App/cert manager (#701)

* add app cert manager cluster issuer * add app cert manager cluster issuer
2024-07-27 17:24:06 +10:00
parent f99f86a26b
commit 4357a49812
5 changed files with 76 additions and 0 deletions
--- a/infrastructures/cert-manager-clusterissuer/base/clusterissuer-cloudflare.yaml
+++ b/infrastructures/cert-manager-clusterissuer/base/clusterissuer-cloudflare.yaml
@@ -0,0 +1,33 @@
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: clusterissuer
+  namespace: cert-manager
+spec:
+  acme:
+    email:
+      valueFrom:
+        secretKeyRef:
+          name: clusterissuer-secrets
+          key: email
+    server: https://acme-v02.api.letsencrypt.org/directory
+    privateKeySecretRef:
+      name: cluster-issuer-account-key
+    solvers:
+      - dns01:
+          cloudflare:
+            email:
+              secretKeyRef:
+                name: clusterissuer-secrets
+                key: email
+            apiTokenSecretRef:
+              name: clusterissuer-secrets
+              key: cloudflare_api_token
+        selector:
+          dnsNames:
+            - secretKeyRef:
+                name: clusterissuer-secrets
+                key: cluster_cert_domain
+            - secretKeyRef:
+                name: clusterissuer-secrets
+                key: cluster_cert_domain_wildcard
--- a/infrastructures/cert-manager-clusterissuer/base/kustomization.yaml
+++ b/infrastructures/cert-manager-clusterissuer/base/kustomization.yaml
@@ -0,0 +1,4 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - clusterissuer-cloudflare.yaml
--- a/infrastructures/cert-manager-clusterissuer/env/k3s-cluster/config.json
+++ b/infrastructures/cert-manager-clusterissuer/env/k3s-cluster/config.json
@@ -0,0 +1,12 @@
+{
+  "appName": "cert-manager-clusterissuer",
+  "userGivenName": "cert-manager-clusterissuer",
+  "namespace": "cert-manager",
+  "destNamespace": "cert-manager",
+  "destServer": "https://kubernetes.default.svc",
+  "srcPath": "infrastructures/cert-manager-clusterissuer/env/k3s-cluster",
+  "srcRepoURL": "https://github.com/3dwardch3ng/home-cluster-ops.git",
+  "srcTargetRevision": "",
+  "labels": null,
+  "annotations": null
+}
--- a/infrastructures/cert-manager-clusterissuer/env/k3s-cluster/kustomization.yaml
+++ b/infrastructures/cert-manager-clusterissuer/env/k3s-cluster/kustomization.yaml
@@ -0,0 +1,4 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - ../../base