reworking ingresses and certs.

kubernetes/apps/network/ingress-nginx/app/certificate.yaml

@@ -3,14 +3,14 @@
 apiVersion: cert-manager.io/v1
 kind: Certificate
 metadata:
-  name: "valinor-social"
+  name: "hsn-dev"
   namespace: network
 spec:
-  secretName: "valinor-social-tls"
+  secretName: "hsn-dev-tls"
   issuerRef:
-    name: letsencrypt-dnsimple-production
+    name: letsencrypt-cloudflare-production
     kind: ClusterIssuer
-  commonName: "valinor.social"
+  commonName: "hsn.dev"
   dnsNames:
-    - "valinor.social"
+    - "hsn.dev"
-    - "*.valinor.social"
+    - "*.hsn.dev"

kubernetes/apps/network/ingress-nginx/app/helmrelease.yaml

@@ -28,7 +28,7 @@ spec:
         annotations:
           load-balancer.hetzner.cloud/location: fsn1
           load-balancer.hetzner.cloud/protocol: tcp
-          load-balancer.hetzner.cloud/name: valinor-nginx
+          load-balancer.hetzner.cloud/name: hsn-nginx
           load-balancer.hetzner.cloud/use-private-ip: true
           load-balancer.hetzner.cloud/uses-proxyprotocol: true
 

kubernetes/apps/network/ingress-nginx/ks.yaml

@@ -17,22 +17,22 @@ spec:
   wait: true
   dependsOn:
     - name: cluster-apps-cert-manager-issuers
----
+# ---
-# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json
+# # yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json
-apiVersion: kustomize.toolkit.fluxcd.io/v1
+# apiVersion: kustomize.toolkit.fluxcd.io/v1
-kind: Kustomization
+# kind: Kustomization
-metadata:
+# metadata:
-  name: cluster-apps-ingress-nginx-peertube
+#   name: cluster-apps-ingress-nginx-peertube
-  namespace: flux-system
+#   namespace: flux-system
-  labels:
+#   labels:
-    substitution.flux.home.arpa/enabled: "true"
+#     substitution.flux.home.arpa/enabled: "true"
-spec:
+# spec:
-  interval: 10m
+#   interval: 10m
-  path: "./kubernetes/apps/network/ingress-nginx/peertube"
+#   path: "./kubernetes/apps/network/ingress-nginx/peertube"
-  prune: true
+#   prune: true
-  sourceRef:
+#   sourceRef:
-    kind: GitRepository
+#     kind: GitRepository
-    name: valinor
+#     name: valinor
-  wait: true
+#   wait: true
-  dependsOn:
+#   dependsOn:
-    - name: cluster-apps-cert-manager-issuers
+#     - name: cluster-apps-cert-manager-issuers

kubernetes/apps/network/ingress-nginx/mastodon/certificate.yaml

@@ -0,0 +1,16 @@
+---
+# yaml-language-server: $schema=https://ks.hsn.dev/cert-manager.io/certificate_v1.json
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: "valinor-social"
+  namespace: network
+spec:
+  secretName: "valinor-social-tls"
+  issuerRef:
+    name: letsencrypt-dnsimple-production
+    kind: ClusterIssuer
+  commonName: "valinor.social"
+  dnsNames:
+    - "valinor.social"
+    - "*.valinor.social"