From 739fe84947959922077ee253df4b895b4e4cd77e Mon Sep 17 00:00:00 2001 From: makefunstuff Date: Fri, 28 Jun 2024 01:11:24 +0300 Subject: certs --- kubernetes/letsencrypt.yaml | 14 ++++++++++++++ third-party/grafana/values.yaml | 7 ++++++- 2 files changed, 20 insertions(+), 1 deletion(-) create mode 100644 kubernetes/letsencrypt.yaml diff --git a/kubernetes/letsencrypt.yaml b/kubernetes/letsencrypt.yaml new file mode 100644 index 0000000..8e018db --- /dev/null +++ b/kubernetes/letsencrypt.yaml @@ -0,0 +1,14 @@ +apiVersion: cert-manager.io/v1 +kind: ClusterIssuer +metadata: + name: letsencrypt-prod +spec: + acme: + server: https://acme-v02.api.letsencrypt.org/directory + email: plugatariov@gmail.com + privateKeySecretRef: + name: letsencrypt-prod + solvers: + - http01: + ingress: + class: traefik diff --git a/third-party/grafana/values.yaml b/third-party/grafana/values.yaml index fb6a2e0..7c8815b 100644 --- a/third-party/grafana/values.yaml +++ b/third-party/grafana/values.yaml @@ -18,10 +18,11 @@ service: ingress: enabled: true annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod traefik.ingress.kubernetes.io/redirect-entry-point: https traefik.ingress.kubernetes.io/router.entrypoints: websecure traefik.ingress.kubernetes.io/router.tls: "true" - traefik.ingress.kubernete.io/router.tls.certresolver: default + traefik.ingress.kubernetes.io/router.tls.certresolver: default traefik.ingress.kubernetes.io/router.tls.domains.0.main: topkek.cloud traefik.ingress.kubernetes.io/router.tls.domains.0.sans: grafana.topkek.cloud labels: {} @@ -29,3 +30,7 @@ ingress: - grafana.topkek.cloud path: / pathType: Prefix + tls: + - hosts: + - grafana.topkek.cloud + secretName: grafana-topkek-cloud-tls -- cgit 1.4.1-2-gfad0