From acc25e475e4ee500baa393bbbe8c74dc95f018cb Mon Sep 17 00:00:00 2001 From: Dreaded_X Date: Fri, 27 Sep 2024 00:21:37 +0200 Subject: [PATCH] Added letsencrypt-staging issuer --- .../cert-manager/issuers/kustomization.yaml | 5 ++ .../issuers/letsencrypt-staging.yaml | 17 ++++++ .../cert-manager/issuers/secret.yaml | 60 +++++++++++++++++++ .../cert-manager/kustomization.yaml | 1 + 4 files changed, 83 insertions(+) create mode 100644 clusters/titan.lan.huizinga.dev/cert-manager/issuers/kustomization.yaml create mode 100644 clusters/titan.lan.huizinga.dev/cert-manager/issuers/letsencrypt-staging.yaml create mode 100644 clusters/titan.lan.huizinga.dev/cert-manager/issuers/secret.yaml diff --git a/clusters/titan.lan.huizinga.dev/cert-manager/issuers/kustomization.yaml b/clusters/titan.lan.huizinga.dev/cert-manager/issuers/kustomization.yaml new file mode 100644 index 0000000..0e6e22d --- /dev/null +++ b/clusters/titan.lan.huizinga.dev/cert-manager/issuers/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - secret.yaml + - letsencrypt-staging.yaml diff --git a/clusters/titan.lan.huizinga.dev/cert-manager/issuers/letsencrypt-staging.yaml b/clusters/titan.lan.huizinga.dev/cert-manager/issuers/letsencrypt-staging.yaml new file mode 100644 index 0000000..1aa0d05 --- /dev/null +++ b/clusters/titan.lan.huizinga.dev/cert-manager/issuers/letsencrypt-staging.yaml @@ -0,0 +1,17 @@ +apiVersion: cert-manager.io/v1 +kind: ClusterIssuer +metadata: + name: letsencrypt-staging +spec: + acme: + server: https://acme-staging-v02.api.letsencrypt.org/directory + email: tim.huizinga@gmail.com + privateKeySecretRef: + name: letsencrypt-staging + solvers: + - dns01: + cloudflare: + email: tim.huizinga@gmail.com + apiTokenSecretRef: + name: cloudflare-token-secret + key: cloudflare-token diff --git a/clusters/titan.lan.huizinga.dev/cert-manager/issuers/secret.yaml b/clusters/titan.lan.huizinga.dev/cert-manager/issuers/secret.yaml new file mode 100644 index 0000000..2beee27 --- /dev/null +++ b/clusters/titan.lan.huizinga.dev/cert-manager/issuers/secret.yaml @@ -0,0 +1,60 @@ +apiVersion: v1 +kind: Secret +metadata: + name: cloudflare-token-secret + namespace: cert-manager +type: Opaque +stringData: + cloudflare-token: ENC[AES256_GCM,data:21v9+OcFvGMoIy+AxWVW55/iTC6akzvlFlH4SMCHNu60EVjomVoDFQ==,iv:zFDOQjEgTdwWT4ybapBq52kkYZCT01ANaZHrbwpcb+Y=,tag:7ZeBtDcFZKccpdS90EgARA==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2024-09-26T22:20:01Z" + mac: ENC[AES256_GCM,data:Xi30AdWVf8lNwJIMTir+ejR9qO8F1lFB8u99vd6NLWAq4twvoTRQi/Vfh61CsDuYLRBd9gC9hrCLiLz2AOTFlyTRUQpUxidFuD1tFmBUFNK1QXfpq+5HbLznBx4UHh5fIFnXq4+ZlHqKjHfMRrzcDT+L4DQb+gB+k8y8mcFru3E=,iv:19aCn3H0eWwJpMGC6+MbzELkpknGGzHAtaYOBySr/fE=,tag:VI2iqwfKOeSdI5U2L2uYWw==,type:str] + pgp: + - created_at: "2024-09-26T22:20:01Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMA7pKPTYH5bqOARAAl2y4yZJGsWORJ5jd2CopSW6yx8IsHqLKq3khYxHkPamu + gjItOM/Gqep1QCJr4kxTkO7P0MaYi7ZGinuhishYu4xy1mom8WzJs/rA2cjW1UbF + m8GoUGypaPtSsR1nQufgrO6JbIch3Tr498wBD7SvXIWTFpooalcERvVB3F4T4CeT + gXIk+vSjvXkCmx4jgAVhpj249HQOk9nyX35UzcjaSOzYm9/vfs3vFRq8FXNRkGff + +Ui/os4xTB4GiLgnvQ7t8FYTqvDfMVwgKI6VkOplpnP50mmTdKYRVe79Awvq1+/V + UkkSHxmw5Zqj7nv8MoKIlYk2g+14NLz57i4zs2vK3cNqDAqezub7r/LRDcm5Haqp + ZmI8B6VUNhveI7hKjm8ssMlOz6x3s7hvex6e+AWRqvbknusXXCiI9dhL73TXXmeZ + yceIlg5T67PY2ysbpfuToyg6ihbkMo0bM1m/lQpA94yRx6EKO75AHvBaGxgDggSr + Q8/DM3J729yqjHvXLL+2YGXVlRSpMlWb+AYi4YLmB/rsT2wBlPWE7m0c3/xQA3ld + 5b/CW/2JOfXlwnooXEMFICr9ExFeiOv4RTnNahOTVscnIsi5jSlYPkhWwKm6ughy + oahJRi6wb6sJrleoPKRea+Pwh2qdEaQE/nFeBZeMMZxyLySQmkWoXJET7HQR3szU + aAEJAhBFZF84NkBuqmo+A7z055hz1tEJSnjO6eZ/+jvX9pPkrAv/CqW9C8UeG3vt + a6/XjnRVr38ZKAtNt3ebFwjzKZDLVyrANycnEp1PV7Pc8QvltJ88VS/wmWSP9Hj0 + BA11vpb7XvkU + =XmSy + -----END PGP MESSAGE----- + fp: 1E0CF38FF7C9ADAED58B436ABA4A3D3607E5BA8E + - created_at: "2024-09-26T22:20:01Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQIMA51kG++kLewoAQ/+M1BLbAVU8kVgx/atZnWwjZtjukEc8vOFw4n9tscq0Dm3 + UzoOpbM1kaq5Hq8+e1mVFXMWLYgHnKjeSwBSiRCmZgFfvzPK63E5c6ZorKniTneZ + T7BJwxmtEF8JG+N9O2SHmto4cWZcrHvmWS5jJ5ybUFlMiFp6z7fPBuOzhKvTMBsc + IFHBBF0eMANUGwlpXuYJMTUECnFjvIxu/UXPMVBZ1HWHbIewYTRWXPQXeDxlJyk6 + YgtGChBZ8KRYNqX1kBi5AyIdjWA9+wrMtTVTghC+1eBTOm8TsmN280KBmB512li1 + HgexbmQkgItlJwyOV/7MTo19yzve72yYlqoIv3BSrwYfr0NDaQM0mhLAwcHC2R1R + IAOzajlHtgbr3XBW0BxWMC4Ch23CatZE4WJlu/CJ07+aMCsSV4L+da7wopt0A9dx + og0aPjUGq3MFmSet0kJKLJHS1JBSjf0LVnQjB5A451Wmndpoc2gZSpNtM4I2e2+7 + xe6RUB6oYjRyB0t771UMQ3sQrSN3cn2c8yuijLep837yvNqpRBR4bbc2XJdZIOMw + sKEGIAMyJjCagQJa4c2YY0fksVSnhnYzjklfsx+PAvsW9EiWo26Vldp4zHYsVALD + 7yKAWGupRTTB2mTXg9wvoKRkOY8A3Lb9aG+xnrf967nJt9nCV9hPXs959dVw9+jS + XgFCzdWtznuFA5wPJA3ko6lqLnE1HCIdgAo5ovQ4y3K9jkoVJsS2ADAnEy9Ac2uk + uds32S29PQ9o+ReAIQKvTzFNmKSLbcsK/z6rGLh0WdqmqWg6kVidWvktDQHY86E= + =cW8j + -----END PGP MESSAGE----- + fp: 49F10679C425233EFB4B1B6F9D641BEFA42DEC28 + encrypted_regex: ^(data|stringData)$ + version: 3.9.0 diff --git a/clusters/titan.lan.huizinga.dev/cert-manager/kustomization.yaml b/clusters/titan.lan.huizinga.dev/cert-manager/kustomization.yaml index 328dd7e..a2d1abf 100644 --- a/clusters/titan.lan.huizinga.dev/cert-manager/kustomization.yaml +++ b/clusters/titan.lan.huizinga.dev/cert-manager/kustomization.yaml @@ -4,3 +4,4 @@ resources: - namespace.yaml - helmrepo.yaml - cert-manager.yaml + - issuers