diff options
-rw-r--r-- | kubernetes/letsencrypt.yaml | 14 | ||||
-rw-r--r-- | third-party/grafana/values.yaml | 7 |
2 files changed, 20 insertions, 1 deletions
diff --git a/kubernetes/letsencrypt.yaml b/kubernetes/letsencrypt.yaml new file mode 100644 index 0000000..8e018db --- /dev/null +++ b/kubernetes/letsencrypt.yaml @@ -0,0 +1,14 @@ +apiVersion: cert-manager.io/v1 +kind: ClusterIssuer +metadata: + name: letsencrypt-prod +spec: + acme: + server: https://acme-v02.api.letsencrypt.org/directory + email: [email protected] + privateKeySecretRef: + name: letsencrypt-prod + solvers: + - http01: + ingress: + class: traefik diff --git a/third-party/grafana/values.yaml b/third-party/grafana/values.yaml index fb6a2e0..7c8815b 100644 --- a/third-party/grafana/values.yaml +++ b/third-party/grafana/values.yaml @@ -18,10 +18,11 @@ service: ingress: enabled: true annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod traefik.ingress.kubernetes.io/redirect-entry-point: https traefik.ingress.kubernetes.io/router.entrypoints: websecure traefik.ingress.kubernetes.io/router.tls: "true" - traefik.ingress.kubernete.io/router.tls.certresolver: default + traefik.ingress.kubernetes.io/router.tls.certresolver: default traefik.ingress.kubernetes.io/router.tls.domains.0.main: topkek.cloud traefik.ingress.kubernetes.io/router.tls.domains.0.sans: grafana.topkek.cloud labels: {} @@ -29,3 +30,7 @@ ingress: - grafana.topkek.cloud path: / pathType: Prefix + tls: + - hosts: + - grafana.topkek.cloud + secretName: grafana-topkek-cloud-tls |