SeanOMik
/
k3s-cluster
1
0
Fork 0
Code Issues 2 Pull Requests 15 Packages Projects Releases Wiki Activity

feat: move cert-manager to common, add it to thin cluster

This commit is contained in:
SeanOMik 2024-09-07 00:14:50 -04:00
parent 2ec21aa757
commit 9134f887a7
10 changed files with 4 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

0
kubernetes/main/core/cert-manager/cloudflare-cred.sops.yaml → kubernetes/common/apps/cert-manager/cloudflare-cred.sops.yaml
View File

0
kubernetes/main/core/cert-manager/helm-release.yaml → kubernetes/common/apps/cert-manager/helm-release.yaml
View File

0
kubernetes/main/core/cert-manager/helm-repository.yaml → kubernetes/common/apps/cert-manager/helm-repository.yaml
View File

0
kubernetes/main/core/cert-manager/kustomization.yaml → kubernetes/common/apps/cert-manager/kustomization.yaml
View File

3
kubernetes/main/core/cert-manager/letsencrypt-prod.yaml → kubernetes/common/apps/cert-manager/letsencrypt-prod.yaml
View File

@ -10,9 +10,6 @@ spec:
privateKeySecretRef: privateKeySecretRef:
name: letsencrypt-production name: letsencrypt-production
solvers: solvers:
# - http01:
# ingress:
# class: traefik
- dns01: - dns01:
cloudflare: cloudflare:
email: "${SECRET_MY_EMAIL}" email: "${SECRET_MY_EMAIL}"

3
kubernetes/main/core/cert-manager/letsencrypt-stage.yaml → kubernetes/common/apps/cert-manager/letsencrypt-stage.yaml
View File

@ -10,9 +10,6 @@ spec:
privateKeySecretRef: privateKeySecretRef:
name: letsencrypt-staging name: letsencrypt-staging
solvers: solvers:
# - http01:
# ingress:
# class: traefik
- dns01: - dns01:
cloudflare: cloudflare:
email: "${SECRET_MY_EMAIL}" email: "${SECRET_MY_EMAIL}"

0
kubernetes/main/core/cert-manager/namespace.yaml → kubernetes/common/apps/cert-manager/namespace.yaml
View File

11
kubernetes/main/core/cert-manager/wildcard-cert.yaml → kubernetes/common/apps/cert-manager/wildcard-cert.yaml
View File

@ -2,14 +2,10 @@ apiVersion: cert-manager.io/v1
kind: Certificate kind: Certificate
metadata: metadata:
name: wildcard-main-cert name: wildcard-main-cert
namespace: traefik #cert-manager namespace: traefik
spec: spec:
secretName: wildcard-main-tls secretName: wildcard-main-tls
# secretTemplate:
# annotations:
# replicator.v1.mittwald.de/replicate-to: "traefik"
duration: 2160h # 90d duration: 2160h # 90d
renewBefore: 360h # 15d renewBefore: 360h # 15d
@ -19,7 +15,4 @@ spec:
dnsNames: dnsNames:
- "${SECRET_NEW_DOMAIN}" - "${SECRET_NEW_DOMAIN}"
- "*.${SECRET_NEW_DOMAIN}" - "*.${SECRET_NEW_DOMAIN}"
# - "*.k3s.${SECRET_NEW_DOMAIN}"
# - "*.database.${SECRET_NEW_DOMAIN}"
# - "*.s3.${SECRET_NEW_DOMAIN}"

2
kubernetes/main/core/kustomization.yaml
View File

@ -3,7 +3,7 @@ kind: Kustomization
resources: resources:
- ./kube-system - ./kube-system
- ./helm-repositories.yaml - ./helm-repositories.yaml
- ./cert-manager - ../../common/apps/cert-manager
- ../../common/apps/metallb - ../../common/apps/metallb
- ../../common/apps/traefik/ks.yaml - ../../common/apps/traefik/ks.yaml
# storage # storage

5
kubernetes/thin/apps/kustomization.yaml
View File

@ -2,14 +2,11 @@ apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization kind: Kustomization
resources: resources:
- ./helm-repositories.yaml - ./helm-repositories.yaml
#- ../../common/apps/metallb
- ./main-ip-pool.yaml - ./main-ip-pool.yaml
- ../../common/apps/cert-manager
- ../../common/apps/traefik/ks.yaml - ../../common/apps/traefik/ks.yaml
# storage # storage
#- ./longhorn
#- ../../common/apps/openebs #- ../../common/apps/openebs
#- ./kube-replicator
- ../../common/apps/nfd/ks.yaml - ../../common/apps/nfd/ks.yaml
- ../../common/apps/intel-gpu/ks.yaml - ../../common/apps/intel-gpu/ks.yaml