K3S-Cluster/home-cluster-ops
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

cert manager kustomization

Browse Source
This commit is contained in:
Edward Cheng
2024-06-09 22:22:35 +10:00
parent bdcf3284e5
commit fa0e831d13
9 changed files with 32 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
kubernetes/rpi5-cluster/.sops.yaml
View File

@@ -1,4 +1,4 @@
creation_rules: creation_rules:
- path_regex: .*.yaml - path_regex: .*.ya?ml
encrypted_regex: ^(data|stringData)$ encrypted_regex: ^(data|stringData)$
pgp: 6CEA91DDB1964869C94DCEC7AF6E3BB1B44F669B age: age1d47q8mlty404pxx378q49hr93aqexca4mkeqtdm00w4gjd09xd0qhxcdcz

4
kubernetes/rpi5-cluster/apps/cert-manager/kustomization.yaml Normal file
View File

@@ -0,0 +1,4 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ../../templates/apps/cert-manager/ks.yaml

3
kubernetes/rpi5-cluster/infrastructure/repositories/kustomization.yaml → kubernetes/rpi5-cluster/infrastructure/kustomization.yaml
View File

@@ -1,4 +1,5 @@
apiVersion: kustomize.config.k8s.io/v1beta1 apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization kind: Kustomization
resources: resources:
- ks.yaml - repositories/ks.yaml
- secrets/ks.yaml

11
kubernetes/rpi5-cluster/infrastructure/repositories/home-cluster-ops-secrets.yaml
View File

@@ -8,11 +8,6 @@ spec:
ref: ref:
branch: main branch: main
secretRef: secretRef:
name: home-cluster-ops-secret name: flux-system
url: ssh://git@github.com/gabe565/home-ops-private.git timeout: 60s
ignore: | url: https://github.com/3dwardch3ng/home-cluster-ops-secrets.git
# exclude all
/*
# include flux directories
!/kubernetes/tennant
!/kubernetes/templates

16
kubernetes/rpi5-cluster/infrastructure/secrets/ks.yaml Normal file
View File

@@ -0,0 +1,16 @@
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: home-cluster-ops-secrets
namespace: flux-system
spec:
interval: 10m0s
path: ./kubernetes/infrustructure/secrets
prune: true
sourceRef:
kind: GitRepository
name: home-cluster-ops-secrets
decryption:
provider: sops
secretRef:
name: sops-age

0
kubernetes/rpi5-cluster/apps/cert-manager/namespace.yaml → kubernetes/rpi5-cluster/templates/apps/cert-manager/apps/namespace.yaml
View File

6
kubernetes/rpi5-cluster/templates/apps/cert-manager/issuers/letsencrypt-dns01.yaml
View File

@@ -1,5 +1,5 @@
apiVersion: cert-manager.io/v1 apiVersion: cert-manager.io/v1
kind: ClusterIssuer kind: Issuer
metadata: metadata:
name: letsencrypt-dns01 name: letsencrypt-dns01
namespace: cert-manager namespace: cert-manager
@@ -13,5 +13,5 @@ spec:
- dns01: - dns01:
cloudflare: cloudflare:
apiTokenSecretRef: apiTokenSecretRef:
name: cloudflare-api-token name: cert-manager-secrets
key: api-token key: cert-manager-dns01

2
kubernetes/rpi5-cluster/templates/apps/cert-manager/issuers/letsencrypt-http01.yaml
View File

@@ -1,5 +1,5 @@
apiVersion: cert-manager.io/v1 apiVersion: cert-manager.io/v1
kind: ClusterIssuer kind: Issuer
metadata: metadata:
name: letsencrypt-http01 name: letsencrypt-http01
namespace: cert-manager namespace: cert-manager

2
kubernetes/rpi5-cluster/apps/cert-manager/ks.yaml → kubernetes/rpi5-cluster/templates/apps/cert-manager/ks.yaml
View File

@@ -32,4 +32,4 @@ spec:
postBuild: postBuild:
substituteFrom: substituteFrom:
- kind: Secret - kind: Secret
name: issuer-vars name: cert-manager-secrets