Nik Afiq
dc86a961be
- Create .env.example for API credentials - Update .gitignore to include .env file - Add cluster issuer configurations for internal CA and Let's Encrypt - Implement porkbun-secret.sh for creating Kubernetes secrets - Define Helm values for cert-manager, Gitea, and Pihole with TLS settings
31 lines
833 B
YAML
31 lines
833 B
YAML
# Let's Encrypt HTTP-01 issuer for *.nik4nao.com
|
|
# Apply: kubectl apply -f manifests/cert-manager/cluster-issuer-letsencrypt.yaml
|
|
apiVersion: cert-manager.io/v1
|
|
kind: ClusterIssuer
|
|
metadata:
|
|
name: letsencrypt-prod
|
|
spec:
|
|
acme:
|
|
email: nik.afiq98@ymail.com
|
|
server: https://acme-v02.api.letsencrypt.org/directory
|
|
privateKeySecretRef:
|
|
name: letsencrypt-prod-account-key
|
|
solvers:
|
|
- http01:
|
|
ingress:
|
|
ingressClassName: traefik
|
|
---
|
|
apiVersion: cert-manager.io/v1
|
|
kind: ClusterIssuer
|
|
metadata:
|
|
name: letsencrypt-staging
|
|
spec:
|
|
acme:
|
|
email: nik.afiq98@ymail.com
|
|
server: https://acme-staging-v02.api.letsencrypt.org/directory
|
|
privateKeySecretRef:
|
|
name: letsencrypt-staging-account-key
|
|
solvers:
|
|
- http01:
|
|
ingress:
|
|
ingressClassName: traefik |