This commit is contained in:
Simen Røstvik 2022-11-30 23:44:30 +01:00
parent 27483146ed
commit 111c1e493f

View File

@ -29,51 +29,51 @@ spec:
prune: true
selfHeal: true
---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: roxedus.com-cloudflare
namespace: cert-manager
spec:
acme:
server: https://acme-v02.api.letsencrypt.org/directory
privateKeySecretRef:
name: cloudflare-issuer-account-key
solvers:
- dns01:
cloudflare:
apiTokenSecretRef:
name: cloudflare-api-token-secret
key: CLOUDFLARE_API_KEY
selector:
dnsNames:
- 'roxedus.com'
- '*.roxedus.com'
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
# add an annotation indicating the issuer to use.
cert-manager.io/acme-challenge-type: dns01
cert-manager.io/cluster-issuer: roxedus.com-cloudflare
name: myingress
namespace: default
spec:
ingressClassName: traefik
rules:
- host: test.roxedus.com
http:
paths:
- pathType: Prefix
path: /
backend:
service:
name: searxng
port:
number: 8080
tls: # < placing a host in the TLS config will determine what ends up in the cert's subjectAltNames
- hosts:
- test.roxedus.com
secretName: test-roxedus-com-cert # < cert-manager will store the created certificate in this secret.
# ---
# apiVersion: cert-manager.io/v1
# kind: ClusterIssuer
# metadata:
# name: roxedus.com-cloudflare
# namespace: cert-manager
# spec:
# acme:
# server: https://acme-v02.api.letsencrypt.org/directory
# privateKeySecretRef:
# name: cloudflare-issuer-account-key
# solvers:
# - dns01:
# cloudflare:
# apiTokenSecretRef:
# name: cloudflare-api-token-secret
# key: CLOUDFLARE_API_KEY
# selector:
# dnsNames:
# - 'roxedus.com'
# - '*.roxedus.com'
# ---
# apiVersion: networking.k8s.io/v1
# kind: Ingress
# metadata:
# annotations:
# # add an annotation indicating the issuer to use.
# cert-manager.io/acme-challenge-type: dns01
# cert-manager.io/cluster-issuer: roxedus.com-cloudflare
# name: myingress
# namespace: default
# spec:
# ingressClassName: traefik
# rules:
# - host: test.roxedus.com
# http:
# paths:
# - pathType: Prefix
# path: /
# backend:
# service:
# name: searxng
# port:
# number: 8080
# tls: # < placing a host in the TLS config will determine what ends up in the cert's subjectAltNames
# - hosts:
# - test.roxedus.com
# secretName: test-roxedus-com-cert # < cert-manager will store the created certificate in this secret.