1cd7625220
deployment/service with socat proxy that works around my internet provider's medling into dns traffic on port 53.
62 lines
1.5 KiB
YAML
62 lines
1.5 KiB
YAML
apiVersion: helm.toolkit.fluxcd.io/v2
|
|
kind: HelmRelease
|
|
metadata:
|
|
name: cert-manager
|
|
namespace: cert-manager
|
|
spec:
|
|
interval: 1h
|
|
chart:
|
|
spec:
|
|
chart: cert-manager
|
|
version: "v1.17.2"
|
|
sourceRef:
|
|
kind: HelmRepository
|
|
name: cert-manager
|
|
namespace: flux-system
|
|
install:
|
|
createNamespace: true
|
|
crds: CreateReplace
|
|
upgrade:
|
|
crds: CreateReplace
|
|
values:
|
|
global:
|
|
logLevel: 6
|
|
crds:
|
|
enabled: false
|
|
config:
|
|
apiVersion: controller.config.cert-manager.io/v1alpha1
|
|
kind: ControllerConfiguration
|
|
enableGatewayAPI: true
|
|
prometheus:
|
|
enabled: true
|
|
extraObjects:
|
|
- |
|
|
apiVersion: cert-manager.io/v1
|
|
kind: ClusterIssuer
|
|
metadata:
|
|
name: letsencrypt-staging
|
|
spec:
|
|
acme:
|
|
server: https://acme-staging-v02.api.letsencrypt.org/directory
|
|
email: kacerr.cz+lets-encrypt@gmail.com
|
|
privateKeySecretRef:
|
|
name: letsencrypt-staging-account-key
|
|
solvers:
|
|
- http01:
|
|
ingress:
|
|
ingressClassName: nginx
|
|
- |
|
|
apiVersion: cert-manager.io/v1
|
|
kind: ClusterIssuer
|
|
metadata:
|
|
name: letsencrypt-prod
|
|
spec:
|
|
acme:
|
|
server: https://acme-v02.api.letsencrypt.org/directory
|
|
email: kacerr.cz+lets-encrypt@gmail.com
|
|
privateKeySecretRef:
|
|
name: letsencrypt-prod-account-key
|
|
solvers:
|
|
- http01:
|
|
ingress:
|
|
ingressClassName: nginx |