add cert-manager to core-deployments
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
parent
ae12bc6b0e
commit
44ca237d98
GPG key ID:
F17EFE4272D89FF6
3 changed files with 97 additions and 0 deletions
|
|
@ -345,3 +345,33 @@ spec:
|
||||||
automated:
|
automated:
|
||||||
selfHeal: true
|
selfHeal: true
|
||||||
prune: true
|
prune: true
|
||||||
|
---
|
||||||
|
apiVersion: argoproj.io/v1alpha1
|
||||||
|
kind: Application
|
||||||
|
metadata:
|
||||||
|
name: cert-manager
|
||||||
|
namespace: argocd
|
||||||
|
spec:
|
||||||
|
project: default
|
||||||
|
sources:
|
||||||
|
- repoURL: https://charts.jetstack.io
|
||||||
|
chart: cert-manager
|
||||||
|
targetRevision: 1.14.5
|
||||||
|
helm:
|
||||||
|
releaseName: cert-manager
|
||||||
|
valueFiles:
|
||||||
|
- $values/cert-manager/values.yaml
|
||||||
|
- repoURL: https://git.ar21.de/yolokube/core-deployments.git
|
||||||
|
targetRevision: HEAD
|
||||||
|
ref: values
|
||||||
|
- repoURL: https://git.ar21.de/yolokube/core-deployments.git
|
||||||
|
targetRevision: HEAD
|
||||||
|
path: cert-manager
|
||||||
|
destination:
|
||||||
|
server: https://kubernetes.default.svc
|
||||||
|
namespace: cert-manager
|
||||||
|
syncPolicy:
|
||||||
|
syncOptions:
|
||||||
|
- CreateNamespace=true
|
||||||
|
automated:
|
||||||
|
prune: true
|
||||||
|
|
|
||||||
30
cert-manager/issuer.yaml
Normal file
30
cert-manager/issuer.yaml
Normal file
|
|
@ -0,0 +1,30 @@
|
||||||
|
---
|
||||||
|
apiVersion: cert-manager.io/v1
|
||||||
|
kind: ClusterIssuer
|
||||||
|
metadata:
|
||||||
|
name: letsencrypt-prod
|
||||||
|
spec:
|
||||||
|
acme:
|
||||||
|
email: letsencrypt@ar21.de
|
||||||
|
server: https://acme-v02.api.letsencrypt.org/directory
|
||||||
|
privateKeySecretRef:
|
||||||
|
name: letsencrypt-prod-key
|
||||||
|
solvers:
|
||||||
|
- http01:
|
||||||
|
ingress:
|
||||||
|
class: traefik
|
||||||
|
---
|
||||||
|
apiVersion: cert-manager.io/v1
|
||||||
|
kind: ClusterIssuer
|
||||||
|
metadata:
|
||||||
|
name: letsencrypt-staging
|
||||||
|
spec:
|
||||||
|
acme:
|
||||||
|
email: letsencrypt@ar21.de
|
||||||
|
server: https://acme-staging-v02.api.letsencrypt.org/directory
|
||||||
|
privateKeySecretRef:
|
||||||
|
name: letsencrypt-staging-key
|
||||||
|
solvers:
|
||||||
|
- http01:
|
||||||
|
ingress:
|
||||||
|
class: traefik
|
||||||
37
cert-manager/values.yaml
Normal file
37
cert-manager/values.yaml
Normal file
|
|
@ -0,0 +1,37 @@
|
||||||
|
namespace: cert-manager
|
||||||
|
replicaCount: 3
|
||||||
|
installCRDs: true
|
||||||
|
podDisruptionBudget:
|
||||||
|
enabled: true
|
||||||
|
strategy:
|
||||||
|
type: RollingUpdate
|
||||||
|
rollingUpdate:
|
||||||
|
maxUnavailable: 1
|
||||||
|
maxSurge: 0
|
||||||
|
ingressShim:
|
||||||
|
defaultIssuerName: letsencrypt-prod
|
||||||
|
defaultIssuerKind: ClusterIssuer
|
||||||
|
defaultIssuerGroup: cert-manager.io
|
||||||
|
webhook:
|
||||||
|
replicaCount: 3
|
||||||
|
podDisruptionBudget:
|
||||||
|
enabled: true
|
||||||
|
strategy:
|
||||||
|
type: RollingUpdate
|
||||||
|
rollingUpdate:
|
||||||
|
maxUnavailable: 1
|
||||||
|
maxSurge: 0
|
||||||
|
cainjector:
|
||||||
|
replicaCount: 3
|
||||||
|
podDisruptionBudget:
|
||||||
|
enabled: true
|
||||||
|
strategy:
|
||||||
|
type: RollingUpdate
|
||||||
|
rollingUpdate:
|
||||||
|
maxUnavailable: 1
|
||||||
|
maxSurge: 0
|
||||||
|
crds:
|
||||||
|
enabled: true
|
||||||
|
prometheus:
|
||||||
|
servicemonitor:
|
||||||
|
enabled: true
|
||||||
Loading…
Reference in a new issue