Installer: certificate issuer

commit: f15d5a342e8c6a101f05392365164c5afefd811e [log] [tgz]
author: giolekva <giolekva@gmail.com> Sat Nov 06 16:42:58 2021 +0400
committer: giolekva <giolekva@gmail.com> Sat Nov 06 16:42:58 2021 +0400
tree: c7afa952077dd91845437f7c470381c2dcc3dec5
parent: 5cd321671998810692f365f9c1c715abed58621f [diff]
diff --git a/charts/certificate-issuer/Chart.yaml b/charts/certificate-issuer/Chart.yaml
new file mode 100644
index 0000000..0d06818
--- /dev/null
+++ b/charts/certificate-issuer/Chart.yaml

@@ -0,0 +1,6 @@
+apiVersion: v2
+name: certificate-issuer
+description: A Helm chart for PCloud public and private certificate issuer
+type: application
+version: 0.0.1
+appVersion: "0.0.1"

diff --git a/charts/certificate-issuer/templates/private.yaml b/charts/certificate-issuer/templates/private.yaml
new file mode 100644
index 0000000..1b5c06d
--- /dev/null
+++ b/charts/certificate-issuer/templates/private.yaml

@@ -0,0 +1,33 @@
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: {{ .Values.private.name }}-bootstrap
+  namespace: {{ .Release.Namespace }}
+spec:
+  selfSigned: {}
+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: {{ .Values.private.name }}-ca-root
+  namespace: {{ .Release.Namespace }}
+spec:
+  isCA: true
+  commonName: {{ .Values.private.name }}-ca-root
+  secretName: {{ .Values.private.name }}-ca-root
+  privateKey:
+    algorithm: ECDSA
+    size: 256
+  issuerRef:
+    name: {{ .Values.private.name }}-bootstrap
+    kind: ClusterIssuer
+    group: cert-manager.io
+---
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: {{ .Values.private.name }}
+  namespace: {{ .Release.Namespace }}
+spec:
+  ca:
+    secretName: {{ .Values.private.name }}-ca-root

diff --git a/charts/certificate-issuer/templates/public.yaml b/charts/certificate-issuer/templates/public.yaml
new file mode 100644
index 0000000..4dbf6f7
--- /dev/null
+++ b/charts/certificate-issuer/templates/public.yaml

@@ -0,0 +1,16 @@
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: {{ .Values.public.name }}
+  namespace: {{ .Release.Namespace }}
+spec:
+  acme:
+    server: {{ .Values.public.server }}
+    email: {{ .Values.public.contactEmail }}
+    privateKeySecretRef:
+      name: cluster-issuer-{{ .Values.public.name }}-account-key
+    solvers:
+    - selector: {}
+      http01:
+        ingress:
+          class: {{ .Values.public.ingressClass }}

diff --git a/charts/certificate-issuer/values.yaml b/charts/certificate-issuer/values.yaml
new file mode 100644
index 0000000..4f40083
--- /dev/null
+++ b/charts/certificate-issuer/values.yaml

@@ -0,0 +1,8 @@
+public:
+  name: letsencrypt-prod
+  server: https://acme-v02.api.letsencrypt.org/directory
+  contactEmail: admin@example.com
+  ingressClass: ingress-nginx
+private:
+  name: selfsigned-private
+
commit	f15d5a342e8c6a101f05392365164c5afefd811e	[log] [tgz]
author	giolekva <giolekva@gmail.com>	Sat Nov 06 16:42:58 2021 +0400
committer	giolekva <giolekva@gmail.com>	Sat Nov 06 16:42:58 2021 +0400
tree	c7afa952077dd91845437f7c470381c2dcc3dec5
parent	5cd321671998810692f365f9c1c715abed58621f [diff]