Adjust ingress tls values for cert-manager
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
Tom Neuber 2024-05-28 17:42:47 +02:00
parent 90dcd9d15f
commit e1ed098915
Signed by: tom
GPG key ID: F17EFE4272D89FF6
9 changed files with 80 additions and 3 deletions

View file

@ -2,6 +2,8 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
kubernetes.io/tls-acme: "true"
name: argocd-ingress
namespace: argocd
spec:
@ -15,4 +17,8 @@ spec:
service:
name: argocd-server
port:
number: 80
number: 80
tls:
- hosts:
- argo.services.yolokube.de
secretName: argocd-tls-key

View file

@ -49,6 +49,8 @@ spec:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
kubernetes.io/tls-acme: "true"
name: dashboard-ingress
namespace: dashboard
spec:
@ -63,3 +65,7 @@ spec:
name: dashboard-service
port:
number: 80
tls:
- hosts:
- dashboard.services.yolokube.de
secretName: dashboard-tls-key

View file

@ -15,6 +15,13 @@ patches:
target:
kind: Ingress
name: dashboard-ingress
- patch: |-
- op: replace
path: /spec/tls/0/hosts/0
value: "dashboard-staging.services.yolokube.de"
target:
kind: Ingress
name: dashboard-ingress
- patch: |-
- op: replace
path: /spec/replicas

View file

@ -65,6 +65,8 @@ spec:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
kubernetes.io/tls-acme: "true"
name: example-ingress
namespace: example
#annotations:
@ -82,3 +84,7 @@ spec:
name: example-service
port:
number: 80
tls:
- hosts:
- example.apps.yolokube.de
secretName: example-tls-key

View file

@ -24,7 +24,10 @@ ingress:
enabled: true
host: longhorn.services.yolokube.de
annotations:
kubernetes.io/tls-acme: "true"
traefik.ingress.kubernetes.io/router.middlewares: traefik-basic-auth@kubernetescrd
tls: true
tlsSecret: longhorn-tls-key
metrics:
serviceMonitor:
enabled: true

View file

@ -60,6 +60,11 @@ alertmanager:
- alertmanager.services.yolokube.de
annotations:
traefik.ingress.kubernetes.io/router.middlewares: traefik-basic-auth@kubernetescrd
kubernetes.io/tls-acme: "true"
tls:
- secretName: alertmanager-tls-key
hosts:
- alertmanager.services.yolokube.de
ingressPerReplica:
pathType: ImplementationSpecific
paths:
@ -69,15 +74,25 @@ alertmanager:
hostDomain: services.yolokube.de
annotations:
traefik.ingress.kubernetes.io/router.middlewares: traefik-basic-auth@kubernetescrd
kubernetes.io/tls-acme: "true"
tlsSecretPerReplica:
enabled: true
prefix: alertmanager
servicePerReplica:
enabled: true
podAntiAffinity: "hard"
grafana:
defaultDashboardsTimezone: Europe/Berlin
ingress:
annotations:
kubernetes.io/tls-acme: "true"
enabled: true
hosts:
- grafana.services.yolokube.de
tls:
- secretName: grafana-tls-key
hosts:
- grafana.services.yolokube.de
persistence:
enabled: true
accessModes:
@ -106,6 +121,11 @@ prometheus:
- prometheus.services.yolokube.de
annotations:
traefik.ingress.kubernetes.io/router.middlewares: traefik-basic-auth@kubernetescrd
kubernetes.io/tls-acme: "true"
tls:
- secretName: prometheus-tls-key
hosts:
- prometheus.services.yolokube.de
ingressPerReplica:
pathType: ImplementationSpecific
paths:
@ -115,6 +135,10 @@ prometheus:
hostDomain: services.yolokube.de
annotations:
traefik.ingress.kubernetes.io/router.middlewares: traefik-basic-auth@kubernetescrd
kubernetes.io/tls-acme: "true"
tlsSecretPerReplica:
enabled: true
prefix: prometheus
prometheusSpec:
retentionSize: "45GB"
replicas: 2
@ -142,4 +166,4 @@ defaultRules:
customRules:
KubeNodeUnreachable:
for: 0m
severity: "critical"
severity: "critical"

View file

@ -44,6 +44,8 @@ spec:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
kubernetes.io/tls-acme: "true"
name: test1-ingress
namespace: aaron-test
spec:
@ -58,3 +60,7 @@ spec:
name: test1-service
port:
number: 80
tls:
- hosts:
- test.apps.yolokube.de
secretName: test1-tls-key

View file

@ -66,6 +66,8 @@ spec:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
kubernetes.io/tls-acme: "true"
name: paste-ingress
namespace: paste
spec:
@ -79,4 +81,8 @@ spec:
service:
name: paste-service
port:
number: 80
number: 80
tls:
- hosts:
- paste.apps.yolokube.de
secretName: paste-tls-key

View file

@ -0,0 +1,13 @@
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: traefik-cert
namespace: traefik
spec:
secretName: traefik-tls-key
issuerRef:
name: letsencrypt-prod
kind: ClusterIssuer
dnsNames:
- traefik.services.yolokube.de