Added letsencrypt-production issuer

clusters/titan.lan.huizinga.dev/cert-manager/certificates/huizinga-dev.yaml

@@ -0,0 +1,14 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: huizinga-dev
+  namespace: default
+spec:
+  secretName: huizinga-dev-tls
+  issuerRef:
+    name: letsencrypt-production
+    kind: ClusterIssuer
+  commonName: "*.huizinga.dev"
+  dnsNames:
+    - "huizinga.dev"
+    - "*.huizinga.dev"

clusters/titan.lan.huizinga.dev/cert-manager/certificates/kustomization.yaml

@@ -2,3 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
   - huizinga-dev-staging.yaml
+  - huizinga-dev.yaml

clusters/titan.lan.huizinga.dev/cert-manager/issuers/kustomization.yaml

@@ -3,3 +3,4 @@ kind: Kustomization
 resources:
   - secret.yaml
   - letsencrypt-staging.yaml
+  - letsencrypt-production.yaml

clusters/titan.lan.huizinga.dev/cert-manager/issuers/letsencrypt-production.yaml

@@ -0,0 +1,17 @@
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: letsencrypt-production
+spec:
+  acme:
+    server: https://acme-v02.api.letsencrypt.org/directory
+    email: tim.huizinga@gmail.com
+    privateKeySecretRef:
+      name: letsencrypt-production
+    solvers:
+      - dns01:
+          cloudflare:
+            email: tim.huizinga@gmail.com
+            apiTokenSecretRef:
+              name: cloudflare-token-secret
+              key: cloudflare-token