jahanson/valinor
Archived
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions

adding cloudflare to cert issuers

Browse source
This commit is contained in:
Joseph Hanson 2023-11-27 18:59:28 -06:00
parent 65466f5a3f
commit cea83e6246
Signed by: jahanson
SSH key fingerprint: SHA256:vy6dKBECV522aPAwklFM3ReKAVB086rT3oWwiuiFG7o
9 changed files with 75 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
kubernetes/apps/cert-manager/cert-manager/issuers/cloudflare/externalsecret.yaml Normal file
View file

@ -0,0 +1,19 @@
---
# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: cloudflare-api-token
namespace: cert-manager
spec:
secretStoreRef:
kind: ClusterSecretStore
name: onepassword-connect
target:
name: cloudflare-api-token
creationPolicy: Owner
data:
- secretKey: api-token
remoteRef:
key: Cloudflare
property: cert-manager

22
kubernetes/apps/cert-manager/cert-manager/issuers/cloudflare/issuer-letsencrypt-prod.yaml Normal file
View file

@ -0,0 +1,22 @@
---
# yaml-language-server: $schema=https://ks.hsn.dev/cert-manager.io/clusterissuer_v1.json
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-cloudflare-production
spec:
acme:
email: "joe@veri.dev"
preferredChain: ""
privateKeySecretRef:
name: letsencrypt-cloudflare-production
server: https://acme-v02.api.letsencrypt.org/directory
solvers:
- dns01:
cloudflare:
apiTokenSecretRef:
name: cloudflare-api-token
key: api-token
selector:
dnsZones:
- hsn.dev

22
kubernetes/apps/cert-manager/cert-manager/issuers/cloudflare/issuer-letsencrypt-staging.yaml Normal file
View file

@ -0,0 +1,22 @@
---
# yaml-language-server: $schema=https://ks.hsn.dev/cert-manager.io/clusterissuer_v1.json
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-cloudflare-staging
spec:
acme:
email: "joe@veri.dev"
preferredChain: ""
privateKeySecretRef:
name: letsencrypt-cloudflare-staging
server: https://acme-staging-v02.api.letsencrypt.org/directory
solvers:
- dns01:
cloudflare:
apiTokenSecretRef:
name: cloudflare-api-token
key: api-token
selector:
dnsZones:
- hsn.dev

0
kubernetes/apps/cert-manager/cert-manager/issuers/dnsimple-issuer-rbac.yaml → kubernetes/apps/cert-manager/cert-manager/issuers/dnsimple/dnsimple-issuer-rbac.yaml
View file

0
kubernetes/apps/cert-manager/cert-manager/issuers/externalsecret.yaml → kubernetes/apps/cert-manager/cert-manager/issuers/dnsimple/externalsecret.yaml
View file

0
kubernetes/apps/cert-manager/cert-manager/issuers/helmrelease.yaml → kubernetes/apps/cert-manager/cert-manager/issuers/dnsimple/helmrelease.yaml
View file

5
kubernetes/apps/cert-manager/cert-manager/issuers/issuer-letsencrypt-prod.yaml → kubernetes/apps/cert-manager/cert-manager/issuers/dnsimple/issuer-letsencrypt-prod.yaml
View file

@ -1,14 +1,15 @@
--- ---
# yaml-language-server: $schema=https://ks.hsn.dev/cert-manager.io/clusterissuer_v1.json
apiVersion: cert-manager.io/v1 apiVersion: cert-manager.io/v1
kind: ClusterIssuer kind: ClusterIssuer
metadata: metadata:
name: letsencrypt-production name: letsencrypt-dnsimple-production
spec: spec:
acme: acme:
email: "joe@veri.dev" email: "joe@veri.dev"
preferredChain: "" preferredChain: ""
privateKeySecretRef: privateKeySecretRef:
name: letsencrypt-production name: letsencrypt-dnsimple-production
server: https://acme-v02.api.letsencrypt.org/directory server: https://acme-v02.api.letsencrypt.org/directory
solvers: solvers:
- dns01: - dns01:

1
kubernetes/apps/cert-manager/cert-manager/issuers/issuer-letsencrypt-staging.yaml → kubernetes/apps/cert-manager/cert-manager/issuers/dnsimple/issuer-letsencrypt-staging.yaml
View file

@ -1,4 +1,5 @@
--- ---
# yaml-language-server: $schema=https://ks.hsn.dev/cert-manager.io/clusterissuer_v1.json
apiVersion: cert-manager.io/v1 apiVersion: cert-manager.io/v1
kind: ClusterIssuer kind: ClusterIssuer
metadata: metadata:

13
kubernetes/apps/cert-manager/cert-manager/issuers/kustomization.yaml
View file

@ -4,8 +4,11 @@ apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization kind: Kustomization
namespace: cert-manager namespace: cert-manager
resources: resources:
- ./externalsecret.yaml - ./dnsimple/externalsecret.yaml
- ./issuer-letsencrypt-prod.yaml - ./dnsimple/issuer-letsencrypt-prod.yaml
- ./issuer-letsencrypt-staging.yaml - ./dnsimple/issuer-letsencrypt-staging.yaml
- ./dnsimple-issuer-rbac.yaml - ./dnsimple/dnsimple-issuer-rbac.yaml
- ./helmrelease.yaml - ./dnsimple/helmrelease.yaml
- ./cloudflare/externalsecret.yaml
- ./cloudflare/issuer-letsencrypt-prod.yaml
- ./cloudflare/issuer-letsencrypt-staging.yaml