28 lines
853 B
YAML
28 lines
853 B
YAML
apiVersion: cert-manager.io/v1
|
|
kind: ClusterIssuer
|
|
metadata:
|
|
name: letsencrypt-staging
|
|
spec:
|
|
acme:
|
|
server: https://acme-staging-v02.api.letsencrypt.org/directory
|
|
email: postmaster@netflux.io
|
|
privateKeySecretRef:
|
|
name: prod-letsencrypt-staging
|
|
solvers:
|
|
- http01:
|
|
ingress:
|
|
class: prod-nginx
|
|
- dns01:
|
|
route53:
|
|
region: eu-west-1
|
|
hostedZoneID: Z1OSEC2E6M9VER
|
|
accessKeyID: AKIARZPRT6YGHAENBEEX
|
|
secretAccessKeySecretRef:
|
|
# Using name reference transformers to manage this didn't work,
|
|
# probably because ClusterIssuer is a cluster-scoped resource.
|
|
#
|
|
# For now, this secret should be provisioned manually in the
|
|
# cert-manager namespace:
|
|
name: prod-aws-credentials
|
|
key: secret
|