ionos webhook, nextcloud ingress
This commit is contained in:
apps/nextcloud/base
infrastructure/05-cert-manager
12
infrastructure/05-cert-manager/base/ionos-ingress.yaml
Normal file
12
infrastructure/05-cert-manager/base/ionos-ingress.yaml
Normal file
@ -0,0 +1,12 @@
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: Certificate
|
||||
metadata:
|
||||
name: steffenillium-de
|
||||
annotations:
|
||||
sealedsecrets.bitnami.com/cluster-wide: "true"
|
||||
spec:
|
||||
dnsNames:
|
||||
- '*.steffenillium.de'
|
||||
issuerRef:
|
||||
name: letsencrypt-ionos-staging
|
||||
secretName: default-tls
|
55
infrastructure/05-cert-manager/base/ionos-issuer.yaml
Normal file
55
infrastructure/05-cert-manager/base/ionos-issuer.yaml
Normal file
@ -0,0 +1,55 @@
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: Issuer
|
||||
metadata:
|
||||
name: letsencrypt-ionos-staging
|
||||
spec:
|
||||
acme:
|
||||
# The ACME server URL
|
||||
server: https://acme-staging-v02.api.letsencrypt.org/directory
|
||||
# Email address used for ACME registration
|
||||
email: mail@steffenillium.de
|
||||
# Name of a secret used to store the ACME account private key
|
||||
privateKeySecretRef:
|
||||
name: letsencrypt-ionos-staging-key
|
||||
# Enable the dns01 challenge provider
|
||||
solvers:
|
||||
- dns01:
|
||||
webhook:
|
||||
groupName: acme.fabmade.de
|
||||
solverName: ionos
|
||||
config:
|
||||
apiUrl: https://api.hosting.ionos.com/dns/v1
|
||||
publicKeySecretRef:
|
||||
key: IONOS_PUBLIC_PREFIX
|
||||
name: ionos-secret
|
||||
secretKeySecretRef:
|
||||
key: IONOS_SECRET
|
||||
name: ionos-secret
|
||||
---
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: Issuer
|
||||
metadata:
|
||||
name: letsencrypt-ionos-prod
|
||||
spec:
|
||||
acme:
|
||||
# The ACME server URL
|
||||
server: https://acme-v02.api.letsencrypt.org/directory
|
||||
# Email address used for ACME registration
|
||||
email: mail@steffenillium.de
|
||||
# Name of a secret used to store the ACME account private key
|
||||
privateKeySecretRef:
|
||||
name: letsencrypt-ionos-prod
|
||||
# Enable the dns01 challenge provider
|
||||
solvers:
|
||||
- dns01:
|
||||
webhook:
|
||||
groupName: acme.fabmade.de
|
||||
solverName: ionos
|
||||
config:
|
||||
apiUrl: https://api.hosting.ionos.com/dns/v1
|
||||
publicKeySecretRef:
|
||||
key: IONOS_PUBLIC_PREFIX
|
||||
name: ionos-secret
|
||||
secretKeySecretRef:
|
||||
key: IONOS_SECRET
|
||||
name: ionos-secret
|
11
infrastructure/05-cert-manager/base/ionos-secret-sealed.yaml
Normal file
11
infrastructure/05-cert-manager/base/ionos-secret-sealed.yaml
Normal file
@ -0,0 +1,11 @@
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: ionos-secret
|
||||
namespace: cert-manager
|
||||
annotations:
|
||||
sealedsecrets.bitnami.com/namespace-wide: true
|
||||
type: Opaque
|
||||
stringData:
|
||||
IONOS_PUBLIC_PREFIX: <your-public-key>
|
||||
IONOS_SECRET: <your-private-key>
|
@ -5,6 +5,7 @@ namespace: cert-manager
|
||||
|
||||
resources:
|
||||
- base/cert-manager-ui-ingress.yaml
|
||||
- base/ionos-secret-sealed.yaml
|
||||
|
||||
helmCharts:
|
||||
- name: cert-manager
|
||||
@ -13,4 +14,9 @@ helmCharts:
|
||||
version: 1.14.4
|
||||
repo: https://charts.jetstack.io
|
||||
# valuesFile: base/values.yaml
|
||||
|
||||
- name: cert-manager-webhook-ionos
|
||||
includeCRDs: true
|
||||
releaseName: lcl
|
||||
version: 1.0.2
|
||||
repo: https://fabmade.github.io/cert-manager-webhook-ionos
|
||||
# valuesFile: base/ionos-values.yaml
|
||||
|
Reference in New Issue
Block a user