fix(cert-manager): ACME solver set to DNS

This commit is contained in:
nold 2022-11-21 21:32:38 +01:00
parent 9b651c854d
commit e2bbd852e1
3 changed files with 38 additions and 23 deletions

View file

@ -35,19 +35,6 @@ apps:
targetRevision: 0.13.4 targetRevision: 0.13.4
syncWave: '0' syncWave: '0'
- name: cert-manager
namespace: cert-manager
repoURL: https://charts.jetstack.io
chart: cert-manager
targetRevision: v1.10.0
parameters:
- name: installCRDs
value: 'true'
secrets:
- name: cert-manager-vault-approle
keys:
- secretId
- name: ingress-internal - name: ingress-internal
namespace: ingress-internal namespace: ingress-internal
repoURL: https://helm.traefik.io/traefik repoURL: https://helm.traefik.io/traefik
@ -69,3 +56,17 @@ apps:
- name: cloudflare-api - name: cloudflare-api
keys: keys:
- CF_API_TOKEN - CF_API_TOKEN
- name: cert-manager
namespace: cert-manager
repoURL: https://charts.jetstack.io
chart: cert-manager
targetRevision: v1.10.0
secrets:
- name: cert-manager-vault-approle
keys:
- secretId
- name: cloudflare-api
fromApp: external-dns
keys:
- CF_API_TOKEN

View file

@ -3,6 +3,14 @@ config:
repoURL: https://woodpecker-ci.org repoURL: https://woodpecker-ci.org
targetRevision: v0.15.5 targetRevision: v0.15.5
networkPolicy:
groups:
- internet
labels:
environment: external
apps: apps:
- name: woodpecker-server - name: woodpecker-server
chart: woodpecker-server chart: woodpecker-server

View file

@ -16,13 +16,19 @@ spec:
name: issuer-account-key name: issuer-account-key
# Add a single challenge solver, HTTP01 using nginx # Add a single challenge solver, HTTP01 using nginx
solvers: solvers:
- http01: - dns01:
ingress: cloudflare:
class: ingress-external-traefik apiTokenSecretRef:
ingressTemplate: name: cloudflare-api
metadata: key: CF_API_TOKEN
labels:
environment: external #- http01:
annotations: # ingress:
traefik.ingress.kubernetes.io/frontend-entry-points: "web" # class: ingress-external-traefik
kubernetes.io/ingress.class: ingress-external # ingressTemplate:
# metadata:
# labels:
# environment: external
# annotations:
# traefik.ingress.kubernetes.io/frontend-entry-points: "web"
# kubernetes.io/ingress.class: ingress-external