j/home-server
1
0
Fork 0
Code Issues 11 Pull requests Projects 2 Releases Packages Wiki Activity Actions

Solve chicken/egg on cert-manager

Browse source
This commit is contained in:
j 2025-08-17 13:39:50 +00:00
parent 18db56a37e
commit 4699ae2cb2
5 changed files with 75 additions and 35 deletions
Download patch file Download diff file Expand all files Collapse all files

0
applications/20-domain-names/bind.yaml → applications/20-domain-names/bind/bind.yaml
View file

33
applications/20-domain-names/certmanager-a/certmanager-a.yaml Normal file
View file

@ -0,0 +1,33 @@
---
# 1. cert-manager Helm chart
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: cert-manager
namespace: argocd
spec:
project: default
source:
repoURL: "https://charts.jetstack.io"
chart: "cert-manager"
targetRevision: "v1.18.2"
helm:
releaseName: "cert-manager"
values: |
installCRDs: true
extraArgs:
- --dns01-recursive-nameservers-only
- --dns01-recursive-nameservers=8.8.8.8:53,1.1.1.1:53
destination:
server: "https://kubernetes.default.svc"
namespace: home-server
syncPolicy:
automated:
prune: true
selfHeal: true
syncOptions:
- CreateNamespace=true
- ApplyOutOfSyncOnly=true
- SkipHooks=false
- SyncWave=0 # ensure cert-manager is installed first

35
applications/20-domain-names/certmanager.yaml → applications/20-domain-names/certmanager-b/certmanager-b.yaml
View file

@ -1,38 +1,4 @@
--- ---
# 1. cert-manager Helm chart
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: cert-manager
namespace: argocd
spec:
project: default
source:
repoURL: "https://charts.jetstack.io"
chart: "cert-manager"
targetRevision: "v1.18.2"
helm:
releaseName: "cert-manager"
values: |
installCRDs: true
extraArgs:
- --dns01-recursive-nameservers-only
- --dns01-recursive-nameservers=8.8.8.8:53,1.1.1.1:53
destination:
server: "https://kubernetes.default.svc"
namespace: home-server
syncPolicy:
automated:
prune: true
selfHeal: true
syncOptions:
- CreateNamespace=true
- ApplyOutOfSyncOnly=true
- SkipHooks=false
- SyncWave=0 # ensure cert-manager is installed first
---
# 2. ClusterIssuer
apiVersion: cert-manager.io/v1 apiVersion: cert-manager.io/v1
kind: ClusterIssuer kind: ClusterIssuer
metadata: metadata:
@ -54,7 +20,6 @@ spec:
key: hxme-update-key key: hxme-update-key
--- ---
# 3. Certificate
apiVersion: cert-manager.io/v1 apiVersion: cert-manager.io/v1
kind: Certificate kind: Certificate
metadata: metadata:

42
applications/20-domain-names/dns.yaml Normal file
View file

@ -0,0 +1,42 @@
---
apiVersion: argoproj.io/v1alpha1
kind: ApplicationSet
metadata:
name: hxme-dns-deploy
namespace: argocd
spec:
goTemplate: true
generators:
- list:
elements:
- name: certmanager-crds
path: applications/20-domain-names/certmanager-a.yaml
wave: 1
- name: certmanager-not-crds
path: applications/20-domain-names/certmanager-b.yaml
wave: 2
- name: bind
path: applications/20-domain-names/bind
wave: 3
- name: externaldns
path: applications/20-domain-names/externaldns
wave: 3
template:
metadata:
name: '{{.name}}'
spec:
project: default
source:
repoURL: 'https://repobase.net/j/home-server.git'
targetRevision: HEAD
path: '{{.path}}'
destination:
server: 'https://kubernetes.default.svc'
namespace: database
syncPolicy:
automated:
prune: true
selfHeal: true
syncOptions:
- CreateNamespace=true
- SyncWave={{.wave}}

0
applications/20-domain-names/externaldns.yaml → applications/20-domain-names/externaldns/externaldns.yaml
View file