fix(cert-manager): ACME solver set to DNS

2024-11-16 02:29:34 +00:00 · 2022-11-21 21:32:38 +01:00 · 2022-11-21 21:32:38 +01:00 · e2bbd852e1
commit e2bbd852e1
parent 9b651c854d
3 changed files with 38 additions and 23 deletions
--- a/projects/core/project.yml
+++ b/projects/core/project.yml
@ -35,19 +35,6 @@ apps:
  targetRevision: 0.13.4
  syncWave: '0'

- name: cert-manager
-  namespace: cert-manager
-  repoURL: https://charts.jetstack.io
-  chart: cert-manager
-  targetRevision: v1.10.0
-  parameters:
-  - name: installCRDs
-    value: 'true'
-  secrets:
-  - name: cert-manager-vault-approle
-    keys:
-    - secretId
-
 - name: ingress-internal
  namespace: ingress-internal
  repoURL: https://helm.traefik.io/traefik
@ -69,3 +56,17 @@ apps:
  - name: cloudflare-api
    keys:
    - CF_API_TOKEN
+
+- name: cert-manager
+  namespace: cert-manager
+  repoURL: https://charts.jetstack.io
+  chart: cert-manager
+  targetRevision: v1.10.0
+  secrets:
+  - name: cert-manager-vault-approle
+    keys:
+    - secretId
+  - name: cloudflare-api
+    fromApp: external-dns
+    keys:
+    - CF_API_TOKEN
--- a/projects/woodpecker/project.yml
+++ b/projects/woodpecker/project.yml
@ -3,6 +3,14 @@ config:
  repoURL: https://woodpecker-ci.org
  targetRevision: v0.15.5

+  networkPolicy:
+    groups:
+    - internet
+
+  labels:
+    environment: external
+
+
 apps:
  - name: woodpecker-server
    chart: woodpecker-server
--- a/resources/manifests/clusterissuer.yaml
+++ b/resources/manifests/clusterissuer.yaml
@ -16,13 +16,19 @@ spec:
      name: issuer-account-key
    # Add a single challenge solver, HTTP01 using nginx
    solvers:
-    - http01:
-        ingress:
-          class: ingress-external-traefik
-          ingressTemplate:
-            metadata:
-              labels:
-                environment: external
-              annotations:
-                traefik.ingress.kubernetes.io/frontend-entry-points: "web"
-                kubernetes.io/ingress.class: ingress-external
+    - dns01:
+        cloudflare:
+          apiTokenSecretRef:
+            name: cloudflare-api
+            key: CF_API_TOKEN
+
+      #- http01:
+      #   ingress:
+      #    class: ingress-external-traefik
+      #    ingressTemplate:
+      #      metadata:
+      #        labels:
+      #          environment: external
+      #        annotations:
+      #         traefik.ingress.kubernetes.io/frontend-entry-points: "web"
+      #         kubernetes.io/ingress.class: ingress-external