streams/streams-manifests
4
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

trial and error

Browse source
This commit is contained in:
Micke Nordin 2024-10-16 14:09:08 +02:00
parent 8c6039bebf
commit 656d429e35
Signed by: Micke
GPG key ID: 0DA0A7A5708FE257
4 changed files with 7 additions and 26 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
cert-cluster-issuer/cluster-issuer.yaml → argocd-nginx/base/argocd-cert-issuer.yaml
View file

@ -1,7 +1,7 @@
apiVersion: cert-manager.io/v1 apiVersion: cert-manager.io/v1
kind: ClusterIssuer kind: Issuer
metadata: metadata:
name: letsencrypt name: lets-encrypt
namespace: kube-system namespace: kube-system
spec: spec:
acme: acme:
@ -12,9 +12,9 @@ spec:
server: https://acme-v02.api.letsencrypt.org/directory server: https://acme-v02.api.letsencrypt.org/directory
privateKeySecretRef: privateKeySecretRef:
# Secret resource that will be used to store the account's private key. # Secret resource that will be used to store the account's private key.
name: letsencrypt-account-key name: argocd-letsencrypt-account-key
# Add a single challenge solver, HTTP01 using nginx # Add a single challenge solver, HTTP01 using nginx
solvers: solvers:
- http01: - http01:
ingress: ingress:
class: public IngressClassName: nginx

19
argocd-nginx/base/argocd-certificate.yaml
View file

@ -1,19 +0,0 @@
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: tls-secret
namespace: argocd
spec:
# Secret names are always required.
secretName: tls-secret
# At least one of commonName (possibly through literalSubject), dnsNames, uris, emailAddresses, ipAddresses or otherNames is required.
dnsNames:
- argocd-test.streams.sunet.se
# Issuer references are always required.
issuerRef:
name: letsencrypt
# We can reference ClusterIssuers by changing the kind here.
# The default value is Issuer (i.e. a locally namespaced Issuer)
kind: ClusterIssuer

4
argocd-nginx/base/argocd-ingress.yaml
View file

@ -4,7 +4,7 @@ metadata:
name: argocd-ingress name: argocd-ingress
namespace: argocd namespace: argocd
annotations: annotations:
cert-manager.io/cluster-issuer: "letsencrypt" cert-manager.io/issuer: "lets-encrypt"
acme.cert-manager.io/http01-ingress-class: nginx acme.cert-manager.io/http01-ingress-class: nginx
acme.cert-manager.io/http01-edit-in-place: "false" acme.cert-manager.io/http01-edit-in-place: "false"
nginx.ingress.kubernetes.io/from-to-www-redirect: "false" nginx.ingress.kubernetes.io/from-to-www-redirect: "false"
@ -18,7 +18,7 @@ spec:
tls: tls:
- hosts: - hosts:
- argocd-test.streams.sunet.se - argocd-test.streams.sunet.se
secretName: tls-secret secretName: argocd-tls-secret
rules: rules:
- host: argocd-test.streams.sunet.se - host: argocd-test.streams.sunet.se
http: http:

2
argocd-nginx/base/kustomization.yaml
View file

@ -1,3 +1,3 @@
resources: resources:
- argocd-ingress.yaml - argocd-ingress.yaml
- argocd-certificate.yaml - argocd-cert-issuer.yaml