Trying ZeroSSL
This commit is contained in:
parent
697a901288
commit
7498c9558c
2 changed files with 29 additions and 10 deletions
|
@ -3,17 +3,30 @@
|
|||
apiVersion: external-secrets.io/v1beta1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: dnsimple-api-token
|
||||
name: zerossl-secret
|
||||
namespace: cert-manager
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: onepassword-connect
|
||||
target:
|
||||
name: dnsimple-api-token
|
||||
name: zerossl-secret
|
||||
creationPolicy: Owner
|
||||
data:
|
||||
- secretKey: api-token
|
||||
remoteRef:
|
||||
template:
|
||||
engineVersion: v2
|
||||
data:
|
||||
api-token: "{{ .cert_manager_api_token }}"
|
||||
eab-hmac-key: "{{ .zerossl_eab_hmac_key }}"
|
||||
dataFrom:
|
||||
- extract:
|
||||
key: DNSimple
|
||||
property: cert_manager_api_token
|
||||
rewrite:
|
||||
- regexp:
|
||||
source: "(.*)"
|
||||
target: "dnsimple_$1"
|
||||
- extract:
|
||||
key: ZeroSSL
|
||||
rewrite:
|
||||
- regexp:
|
||||
source: "(.*)"
|
||||
target: "zerossl_$1"
|
||||
|
|
|
@ -3,14 +3,20 @@
|
|||
apiVersion: cert-manager.io/v1
|
||||
kind: ClusterIssuer
|
||||
metadata:
|
||||
name: letsencrypt-dnsimple-prod-jahanson-tech
|
||||
name: issuer-zerossl-prod
|
||||
spec:
|
||||
acme:
|
||||
server: https://acme.zerossl.com/v2/DV90
|
||||
email: "joe@veri.dev"
|
||||
preferredChain: ""
|
||||
privateKeySecretRef:
|
||||
name: letsencrypt-dnsimple-production
|
||||
server: https://acme-v02.api.letsencrypt.org/directory
|
||||
name: zerossl-production
|
||||
externalAccountBinding:
|
||||
keyID: feJODDijN9gypthMXaHtVA
|
||||
keySecretRef:
|
||||
name: zerossl-secret
|
||||
key: eab-hmac-key
|
||||
keyAlgorithm: HS256
|
||||
solvers:
|
||||
- dns01:
|
||||
webhook:
|
||||
|
@ -18,7 +24,7 @@ spec:
|
|||
solverName: dnsimple
|
||||
config:
|
||||
apiKeySecretRef:
|
||||
name: dnsimple-api-token
|
||||
name: zerossl-secret
|
||||
key: api-token
|
||||
selector:
|
||||
dnsZones:
|
Loading…
Reference in a new issue