k3s-cluster/kubernetes/common/apps/cert-manager/certs/files/letsencrypt-prod.yaml

23 lines
No EOL
631 B
YAML

---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-production
spec:
acme:
server: https://acme-v02.api.letsencrypt.org/directory
email: "${SECRET_LETSENCRYPT_EMAIL}"
privateKeySecretRef:
name: letsencrypt-production
solvers:
- dns01:
cloudflare:
email: "${SECRET_MY_EMAIL}"
apiTokenSecretRef:
name: cloudflare-credentials
key: api-token
selector:
dnsZones:
- "${SECRET_NEW_DOMAIN}"
- "internal.${SECRET_NEW_DOMAIN}"
- "*.internal.${SECRET_NEW_DOMAIN}"