||||
name: your-certificate # <-- Replace with your certificate name
|
||||
namespace: your-namespace # <-- Replace with your namespace
|
||||
spec:
|
||||
secretName: your-secret # <-- Replace with your secret name
|
||||
issuerRef:
|
||||
name: clusterissuer # <-- Replace with your issuer name
|
||||
kind: ClusterIssuer
|
||||
dnsNames:
|
||||
- your-hostname # <-- Replace with your hostname
|
17
kubernetes/certmanager/examples/clusterissuer.yaml.example
Normal file
17
kubernetes/certmanager/examples/clusterissuer.yaml.example
Normal file
@ -0,0 +1,17 @@
|
||||
---
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: ClusterIssuer
|
||||
metadata:
|
||||
name: clusterissuer # <-- Replace with your clsuterissuer name
|
||||
spec:
|
||||
acme:
|
||||
email: your-email@address # <-- Replace with your email address
|
||||
server: https://acme-v02.api.letsencrypt.org/directory
|
||||
privateKeySecretRef:
|
||||
name: example-clusterissuer-account-key # <-- Replace with your secret name
|
||||
solvers:
|
||||
- dns01:
|
||||
cloudflare:
|
||||
apiTokenSecretRef:
|
||||
name: cloudflare-api-token-secret # <-- Replace with your secret name
|
||||
key: api-token
|
@ -1,12 +0,0 @@
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: Certificate
|
||||
metadata:
|
||||
name: your-certificate
|
||||
namespace: your-namespace
|
||||
spec:
|
||||
secretName: your-secret
|
||||
issuerRef:
|
||||
name: ssl-issuer
|
||||
kind: ClusterIssuer
|
||||
dnsNames:
|
||||
- your-hostname
|
@ -1,52 +0,0 @@
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: ClusterIssuer
|
||||
metadata:
|
||||
name: acme-issuer
|
||||
spec:
|
||||
# -- (Choice) Self-signed Issuer
|
||||
# selfSigned: {}
|
||||
# -- or --
|
||||
# -- (Choice) ACME Issuer
|
||||
acme:
|
||||
# Configure your email here...
|
||||
# ---
|
||||
# email: your-email@address
|
||||
|
||||
# Configure your server here...
|
||||
# ---
|
||||
# Letsencrypt Production
|
||||
# server: https://acme-v02.api.letsencrypt.org/directory
|
||||
# - or -
|
||||
# Letsencrypt Staging
|
||||
# server: https://acme-staging-v02.api.letsencrypt.org/directory
|
||||
|
||||
privateKeySecretRef:
|
||||
name: example-issuer-account-key
|
||||
solvers:
|
||||
# Configure DNS or HTTP Challenge here...
|
||||
# ---
|
||||
# DNS Challenge:
|
||||
# - dns01:
|
||||
# Configure your DNS Provider here...
|
||||
# ---
|
||||
# cloudflare:
|
||||
# email: your-email@address
|
||||
# API Key:
|
||||
# apiKeySecretRef:
|
||||
# name: cloudflare-api-key-secret
|
||||
# key: api-key
|
||||
# - or -
|
||||
# API Token:
|
||||
# apiTokenSecretRef:
|
||||
# name: cloudflare-api-token-secret
|
||||
# key: api-token
|
||||
# (Optional) Add DNS selectors
|
||||
# ---
|
||||
# selector:
|
||||
# dnsZones:
|
||||
# - 'your-domain'
|
||||
|
||||
# HTTP Challenge:
|
||||
# - http01:
|
||||
# ingress:
|
||||
# class: traefik
|
@ -1,55 +0,0 @@
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: Issuer
|
||||
metadata:
|
||||
name: acme-issuer
|
||||
# (Optional) Metadata
|
||||
# ---
|
||||
# namespace: your-namespace
|
||||
spec:
|
||||
# -- (Choice) Self-signed Issuer
|
||||
# selfSigned: {}
|
||||
# -- or --
|
||||
# -- (Choice) ACME Issuer
|
||||
acme:
|
||||
# Configure your email here...
|
||||
# ---
|
||||
# email: your-email@address
|
||||
|
||||
# Configure your server here...
|
||||
# ---
|
||||
# Letsencrypt Production
|
||||
# server: https://acme-v02.api.letsencrypt.org/directory
|
||||
# - or -
|
||||
# Letsencrypt Staging
|
||||
# server: https://acme-staging-v02.api.letsencrypt.org/directory
|
||||
|
||||
privateKeySecretRef:
|
||||
name: example-issuer-account-key
|
||||
solvers:
|
||||
# Configure DNS or HTTP Challenge here...
|
||||
# ---
|
||||
# DNS Challenge:
|
||||
# - dns01:
|
||||
# Configure your DNS Provider here...
|
||||
# ---
|
||||
# cloudflare:
|
||||
# email: your-email@address
|
||||
# API Key:
|
||||
# apiKeySecretRef:
|
||||
# name: cloudflare-api-key-secret
|
||||
# key: api-key
|
||||
# - or -
|
||||
# API Token:
|
||||
# apiTokenSecretRef:
|
||||
# name: cloudflare-api-token-secret
|
||||
# key: api-token
|
||||
# (Optional) Add DNS selectors
|
||||
# ---
|
||||
# selector:
|
||||
# dnsZones:
|
||||
# - 'your-domain'
|
||||
|
||||
# HTTP Challenge:
|
||||
# - http01:
|
||||
# ingress:
|
||||
# class: traefik
|
@ -0,0 +1,9 @@
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: cloudflare-api-token-secret
|
||||
namespace: cert-manager
|
||||
type: Opaque
|
||||
data:
|
||||
api-token: your-api-token # <-- Replace with your Cloudflare API token
|
18
kubernetes/certmanager/examples/issuer.yaml.example
Normal file
18
kubernetes/certmanager/examples/issuer.yaml.example
Normal file
@ -0,0 +1,18 @@
|
||||
---
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: Issuer
|
||||
metadata:
|
||||
name: issuer # <-- Replace with your issuer name
|
||||
namespace: your-namespace # <-- Replace with your namespace
|
||||
spec:
|
||||
acme:
|
||||
email: your-email@address # <-- Replace with your email address
|
||||
server: https://acme-v02.api.letsencrypt.org/directory
|
||||
privateKeySecretRef:
|
||||
name: example-issuer-account-key # <-- Replace with your secret name
|
||||
solvers:
|
||||
- dns01:
|
||||
cloudflare:
|
||||
apiTokenSecretRef:
|
||||
name: cloudflare-api-token-secret # <-- Replace with your secret name
|
||||
key: api-token
|
@ -1,5 +1,4 @@
|
||||
# Cert-Manager Helm Chart Values Template
|
||||
# ---
|
||||
---
|
||||
image:
|
||||
repository: quay.io/jetstack/cert-manager-controller
|
||||
tag: v1.16.0
|
||||
@ -11,12 +10,8 @@ cainjector:
|
||||
image:
|
||||
repository: quay.io/jetstack/cert-manager-cainjector
|
||||
tag: v1.16.0
|
||||
|
||||
# Enable the CRD install job
|
||||
crds:
|
||||
enabled: true
|
||||
|
||||
# Add DNS01 recursive nameserver configuration
|
||||
extraArgs:
|
||||
- --dns01-recursive-nameservers-only
|
||||
- --dns01-recursive-nameservers=1.1.1.1:53,1.0.0.1:53
|
||||
|
Loading…
Reference in New Issue
Block a user