From 1d0d1ed0d7d2844f0e325d3dfe0bb29a7b853767 Mon Sep 17 00:00:00 2001
From: Mans Ziesel <mans@mziesel.com>
Date: Mon, 14 Oct 2024 19:34:16 +0200
Subject: [PATCH] add cloudflare ClusterIssuer to cert-manager

---
 cert-manager/base/cloudflare-clusterissuer.yaml | 13 +++++++++++++
 cert-manager/base/mziesel-ca.yaml               |  1 +
 cert-manager/kustomization.yaml                 |  2 ++
 3 files changed, 16 insertions(+)
 create mode 100644 cert-manager/base/cloudflare-clusterissuer.yaml

diff --git a/cert-manager/base/cloudflare-clusterissuer.yaml b/cert-manager/base/cloudflare-clusterissuer.yaml
new file mode 100644
index 0000000..2854cef
--- /dev/null
+++ b/cert-manager/base/cloudflare-clusterissuer.yaml
@@ -0,0 +1,13 @@
+---
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: cloudflare-issuer
+spec:
+  acme:
+    solvers:
+    - dns01:
+        cloudflare:
+          apiTokenSecretRef:
+            name: cloudflare-api-token-secret
+            key: api-token
diff --git a/cert-manager/base/mziesel-ca.yaml b/cert-manager/base/mziesel-ca.yaml
index 41d6c84..44900e1 100644
--- a/cert-manager/base/mziesel-ca.yaml
+++ b/cert-manager/base/mziesel-ca.yaml
@@ -28,3 +28,4 @@ metadata:
 spec:
   ca:
     secretName: mziesel-root-secret
+
diff --git a/cert-manager/kustomization.yaml b/cert-manager/kustomization.yaml
index a808203..aa18237 100644
--- a/cert-manager/kustomization.yaml
+++ b/cert-manager/kustomization.yaml
@@ -6,3 +6,5 @@ namespace: cert-manager
 resources:
   - https://github.com/cert-manager/cert-manager/releases/download/v1.16.1/cert-manager.yaml
   - ./base/mziesel-ca.yaml
+  - ./secret_nocommit/cloudflare-api-token-secret.yaml
+  - ./base/cloudflare-clusterissuer.yaml