commit 01a6b79754ecc66b1c76d5a9836d85724d9a50f2
author giolekva <giolekva@gmail.com> Thu Nov 11 19:01:17 2021 +0400
committer giolekva <giolekva@gmail.com> Thu Nov 11 19:01:17 2021 +0400
tree dc571ca8d829a1d81620252ce8f7f9ad56d9d225
parent 9cdcc046dc2252a2e9b09f38476895d22dcadb5f

Installer: migrate internal services to *.p.{domain}

charts/certificate-issuer/templates/private.yaml

diff --git a/charts/certificate-issuer/templates/private.yaml b/charts/certificate-issuer/templates/private.yaml
index 1b5c06d..1ab6e90 100644
--- a/charts/certificate-issuer/templates/private.yaml
+++ b/charts/certificate-issuer/templates/private.yaml
@@ -1,33 +1,20 @@
 apiVersion: cert-manager.io/v1
-kind: ClusterIssuer
-metadata:
-  name: {{ .Values.private.name }}-bootstrap
-  namespace: {{ .Release.Namespace }}
-spec:
-  selfSigned: {}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
-  name: {{ .Values.private.name }}-ca-root
-  namespace: {{ .Release.Namespace }}
-spec:
-  isCA: true
-  commonName: {{ .Values.private.name }}-ca-root
-  secretName: {{ .Values.private.name }}-ca-root
-  privateKey:
-    algorithm: ECDSA
-    size: 256
-  issuerRef:
-    name: {{ .Values.private.name }}-bootstrap
-    kind: ClusterIssuer
-    group: cert-manager.io
----
-apiVersion: cert-manager.io/v1
-kind: ClusterIssuer
+kind: Issuer
 metadata:
   name: {{ .Values.private.name }}
   namespace: {{ .Release.Namespace }}
 spec:
-  ca:
-    secretName: {{ .Values.private.name }}-ca-root
+  acme:
+    server: {{ .Values.private.server }}
+    email: {{ .Values.private.contactEmail }}
+    privateKeySecretRef:
+      name: issuer-{{ .Values.private.name }}-account-key
+    solvers:
+    - dns01:
+        webhook:
+          groupName: acme.bwolf.me
+          solverName: gandi
+          config:
+            apiKeySecretRef:
+              key: api-token
+              name: gandi-credentials