Compare commits
No commits in common. "56d4ed801d7c15d0da449276e4378bdd4337131c" and "6ef535f701d6238f1bfce34a1b9adde65aab1304" have entirely different histories.
56d4ed801d
...
6ef535f701
2 changed files with 40 additions and 43 deletions
|
|
@ -1,38 +1,37 @@
|
||||||
---
|
---
|
||||||
# 1. cert-manager Helm chart
|
apiVersion: source.toolkit.fluxcd.io/v1
|
||||||
apiVersion: argoproj.io/v1alpha1
|
kind: HelmRepository
|
||||||
kind: Application
|
metadata:
|
||||||
|
name: jetstack
|
||||||
|
namespace: flux-system
|
||||||
|
spec:
|
||||||
|
url: https://charts.jetstack.io
|
||||||
|
interval: 1h
|
||||||
|
---
|
||||||
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||||
|
kind: HelmRelease
|
||||||
metadata:
|
metadata:
|
||||||
name: cert-manager
|
name: cert-manager
|
||||||
namespace: argocd
|
namespace: home-server
|
||||||
spec:
|
spec:
|
||||||
project: default
|
interval: 30m
|
||||||
source:
|
chart:
|
||||||
repoURL: "https://charts.jetstack.io"
|
spec:
|
||||||
chart: "cert-manager"
|
chart: cert-manager
|
||||||
targetRevision: "v1.18.2"
|
version: v1.18.2
|
||||||
helm:
|
sourceRef:
|
||||||
releaseName: "cert-manager"
|
kind: HelmRepository
|
||||||
values: |
|
name: jetstack
|
||||||
installCRDs: true
|
namespace: flux-system
|
||||||
extraArgs:
|
install:
|
||||||
- --dns01-recursive-nameservers-only
|
crds: CreateReplace
|
||||||
- --dns01-recursive-nameservers=8.8.8.8:53,1.1.1.1:53
|
createNamespace: true
|
||||||
destination:
|
values:
|
||||||
server: "https://kubernetes.default.svc"
|
installCRDs: true
|
||||||
namespace: home-server
|
extraArgs:
|
||||||
syncPolicy:
|
- --dns01-recursive-nameservers-only
|
||||||
automated:
|
- --dns01-recursive-nameservers=8.8.8.8:53,1.1.1.1:53
|
||||||
prune: true
|
|
||||||
selfHeal: true
|
|
||||||
syncOptions:
|
|
||||||
- CreateNamespace=true
|
|
||||||
- ApplyOutOfSyncOnly=true
|
|
||||||
- SkipHooks=false
|
|
||||||
- SyncWave=0 # ensure cert-manager is installed first
|
|
||||||
|
|
||||||
---
|
---
|
||||||
# 2. ClusterIssuer
|
|
||||||
apiVersion: cert-manager.io/v1
|
apiVersion: cert-manager.io/v1
|
||||||
kind: ClusterIssuer
|
kind: ClusterIssuer
|
||||||
metadata:
|
metadata:
|
||||||
|
|
@ -41,20 +40,19 @@ spec:
|
||||||
acme:
|
acme:
|
||||||
email: admin@hxme.net
|
email: admin@hxme.net
|
||||||
server: https://acme-v02.api.letsencrypt.org/directory
|
server: https://acme-v02.api.letsencrypt.org/directory
|
||||||
|
#server: https://acme-staging-v02.api.letsencrypt.org/directory
|
||||||
privateKeySecretRef:
|
privateKeySecretRef:
|
||||||
name: letsencrypt-rfc2136
|
name: letsencrypt-rfc2136
|
||||||
solvers:
|
solvers:
|
||||||
- dns01:
|
- dns01:
|
||||||
rfc2136:
|
rfc2136:
|
||||||
nameserver: hawke.hxst.com.au:53
|
nameserver: hawke.hxst.com.au:53
|
||||||
tsigKeyName: "hxme-update-key"
|
tsigKeyName: "hxme-update-key"
|
||||||
tsigAlgorithm: HMACSHA512
|
tsigAlgorithm: HMACSHA512
|
||||||
tsigSecretSecretRef:
|
tsigSecretSecretRef:
|
||||||
name: hxme-update-key
|
name: hxme-update-key
|
||||||
key: hxme-update-key
|
key: hxme-update-key
|
||||||
|
|
||||||
---
|
---
|
||||||
# 3. Certificate
|
|
||||||
apiVersion: cert-manager.io/v1
|
apiVersion: cert-manager.io/v1
|
||||||
kind: Certificate
|
kind: Certificate
|
||||||
metadata:
|
metadata:
|
||||||
|
|
@ -73,4 +71,3 @@ spec:
|
||||||
dnsNames:
|
dnsNames:
|
||||||
- "hxme.net"
|
- "hxme.net"
|
||||||
- "*.hxme.net"
|
- "*.hxme.net"
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -14,8 +14,8 @@ spec:
|
||||||
path: applications/10-replicator
|
path: applications/10-replicator
|
||||||
- name: databases
|
- name: databases
|
||||||
path: applications/20-databases
|
path: applications/20-databases
|
||||||
- name: domain-names
|
#- name: domain-names
|
||||||
path: applications/30-domain-names
|
# path: applications/30-domain-names
|
||||||
template:
|
template:
|
||||||
metadata:
|
metadata:
|
||||||
name: '{{name}}'
|
name: '{{name}}'
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue