From 2c87c6553a31f9ea9e56b4e5ee44e8ea2350e61f Mon Sep 17 00:00:00 2001 From: Joseph Hanson Date: Wed, 3 Apr 2024 13:51:36 -0500 Subject: [PATCH] Add dnsimple issuer. --- .../issuers/dnsimple/externalsecret.yaml | 19 +++++++++++++++++++ ...issuer-letsencrypt-prod-jahanson-tech.yaml | 13 ++++++++----- .../cert-manager/issuers/kustomization.yaml | 3 ++- 3 files changed, 29 insertions(+), 6 deletions(-) create mode 100644 kubernetes/apps/cert-manager/cert-manager/issuers/dnsimple/externalsecret.yaml rename kubernetes/apps/cert-manager/cert-manager/issuers/{cloudflare => dnsimple}/issuer-letsencrypt-prod-jahanson-tech.yaml (62%) diff --git a/kubernetes/apps/cert-manager/cert-manager/issuers/dnsimple/externalsecret.yaml b/kubernetes/apps/cert-manager/cert-manager/issuers/dnsimple/externalsecret.yaml new file mode 100644 index 00000000..a2a3d8b0 --- /dev/null +++ b/kubernetes/apps/cert-manager/cert-manager/issuers/dnsimple/externalsecret.yaml @@ -0,0 +1,19 @@ +--- +# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: dnsimple-api-token + namespace: cert-manager +spec: + secretStoreRef: + kind: ClusterSecretStore + name: onepassword-connect + target: + name: dnsimple-api-token + creationPolicy: Owner + data: + - secretKey: api-token + remoteRef: + key: DNSimple + property: cert_manager_api_token \ No newline at end of file diff --git a/kubernetes/apps/cert-manager/cert-manager/issuers/cloudflare/issuer-letsencrypt-prod-jahanson-tech.yaml b/kubernetes/apps/cert-manager/cert-manager/issuers/dnsimple/issuer-letsencrypt-prod-jahanson-tech.yaml similarity index 62% rename from kubernetes/apps/cert-manager/cert-manager/issuers/cloudflare/issuer-letsencrypt-prod-jahanson-tech.yaml rename to kubernetes/apps/cert-manager/cert-manager/issuers/dnsimple/issuer-letsencrypt-prod-jahanson-tech.yaml index 855794b9..3d87f4b6 100644 --- a/kubernetes/apps/cert-manager/cert-manager/issuers/cloudflare/issuer-letsencrypt-prod-jahanson-tech.yaml +++ b/kubernetes/apps/cert-manager/cert-manager/issuers/dnsimple/issuer-letsencrypt-prod-jahanson-tech.yaml @@ -9,14 +9,17 @@ spec: email: "joe@veri.dev" preferredChain: "" privateKeySecretRef: - name: letsencrypt-cloudflare-production + name: letsencrypt-dnsimple-production server: https://acme-v02.api.letsencrypt.org/directory solvers: - dns01: - cloudflare: - apiTokenSecretRef: - name: cloudflare-api-token - key: jahanson-tech-api-token + webhook: + groupName: acme.hsn.dev + solverName: dnsimple + config: + apiKeySecretRef: + name: dnsimple-api-token + key: api-token selector: dnsZones: - jahanson.tech diff --git a/kubernetes/apps/cert-manager/cert-manager/issuers/kustomization.yaml b/kubernetes/apps/cert-manager/cert-manager/issuers/kustomization.yaml index baa585f8..ce8d3ed2 100644 --- a/kubernetes/apps/cert-manager/cert-manager/issuers/kustomization.yaml +++ b/kubernetes/apps/cert-manager/cert-manager/issuers/kustomization.yaml @@ -6,5 +6,6 @@ namespace: cert-manager resources: - ./cloudflare/externalsecret.yaml - ./cloudflare/issuer-letsencrypt-prod.yaml - - ./cloudflare/issuer-letsencrypt-prod-jahanson-tech.yaml - ./cloudflare/issuer-letsencrypt-staging.yaml + - ./dnsimple/externalsecret.yaml + - ./dnsimple/issuer-letsencrypt-prod-jahanson-tech.yaml