cert-manager + metallb configs
diff --git a/scripts/homelab/cluster-issuer.yaml b/scripts/homelab/cluster-issuer.yaml
new file mode 100644
index 0000000..b408aef
--- /dev/null
+++ b/scripts/homelab/cluster-issuer.yaml
@@ -0,0 +1,72 @@
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+ name: letsencrypt-prod
+ namespace: cert-manager
+spec:
+ acme:
+ server: https://acme-v02.api.letsencrypt.org/directory
+ email: giolekva@gmail.com
+ privateKeySecretRef:
+ name: cluster-issuer-letsencrypt-prod-account-key
+ solvers:
+ - selector: {}
+ http01:
+ ingress:
+ class: nginx
+---
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+ name: letsencrypt-staging-dns
+ namespace: cert-manager
+spec:
+ acme:
+ # server: https://acme-v02.api.letsencrypt.org/directory
+ server: https://acme-staging-v02.api.letsencrypt.org/directory
+ email: giolekva@gmail.com
+ privateKeySecretRef:
+ name: cluster-issuer-letsencrypt-staginig-dns-account-key
+ solvers:
+ - dns01:
+ webhook:
+ groupName: acme.bwolf.me
+ solverName: gandi
+ config:
+ apiKeySecretRef:
+ key: api-token
+ name: gandi-credentials
+---
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+ name: letsencrypt-prod-dns
+ namespace: cert-manager
+spec:
+ acme:
+ server: https://acme-v02.api.letsencrypt.org/directory
+ email: giolekva@gmail.com
+ privateKeySecretRef:
+ name: cluster-issuer-letsencrypt-prod-dns-account-key
+ solvers:
+ - dns01:
+ webhook:
+ groupName: acme.bwolf.me
+ solverName: gandi
+ config:
+ apiKeySecretRef:
+ key: api-token
+ name: gandi-credentials
+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+ name: wildcard-lekva.me
+ namespace: ingress-nginx
+spec:
+ dnsNames:
+ - '*.lekva.me'
+ issuerRef:
+ name: letsencrypt-prod-dns
+ kind: ClusterIssuer
+ secretName: cert-wildcard.lekva.me