Added letsencrypt-production issuer

2024-09-27 00:54:26 +02:00 · 2024-09-27 00:54:26 +02:00 · ebf7573492
commit ebf7573492
parent 04960e581c
4 changed files with 33 additions and 0 deletions
--- a/clusters/titan.lan.huizinga.dev/cert-manager/certificates/huizinga-dev.yaml
+++ b/clusters/titan.lan.huizinga.dev/cert-manager/certificates/huizinga-dev.yaml
@ -0,0 +1,14 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: huizinga-dev
+  namespace: default
+spec:
+  secretName: huizinga-dev-tls
+  issuerRef:
+    name: letsencrypt-production
+    kind: ClusterIssuer
+  commonName: "*.huizinga.dev"
+  dnsNames:
+    - "huizinga.dev"
+    - "*.huizinga.dev"
--- a/clusters/titan.lan.huizinga.dev/cert-manager/certificates/kustomization.yaml
+++ b/clusters/titan.lan.huizinga.dev/cert-manager/certificates/kustomization.yaml
@ -2,3 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
  - huizinga-dev-staging.yaml
+  - huizinga-dev.yaml
--- a/clusters/titan.lan.huizinga.dev/cert-manager/issuers/kustomization.yaml
+++ b/clusters/titan.lan.huizinga.dev/cert-manager/issuers/kustomization.yaml
@ -3,3 +3,4 @@ kind: Kustomization
 resources:
  - secret.yaml
  - letsencrypt-staging.yaml
+  - letsencrypt-production.yaml
--- a/clusters/titan.lan.huizinga.dev/cert-manager/issuers/letsencrypt-production.yaml
+++ b/clusters/titan.lan.huizinga.dev/cert-manager/issuers/letsencrypt-production.yaml
@ -0,0 +1,17 @@
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: letsencrypt-production
+spec:
+  acme:
+    server: https://acme-v02.api.letsencrypt.org/directory
+    email: tim.huizinga@gmail.com
+    privateKeySecretRef:
+      name: letsencrypt-production
+    solvers:
+      - dns01:
+          cloudflare:
+            email: tim.huizinga@gmail.com
+            apiTokenSecretRef:
+              name: cloudflare-token-secret
+              key: cloudflare-token