Adjust ingress tls values for cert-manager
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
parent
90dcd9d15f
commit
e1ed098915
9 changed files with 80 additions and 3 deletions
|
@ -2,6 +2,8 @@
|
|||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
annotations:
|
||||
kubernetes.io/tls-acme: "true"
|
||||
name: argocd-ingress
|
||||
namespace: argocd
|
||||
spec:
|
||||
|
@ -16,3 +18,7 @@ spec:
|
|||
name: argocd-server
|
||||
port:
|
||||
number: 80
|
||||
tls:
|
||||
- hosts:
|
||||
- argo.services.yolokube.de
|
||||
secretName: argocd-tls-key
|
||||
|
|
|
@ -49,6 +49,8 @@ spec:
|
|||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
annotations:
|
||||
kubernetes.io/tls-acme: "true"
|
||||
name: dashboard-ingress
|
||||
namespace: dashboard
|
||||
spec:
|
||||
|
@ -63,3 +65,7 @@ spec:
|
|||
name: dashboard-service
|
||||
port:
|
||||
number: 80
|
||||
tls:
|
||||
- hosts:
|
||||
- dashboard.services.yolokube.de
|
||||
secretName: dashboard-tls-key
|
||||
|
|
|
@ -15,6 +15,13 @@ patches:
|
|||
target:
|
||||
kind: Ingress
|
||||
name: dashboard-ingress
|
||||
- patch: |-
|
||||
- op: replace
|
||||
path: /spec/tls/0/hosts/0
|
||||
value: "dashboard-staging.services.yolokube.de"
|
||||
target:
|
||||
kind: Ingress
|
||||
name: dashboard-ingress
|
||||
- patch: |-
|
||||
- op: replace
|
||||
path: /spec/replicas
|
||||
|
|
|
@ -65,6 +65,8 @@ spec:
|
|||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
annotations:
|
||||
kubernetes.io/tls-acme: "true"
|
||||
name: example-ingress
|
||||
namespace: example
|
||||
#annotations:
|
||||
|
@ -82,3 +84,7 @@ spec:
|
|||
name: example-service
|
||||
port:
|
||||
number: 80
|
||||
tls:
|
||||
- hosts:
|
||||
- example.apps.yolokube.de
|
||||
secretName: example-tls-key
|
||||
|
|
|
@ -24,7 +24,10 @@ ingress:
|
|||
enabled: true
|
||||
host: longhorn.services.yolokube.de
|
||||
annotations:
|
||||
kubernetes.io/tls-acme: "true"
|
||||
traefik.ingress.kubernetes.io/router.middlewares: traefik-basic-auth@kubernetescrd
|
||||
tls: true
|
||||
tlsSecret: longhorn-tls-key
|
||||
metrics:
|
||||
serviceMonitor:
|
||||
enabled: true
|
||||
|
|
|
@ -60,6 +60,11 @@ alertmanager:
|
|||
- alertmanager.services.yolokube.de
|
||||
annotations:
|
||||
traefik.ingress.kubernetes.io/router.middlewares: traefik-basic-auth@kubernetescrd
|
||||
kubernetes.io/tls-acme: "true"
|
||||
tls:
|
||||
- secretName: alertmanager-tls-key
|
||||
hosts:
|
||||
- alertmanager.services.yolokube.de
|
||||
ingressPerReplica:
|
||||
pathType: ImplementationSpecific
|
||||
paths:
|
||||
|
@ -69,15 +74,25 @@ alertmanager:
|
|||
hostDomain: services.yolokube.de
|
||||
annotations:
|
||||
traefik.ingress.kubernetes.io/router.middlewares: traefik-basic-auth@kubernetescrd
|
||||
kubernetes.io/tls-acme: "true"
|
||||
tlsSecretPerReplica:
|
||||
enabled: true
|
||||
prefix: alertmanager
|
||||
servicePerReplica:
|
||||
enabled: true
|
||||
podAntiAffinity: "hard"
|
||||
grafana:
|
||||
defaultDashboardsTimezone: Europe/Berlin
|
||||
ingress:
|
||||
annotations:
|
||||
kubernetes.io/tls-acme: "true"
|
||||
enabled: true
|
||||
hosts:
|
||||
- grafana.services.yolokube.de
|
||||
tls:
|
||||
- secretName: grafana-tls-key
|
||||
hosts:
|
||||
- grafana.services.yolokube.de
|
||||
persistence:
|
||||
enabled: true
|
||||
accessModes:
|
||||
|
@ -106,6 +121,11 @@ prometheus:
|
|||
- prometheus.services.yolokube.de
|
||||
annotations:
|
||||
traefik.ingress.kubernetes.io/router.middlewares: traefik-basic-auth@kubernetescrd
|
||||
kubernetes.io/tls-acme: "true"
|
||||
tls:
|
||||
- secretName: prometheus-tls-key
|
||||
hosts:
|
||||
- prometheus.services.yolokube.de
|
||||
ingressPerReplica:
|
||||
pathType: ImplementationSpecific
|
||||
paths:
|
||||
|
@ -115,6 +135,10 @@ prometheus:
|
|||
hostDomain: services.yolokube.de
|
||||
annotations:
|
||||
traefik.ingress.kubernetes.io/router.middlewares: traefik-basic-auth@kubernetescrd
|
||||
kubernetes.io/tls-acme: "true"
|
||||
tlsSecretPerReplica:
|
||||
enabled: true
|
||||
prefix: prometheus
|
||||
prometheusSpec:
|
||||
retentionSize: "45GB"
|
||||
replicas: 2
|
||||
|
|
|
@ -44,6 +44,8 @@ spec:
|
|||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
annotations:
|
||||
kubernetes.io/tls-acme: "true"
|
||||
name: test1-ingress
|
||||
namespace: aaron-test
|
||||
spec:
|
||||
|
@ -58,3 +60,7 @@ spec:
|
|||
name: test1-service
|
||||
port:
|
||||
number: 80
|
||||
tls:
|
||||
- hosts:
|
||||
- test.apps.yolokube.de
|
||||
secretName: test1-tls-key
|
||||
|
|
|
@ -66,6 +66,8 @@ spec:
|
|||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
annotations:
|
||||
kubernetes.io/tls-acme: "true"
|
||||
name: paste-ingress
|
||||
namespace: paste
|
||||
spec:
|
||||
|
@ -80,3 +82,7 @@ spec:
|
|||
name: paste-service
|
||||
port:
|
||||
number: 80
|
||||
tls:
|
||||
- hosts:
|
||||
- paste.apps.yolokube.de
|
||||
secretName: paste-tls-key
|
||||
|
|
13
traefik/dashboard-cert.yaml
Normal file
13
traefik/dashboard-cert.yaml
Normal file
|
@ -0,0 +1,13 @@
|
|||
---
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: Certificate
|
||||
metadata:
|
||||
name: traefik-cert
|
||||
namespace: traefik
|
||||
spec:
|
||||
secretName: traefik-tls-key
|
||||
issuerRef:
|
||||
name: letsencrypt-prod
|
||||
kind: ClusterIssuer
|
||||
dnsNames:
|
||||
- traefik.services.yolokube.de
|
Loading…
Reference in a new issue