From 1ae63c5786f83e57b636658a72fc442299b1c925 Mon Sep 17 00:00:00 2001 From: William P Date: Fri, 28 Feb 2025 18:51:44 -0500 Subject: [PATCH] add cert-manager config --- .../letsencrypt-dubyatp-xyz.yaml | 18 ++++++++++++++++++ .../ExternalSecrets/cloudflare-api-token.yaml | 18 ++++++++++++++++++ 2 files changed, 36 insertions(+) create mode 100644 system-apps/cert-manager/config/ClusterIssuers/letsencrypt-dubyatp-xyz.yaml create mode 100644 system-apps/cert-manager/config/ExternalSecrets/cloudflare-api-token.yaml diff --git a/system-apps/cert-manager/config/ClusterIssuers/letsencrypt-dubyatp-xyz.yaml b/system-apps/cert-manager/config/ClusterIssuers/letsencrypt-dubyatp-xyz.yaml new file mode 100644 index 0000000..6ab9bd4 --- /dev/null +++ b/system-apps/cert-manager/config/ClusterIssuers/letsencrypt-dubyatp-xyz.yaml @@ -0,0 +1,18 @@ +apiVersion: cert-manager.io/v1 +kind: ClusterIssuer +metadata: + name: letsencrypt-dubyatp-xyz + namespace: cert-manager +spec: + acme: + email: me@williamtpeebles.com + preferredChain: "" + privateKeySecretRef: + name: letsencrypt-dubyatp-xyz + server: https://acme-v02.api.letsencrypt.org/directory + solvers: + - dns01: + cloudflare: + apiTokenSecretRef: + key: api-token + name: cloudflare-api-token-secret \ No newline at end of file diff --git a/system-apps/cert-manager/config/ExternalSecrets/cloudflare-api-token.yaml b/system-apps/cert-manager/config/ExternalSecrets/cloudflare-api-token.yaml new file mode 100644 index 0000000..fff66dc --- /dev/null +++ b/system-apps/cert-manager/config/ExternalSecrets/cloudflare-api-token.yaml @@ -0,0 +1,18 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: cloudflare-api-token-secret + namespace: cert-manager +spec: + refreshInterval: 1h + secretStoreRef: + name: weyma-vault + kind: ClusterSecretStore + target: + name: cloudflare-api-token-secret + creationPolicy: Owner + data: + - secretKey: api-token + remoteRef: + key: cert-manager + property: cloudflare-api-token \ No newline at end of file