update

commit: 4ec4c0232ca1681e96dc0cd0f6e1de32c72e5ea0 [log] [tgz]
author: Giorgi Lekveishvili <lekva@gl-mbp-m1-max.local> Sat Aug 17 15:09:24 2024 +0400
committer: Giorgi Lekveishvili <lekva@gl-mbp-m1-max.local> Sat Aug 17 15:09:24 2024 +0400
tree: b43c5f4e56145b66c2cbc4eb20fbc11b84eef105
parent: 924c61fd74046934228aa1fd58b88b3156cfdb29 [diff]
diff --git a/charts/certificate-issuer-private/Chart.yaml b/charts/certificate-issuer-private/Chart.yaml
new file mode 100644
index 0000000..0d06818
--- /dev/null
+++ b/charts/certificate-issuer-private/Chart.yaml

@@ -0,0 +1,6 @@
+apiVersion: v2
+name: certificate-issuer
+description: A Helm chart for PCloud public and private certificate issuer
+type: application
+version: 0.0.1
+appVersion: "0.0.1"

diff --git a/charts/certificate-issuer-private/templates/certificate-wildcard.yaml b/charts/certificate-issuer-private/templates/certificate-wildcard.yaml
new file mode 100644
index 0000000..b478cc3
--- /dev/null
+++ b/charts/certificate-issuer-private/templates/certificate-wildcard.yaml

@@ -0,0 +1,14 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: wildcard-{{ .Values.issuer.domain }}
+  namespace: {{ .Release.Namespace }}
+  annotations:
+    helm.sh/resource-policy: keep
+spec:
+  dnsNames:
+  - '*.{{ .Values.issuer.domain }}'
+  issuerRef:
+    name: {{ .Values.issuer.name }}
+    kind: Issuer
+  secretName: cert-wildcard.{{ .Values.issuer.domain }}

diff --git a/charts/certificate-issuer-private/templates/issuer.yaml b/charts/certificate-issuer-private/templates/issuer.yaml
new file mode 100644
index 0000000..bc29bed
--- /dev/null
+++ b/charts/certificate-issuer-private/templates/issuer.yaml

@@ -0,0 +1,19 @@
+apiVersion: cert-manager.io/v1
+kind: Issuer
+metadata:
+  name: {{ .Values.issuer.name }}
+  namespace: {{ .Release.Namespace }}
+spec:
+  acme:
+    server: {{ .Values.issuer.server }}
+    email: {{ .Values.issuer.contactEmail }}
+    privateKeySecretRef:
+      name: issuer-{{ .Values.issuer.name }}-account-key
+    solvers:
+    - dns01:
+        webhook:
+          groupName: dodo.cloud # TODO(gio): configurable, this and one below
+          solverName: dns-resolver-pcloud
+          config:
+            createTXTAddr: {{ .Values.config.createTXTAddr }}
+            deleteTXTAddr: {{ .Values.config.deleteTXTAddr }}

diff --git a/charts/certificate-issuer-private/values.yaml b/charts/certificate-issuer-private/values.yaml
new file mode 100644
index 0000000..fd0d9bd
--- /dev/null
+++ b/charts/certificate-issuer-private/values.yaml

@@ -0,0 +1,9 @@
+issuer:
+  name: selfsigned-private
+  server: https://acme-v02.api.letsencrypt.org/directory
+  contactEmail: admin@example.com
+  gandiAPIToken: token
+  domain: p.example.com
+config:
+  createTXTAddr: http://10.44.0.1/create-txt-record
+  deleteTXTAddr: http://10.44.0.1/delete-txt-record
commit	4ec4c0232ca1681e96dc0cd0f6e1de32c72e5ea0	[log] [tgz]
author	Giorgi Lekveishvili <lekva@gl-mbp-m1-max.local>	Sat Aug 17 15:09:24 2024 +0400
committer	Giorgi Lekveishvili <lekva@gl-mbp-m1-max.local>	Sat Aug 17 15:09:24 2024 +0400
tree	b43c5f4e56145b66c2cbc4eb20fbc11b84eef105
parent	924c61fd74046934228aa1fd58b88b3156cfdb29 [diff]