cert-manager nach der alte Muster eingerichtet

2024-10-10 16:07:19 +02:00
parent 8396251dea
commit 896285a1f9
5 changed files with 70 additions and 14 deletions
--- a/argocd/apps/cert-manager/include/.cluster-issuer.yaml.swp
+++ b/argocd/apps/cert-manager/include/.cluster-issuer.yaml.swp
--- a/argocd/apps/cert-manager/include/cluster-issuer.yaml
+++ b/argocd/apps/cert-manager/include/cluster-issuer.yaml
@@ -0,0 +1,17 @@
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: lets-encrypt
+spec:
+  acme:
+    server: https://acme-v02.api.letsencrypt.org/directory
+    privateKeySecretRef:
+      name: lets-encrypt
+    email: titus.innohubni@outlook.de
+    solvers:
+    - dns01:
+        cloudflare:
+          email: titus.innohubni@outlook.de
+          apiTokenSecretRef:
+            name: cloudflare-api-token-secret
+            key: api-token
--- a/argocd/apps/cert-manager/include/tls-store.yaml
+++ b/argocd/apps/cert-manager/include/tls-store.yaml
@@ -0,0 +1,8 @@
+iapiVersion: traefik.io/v1alpha1
+kind: TLSStore
+metadata:
+  name: default
+  namespace: kube-system
+spec:
+  defaultCertificate:
+    secretName: innovation-hub-niedeersachsen.de-wildcard-tls
--- a/argocd/apps/cert-manager/include/wildcard-cerficate.yaml
+++ b/argocd/apps/cert-manager/include/wildcard-cerficate.yaml
@@ -0,0 +1,15 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: innovation-hub-niedersachsen.de-wildcard
+  namespace: kube-system
+spec:
+  secretName: innovation-hub-niedersachsen.de-wildcard-tls
+  commonName: '*.innovation-hub-niedersachsen.de'
+  dnsNames:
+    - 'innovation-hub-niedersachsen.de'
+    - '*.innovation-hub-niedersachsen.de'
+  issuerRef:
+    name: lets-encrypt
+    kind: ClusterIssuer
+    group: cert-manager.io