apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: cert-manager
  namespace: argo-cd
  finalizers:
    - resources-finalizer.argocd.argoproj.io
spec:
  destination:
    server: https://kubernetes.default.svc
    namespace: cert-manager
  project: default
  source:
    chart: cert-manager
    helm:
      values: |

        prometheus:
          enabled: false

    repoURL: https://charts.jetstack.io
    targetRevision: 1.10.1

  syncPolicy:
    automated:
      prune: true
      selfHeal: true

---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
  name: roxedus.com-cloudflare
  namespace: cert-manager
spec:
  acme:
    server: https://acme-staging-v02.api.letsencrypt.org/directory
    privateKeySecretRef:
      name: cloudflare-issuer-account-key
    solvers:
    - dns01:
        cloudflare:
          apiTokenSecretRef:
            name: cloudflare-api-token-secret
            key: CLOUDFLARE_API_KEY
        selector:
          dnsNames:
          - 'roxedus.com'
          - '*.roxedus.com'
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
  name: test-roxedus-com
  namespace: default
spec:
  # Secret names are always required.
  secretName: example-com-tls

  dnsNames:
    - test.roxedus.com
  issuerRef:
    name: roxedus.com-cloudflare
    # We can reference ClusterIssuers by changing the kind here.
    # The default value is Issuer (i.e. a locally namespaced Issuer)
    kind: ClusterIssuer