From a7c08c035507d3435a36690286fb17db81c37853 Mon Sep 17 00:00:00 2001 From: Sebastian Mark Date: Sun, 1 May 2022 17:33:33 +0200 Subject: [PATCH] FEAT: add LetsEncrypt issuers --- README.md | 1 + .../cert-manager/letsencrypt-issuers.yml | 34 +++++++++++++++++++ 2 files changed, 35 insertions(+) create mode 100644 k8s-manifests/cert-manager/letsencrypt-issuers.yml diff --git a/README.md b/README.md index 7424cbd..d4716a3 100644 --- a/README.md +++ b/README.md @@ -4,6 +4,7 @@ * [NGINX Ingress Controller](https://kubernetes.github.io/ingress-nginx/) * [cert-manager](https://cert-manager.io/) * selfsigned issuer + * LetsEncrypt issuers (Prod and Staging) * [prometheus and grafana](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack) * [loki](https://grafana.com/docs/loki/latest/) * [keel](https://keel.sh) diff --git a/k8s-manifests/cert-manager/letsencrypt-issuers.yml b/k8s-manifests/cert-manager/letsencrypt-issuers.yml new file mode 100644 index 0000000..6b6c468 --- /dev/null +++ b/k8s-manifests/cert-manager/letsencrypt-issuers.yml @@ -0,0 +1,34 @@ +--- +apiVersion: cert-manager.io/v1 +kind: ClusterIssuer +metadata: + name: letsencrypt-prod + namespace: cert-manager + annotations: + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true +spec: + acme: + server: https://acme-v02.api.letsencrypt.org/directory + privateKeySecretRef: + name: le-prod-account-key + solvers: + - http01: + ingress: + class: nginx +--- +apiVersion: cert-manager.io/v1 +kind: ClusterIssuer +metadata: + name: letsencrypt-staging + namespace: cert-manager + annotations: + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true +spec: + acme: + server: https://acme-staging-v02.api.letsencrypt.org/directory + privateKeySecretRef: + name: le-staging-account-key + solvers: + - http01: + ingress: + class: nginx