Compare commits

..

2 Commits

Author SHA1 Message Date
e48917613d add mziesel-ca using cert-manager 2024-10-13 19:00:11 +02:00
be45aa0bdb add tls config to ip-mziesel-nl ingresss 2024-10-13 17:40:44 +02:00
7 changed files with 66 additions and 0 deletions

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
*nocommit

View File

@ -0,0 +1,20 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: argo-app-cert-manager
namespace: argocd
spec:
destination:
name: ''
namespace: default
server: https://kubernetes.default.svc
source:
path: cert-manager
repoURL: https://git.mziesel.nl/mans/argocd-test
targetRevision: HEAD
sources: []
project: default
syncPolicy:
automated:
prune: true
selfHeal: true

View File

@ -8,3 +8,4 @@ resources:
- ./base/metallb-application.yaml - ./base/metallb-application.yaml
- ./base/traefik-application.yaml - ./base/traefik-application.yaml
- ./base/ip-mziesel-nl-application.yaml - ./base/ip-mziesel-nl-application.yaml
- ./base/cert-manager.yaml

View File

@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: cert-manager

View File

@ -0,0 +1,30 @@
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: mziesel-root-ca-issuer
spec:
selfSigned: {}
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: mziesel-ca
spec:
isCA: true
commonName: mziesel-ca
secretName: mziesel-root-secret
privateKey:
algorithm: ECDSA
size: 256
issuerRef:
name: mziesel-root-ca-issuer
kind: ClusterIssuer
group: cert-manager.io
---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: mziesel-ca-issuer
spec:
ca:
secretName: mziesel-root-secret

View File

@ -0,0 +1,9 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: cert-manager
resources:
- ./base/cert-manager-namespace.yaml
- https://github.com/cert-manager/cert-manager/releases/download/v1.16.1/cert-manager.yaml
- ./base/mziesel-ca.yaml

View File

@ -9,3 +9,4 @@ spec:
services: services:
- name: ip-mziesel-nl - name: ip-mziesel-nl
port: web port: web
tls: {}