From 28daa56badd0a57d3a2b9dd9c5a373d9445d6f5d Mon Sep 17 00:00:00 2001 From: rasmus Date: Wed, 18 Jun 2025 16:50:25 +0300 Subject: [PATCH] cert-manager: rename to default-cluster-cert-issuer much easier, vs ctrl-f for 'default' --- ...uer.yaml => default-cluster-cert-issuer.yaml} | 4 ++-- cert-manager/kustomization.yaml | 16 ++++++++++++++++ gitea/application.yaml | 3 ++- minio-clusters/cert.yaml | 3 ++- traefik/application-extras.yml | 2 +- wildduck/certificate.yaml | 3 ++- 6 files changed, 25 insertions(+), 6 deletions(-) rename cert-manager/{default-issuer.yaml => default-cluster-cert-issuer.yaml} (79%) create mode 100644 cert-manager/kustomization.yaml diff --git a/cert-manager/default-issuer.yaml b/cert-manager/default-cluster-cert-issuer.yaml similarity index 79% rename from cert-manager/default-issuer.yaml rename to cert-manager/default-cluster-cert-issuer.yaml index 00469c5..1643fa0 100644 --- a/cert-manager/default-issuer.yaml +++ b/cert-manager/default-cluster-cert-issuer.yaml @@ -2,14 +2,14 @@ apiVersion: cert-manager.io/v1 kind: ClusterIssuer metadata: - name: default + name: default-cluster-cert-issuer namespace: cert-manager spec: acme: email: info@k-space.ee server: https://acme-v02.api.letsencrypt.org/directory privateKeySecretRef: - name: example-issuer-account-key + name: default-cluster-cert-issuer-accountKey # auto-generated by cert-manager solvers: - dns01: rfc2136: diff --git a/cert-manager/kustomization.yaml b/cert-manager/kustomization.yaml new file mode 100644 index 0000000..24f8b92 --- /dev/null +++ b/cert-manager/kustomization.yaml @@ -0,0 +1,16 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: cert-manager + +# spec: https://kubectl.docs.kubernetes.io/references/kustomize/builtins/#_helmchartinflationgenerator_ +helmCharts: +- includeCRDs: true + name: &name cert-manager + releaseName: *name + repo: https://charts.jetstack.io + version: v1.15.1 + +resources: +- ssh://git@git.k-space.ee/secretspace/kube/cert-manager # secrets (.env): tsig-secret +- ./default-cluster-cert-issuer.yaml diff --git a/gitea/application.yaml b/gitea/application.yaml index 20e8d7d..19b47fc 100644 --- a/gitea/application.yaml +++ b/gitea/application.yaml @@ -8,8 +8,9 @@ spec: dnsNames: - git.k-space.ee issuerRef: + group: cert-manager.io kind: ClusterIssuer - name: default + name: default-cluster-cert-issuer secretName: git-tls revisionHistoryLimit: 1 --- diff --git a/minio-clusters/cert.yaml b/minio-clusters/cert.yaml index 9abae56..5646cb0 100644 --- a/minio-clusters/cert.yaml +++ b/minio-clusters/cert.yaml @@ -8,7 +8,8 @@ spec: dnsNames: - "*.minio-clusters.k-space.ee" issuerRef: + group: cert-manager.io kind: ClusterIssuer - name: default + name: default-cluster-cert-issuer secretName: wildcard-tls revisionHistoryLimit: 1 diff --git a/traefik/application-extras.yml b/traefik/application-extras.yml index ac3f536..575d16a 100644 --- a/traefik/application-extras.yml +++ b/traefik/application-extras.yml @@ -19,7 +19,7 @@ spec: issuerRef: group: cert-manager.io kind: ClusterIssuer - name: default + name: default-cluster-cert-issuer secretName: wildcard-tls usages: - digital signature diff --git a/wildduck/certificate.yaml b/wildduck/certificate.yaml index 48583da..301b1b6 100644 --- a/wildduck/certificate.yaml +++ b/wildduck/certificate.yaml @@ -7,7 +7,8 @@ spec: dnsNames: - mail.k-space.ee issuerRef: + group: cert-manager.io kind: ClusterIssuer - name: default + name: default-cluster-cert-issuer secretName: wildduck-tls revisionHistoryLimit: 1