ab/homelab
1
0
Fork 1
Code Pull Requests Actions Packages Wiki Activity

Added cert-manager

Browse Source
This commit is contained in:
Ultradesu
2025-04-06 00:37:15 +01:00
parent 69e01aaa92
commit a7cf18563d
5 changed files with 78 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
k8s/core/cert-manager.yaml → k8s/core/cert-manager/external-secrets.yaml
View File

@ -1,16 +1,3 @@
apiVersion: helm.cattle.io/v1
kind: HelmChart
metadata:
name: cert-manager
namespace: kube-system
spec:
repo: https://charts.jetstack.io
chart: cert-manager
targetNamespace: cert-manager
createNamespace: true
valuesContent: |-
crds:
enabled: true
--- ---
apiVersion: external-secrets.io/v1beta1 apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret kind: ExternalSecret
@ -69,41 +56,3 @@ spec:
remoteRef: remoteRef:
key: 144f9aa9-d6bd-4272-bfc9-ce8ba6f4a515 key: 144f9aa9-d6bd-4272-bfc9-ce8ba6f4a515
property: fields[1].value property: fields[1].value
---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt
spec:
acme:
server: https://acme-v02.api.letsencrypt.org/directory
email: k8s-master@hexor.cy
privateKeySecretRef:
name: tls-secret
solvers:
- dns01:
cloudflare:
email: ultradesu@hexor.ru
apiKeySecretRef:
name: cloudflare-api-key-secret
key: apiKey
selector:
dnsZones:
- "*.hexor.cy"
- "*.hexor.ru"
- "*.btwiusearch.net"
- "hexor.ru"
- "hexor.cy"
- "btwiusearch.net"
- dns01:
route53:
region: eu-north-1
accessKeyIDSecretRef:
name: aws-api-key-secret
key: accessKey
secretAccessKeySecretRef:
name: aws-api-key-secret
key: secretKey
selector:
dnsZones:
- "of.hexor.cy"

39
k8s/core/cert-manager/issuer.yaml Normal file
View File

@ -0,0 +1,39 @@
---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt
spec:
acme:
server: https://acme-v02.api.letsencrypt.org/directory
email: k8s-master@hexor.cy
privateKeySecretRef:
name: tls-secret
solvers:
- dns01:
cloudflare:
email: ultradesu@hexor.ru
apiKeySecretRef:
name: cloudflare-api-key-secret
key: apiKey
selector:
dnsZones:
- "*.hexor.cy"
- "*.hexor.ru"
- "*.btwiusearch.net"
- "hexor.ru"
- "hexor.cy"
- "btwiusearch.net"
- dns01:
route53:
region: eu-north-1
accessKeyIDSecretRef:
name: aws-api-key-secret
key: accessKey
secretAccessKeySecretRef:
name: aws-api-key-secret
key: secretKey
selector:
dnsZones:
- "of.hexor.cy"

16
k8s/core/cert-manager/kustomization.yaml Normal file
View File

@ -0,0 +1,16 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- external-secrets.yaml
- issuer.yaml
helmCharts:
- name: cert-manager
repo: https://charts.jetstack.io
version: 1.17.1
releaseName: cert-manager
namespace: cert-manager
valuesFile: values.yaml
includeCRDs: true

2
k8s/core/cert-manager/values.yaml Normal file
View File

@ -0,0 +1,2 @@
crds:
enabled: true

21
k8s/state/core/cert-manager.yaml Normal file
View File

@ -0,0 +1,21 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: cert-manager
namespace: argocd
spec:
project: homelab
destination:
namespace: cert-manager
server: https://kubernetes.default.svc
source:
repoURL: ssh://git@gt.hexor.cy:30022/ab/homelab.git
targetRevision: HEAD
path: k8s/core/cert-manager
syncPolicy:
automated:
selfHeal: true
prune: true
syncOptions:
- CreateNamespace=true