add cert-manager

2024-09-21 22:26:30 +01:00
parent 2bdf2de9d1
commit 09d137b092
12 changed files with 90 additions and 37 deletions
--- a/apps/production/cert-manager/certificates/fascinated-cc.yml
+++ b/apps/production/cert-manager/certificates/fascinated-cc.yml
@ -0,0 +1,15 @@
+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: fascinated-cc
+  namespace: traefik
+spec:
+  secretName: fascinated-cc
+  issuerRef:
+    name: letsencrypt-production
+    kind: ClusterIssuer
+  commonName: "*.fascinated.cc"
+  dnsNames:
+    - "fascinated.cc"
+    - "*.fascinated.cc"
--- a/apps/production/cert-manager/certificates/local-fascinated-cc.yml
+++ b/apps/production/cert-manager/certificates/local-fascinated-cc.yml
@ -0,0 +1,14 @@
+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: local-fascinated-cc
+  namespace: traefik
+spec:
+  secretName: local-fascinated-cc
+  issuerRef:
+    name: letsencrypt-production
+    kind: ClusterIssuer
+  commonName: "*.local.fascinated.cc"
+  dnsNames:
+    - "*.local.fascinated.cc"
--- a/apps/production/cert-manager/certificates/mcutils-xyz.yml
+++ b/apps/production/cert-manager/certificates/mcutils-xyz.yml
@ -0,0 +1,15 @@
+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: mcutils-xyz
+  namespace: traefik
+spec:
+  secretName: mcutils-xyz
+  issuerRef:
+    name: letsencrypt-production
+    kind: ClusterIssuer
+  commonName: "*.mcutils.xyz"
+  dnsNames:
+    - "mcutils.xyz"
+    - "*.mcutils.xyz"
--- a/apps/production/cert-manager/issuer.yml
+++ b/apps/production/cert-manager/issuer.yml
@ -0,0 +1,23 @@
+---
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: letsencrypt-production
+  namespace: cert-manager
+spec:
+  acme:
+    server: https://acme-v02.api.letsencrypt.org/directory
+    email: liam@fascinated.cc
+    privateKeySecretRef:
+      name: letsencrypt-production
+    solvers:
+      - dns01:
+          cloudflare:
+            email: liam@fascinated.cc
+            apiTokenSecretRef:
+              name: cloudflare-token-secret
+              key: cloudflare-token
+        selector:
+          dnsZones:
+            - "fascinated.cc"
+            - "mcutils.xyz"
--- a/apps/production/cert-manager/kustomization.yaml
+++ b/apps/production/cert-manager/kustomization.yaml
@ -0,0 +1,8 @@
+---
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: cert-manager
+resources:
+  - namespace.yaml
+  - certificates/*.yaml
+  - issuers.yaml
--- a/apps/production/cert-manager/namespace.yaml
+++ b/apps/production/cert-manager/namespace.yaml
@ -0,0 +1,5 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: cert-manager