apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
  name: wildcard-main-cert
  namespace: traefik #cert-manager
spec:
  secretName: wildcard-main-tls

#  secretTemplate:
#    annotations:
#      replicator.v1.mittwald.de/replicate-to: "traefik"

  duration: 2160h # 90d
  renewBefore: 360h # 15d

  issuerRef:
    name: letsencrypt-production
    kind: ClusterIssuer

  dnsNames:
    - "*.${SECRET_NEW_DOMAIN}"
#    - "*.k3s.${SECRET_NEW_DOMAIN}"
#    - "*.database.${SECRET_NEW_DOMAIN}"
#    - "*.s3.${SECRET_NEW_DOMAIN}"