Installer: configure cert-manager(-webhook-gandi), kubed as part of infrastructure
diff --git a/charts/certificate-issuer/templates/wildcard-certificate-private.yaml b/charts/certificate-issuer/templates/wildcard-certificate-private.yaml
index f869875..408b76c 100644
--- a/charts/certificate-issuer/templates/wildcard-certificate-private.yaml
+++ b/charts/certificate-issuer/templates/wildcard-certificate-private.yaml
@@ -10,3 +10,6 @@
name: {{ .Values.private.name }}
kind: Issuer
secretName: cert-wildcard.{{ .Values.private.domain }}
+ secretTemplate:
+ annotations:
+ kubed.appscode.com/sync: "pcloud-instance-id={{ .Values.pcloudInstanceId }}"
diff --git a/charts/certificate-issuer/templates/www-certificate-public.yaml b/charts/certificate-issuer/templates/www-certificate-public.yaml
new file mode 100644
index 0000000..d6b4dc6
--- /dev/null
+++ b/charts/certificate-issuer/templates/www-certificate-public.yaml
@@ -0,0 +1,16 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+ name: www-{{ .Values.public.domain }}
+ namespace: {{ .Release.Namespace }}
+spec:
+ dnsNames:
+ - '{{ .Values.public.domain }}'
+ - 'www.{{ .Values.public.domain }}'
+ issuerRef:
+ name: {{ .Values.public.name }}
+ kind: ClusterIssuer
+ secretName: cert-www.{{ .Values.private.domain }}
+ secretTemplate:
+ annotations:
+ kubed.appscode.com/sync: "pcloud-instance-id={{ .Values.pcloudInstanceId }}"
diff --git a/charts/certificate-issuer/values.yaml b/charts/certificate-issuer/values.yaml
index 904b5ac..b9660ae 100644
--- a/charts/certificate-issuer/values.yaml
+++ b/charts/certificate-issuer/values.yaml
@@ -1,3 +1,4 @@
+pcloudInstanceId: example
certManager:
namespace: cert-manager
gandiWebhookSecretReader: cert-manager-webhook-gandi
@@ -6,6 +7,7 @@
server: https://acme-v02.api.letsencrypt.org/directory
contactEmail: admin@example.com
ingressClass: ingress-nginx
+ domain: example.com
private:
name: selfsigned-private
server: https://acme-v02.api.letsencrypt.org/directory