rob
/
netflux-kubernetes
1
0
Fork 0
Code Issues 1 Pull Requests Projects Releases Wiki Activity

Add cert-manager resources

This commit is contained in:
Rob Watson 2022-05-05 17:42:34 +02:00
parent 5c1d401110
commit fc39e5d927
3 changed files with 50 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
README.md Normal file
View File

@ -0,0 +1,22 @@
# Netflux on Kubernetes
## Installation
### cert-manager
cert-manager should only be installed in production. It cannot be installed as a subchart.
See: https://cert-manager.io/docs/installation/helm/
```
helm repo add jetstack https://charts.jetstack.io
helm repo up
helm install cert-manager jetstack/cert-manager --namespace cert-manager --create-namespace --version v1.8.0 --set installCRDs=true
# create issuers
kubectl apply -f cert-manager/issuer-staging.yml
kubectl apply -f cert-manager/issuer-production.yml
```
This should be sufficient for cert-manager to issue certificates automatically when the
`tls.enabled` value is set to `true`.

14
cert-manager/issuer-production.yml Normal file
View File

@ -0,0 +1,14 @@
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-production
spec:
acme:
server: https://acme-v02.api.letsencrypt.org/directory
email: postmaster@netflux.io
privateKeySecretRef:
name: letsencrypt-production
solvers:
- http01:
ingress:
class: nginx

14
cert-manager/issuer-staging.yml Normal file
View File

@ -0,0 +1,14 @@
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-staging
spec:
acme:
server: https://acme-staging-v02.api.letsencrypt.org/directory
email: postmaster@netflux.io
privateKeySecretRef:
name: letsencrypt-staging
solvers:
- http01:
ingress:
class: nginx