2021-11-28 10:16:31 +00:00
|
|
|
apiVersion: cert-manager.io/v1
|
|
|
|
kind: ClusterIssuer
|
|
|
|
metadata:
|
|
|
|
name: letsencrypt
|
|
|
|
namespace: cert-manager
|
|
|
|
spec:
|
|
|
|
acme:
|
|
|
|
# You must replace this email address with your own.
|
|
|
|
# Let's Encrypt will use this to contact you about expiring
|
|
|
|
# certificates, and issues related to your account.
|
|
|
|
email: nold@gnu.one
|
|
|
|
#server: https://acme-staging-v02.api.letsencrypt.org/directory
|
|
|
|
server: https://acme-v02.api.letsencrypt.org/directory
|
|
|
|
privateKeySecretRef:
|
|
|
|
# Secret resource that will be used to store the account's private key.
|
|
|
|
name: issuer-account-key
|
|
|
|
# Add a single challenge solver, HTTP01 using nginx
|
|
|
|
solvers:
|
2022-11-21 20:32:38 +00:00
|
|
|
- dns01:
|
2022-11-22 07:31:33 +00:00
|
|
|
cnameStrategy: Follow
|
2022-11-21 20:32:38 +00:00
|
|
|
cloudflare:
|
|
|
|
apiTokenSecretRef:
|
|
|
|
name: cloudflare-api
|
|
|
|
key: CF_API_TOKEN
|
|
|
|
|
|
|
|
#- http01:
|
|
|
|
# ingress:
|
|
|
|
# class: ingress-external-traefik
|
|
|
|
# ingressTemplate:
|
|
|
|
# metadata:
|
|
|
|
# labels:
|
|
|
|
# environment: external
|
|
|
|
# annotations:
|
|
|
|
# traefik.ingress.kubernetes.io/frontend-entry-points: "web"
|
|
|
|
# kubernetes.io/ingress.class: ingress-external
|