Installer: separate certificates from ingress and annotate to keep them after helm uninstall
diff --git a/helmfile/base/helmfile.yaml b/helmfile/base/helmfile.yaml
index 276096e..e7690ff 100644
--- a/helmfile/base/helmfile.yaml
+++ b/helmfile/base/helmfile.yaml
@@ -165,12 +165,6 @@
- ingress:
# TODO(giolekva): maybe run separate Nebula network for pcloud infrastructure services?
enabled: false
- # ngressClassName: nginx-private
- # tls: true
- # host: longhorn.pcloud
- # annotations:
- # cert-manager.io/cluster-issuer: "selfsigned-ca"
- # acme.cert-manager.io/http01-edit-in-place: "true"
- name: mail-gateway
chart: ../../charts/mail-gateway
namespace: {{ .Values.name }}-mail-gateway
diff --git a/helmfile/users/helmfile.yaml b/helmfile/users/helmfile.yaml
index 567d3e0..1515c39 100644
--- a/helmfile/users/helmfile.yaml
+++ b/helmfile/users/helmfile.yaml
@@ -179,14 +179,10 @@
paths:
- path: /
pathType: Prefix
- annotations:
- cert-manager.io/cluster-issuer: "{{ .Values.id }}-public"
- acme.cert-manager.io/http01-edit-in-place: "true"
tls:
- hosts:
- accounts.{{ .Values.domain }}
secretName: cert-accounts.{{ .Values.domain }}
- # secretName: cert-wildcard.{{ .Values.domain }}
secret:
enabled: true
kratos:
@@ -335,9 +331,6 @@
paths:
- path: /
pathType: Prefix
- annotations:
- cert-manager.io/cluster-issuer: "{{ .Values.id }}-public"
- acme.cert-manager.io/http01-edit-in-place: "true"
tls:
- hosts:
- hydra.{{ .Values.domain }}
@@ -546,7 +539,7 @@
domain: {{ .Values.domain }}
certificateIssuer: {{ .Values.id }}-public
- storage:
- size: 10Gi
+ size: 100Gi
- mailGateway:
mxHostname: {{ .Values.mxHostname}}
address: {{ .Values.mailGatewayAddress }}