mthomson/fleet-infra
1
0
Fork 0
mirror of https://github.com/michaelthomson0797/fleet-infra.git synced 2026-02-04 04:59:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

move all certs to automatic issuer

Browse Source
This commit is contained in:
Michael Thomson
2025-12-18 06:17:35 -05:00
parent f1d0cbeedd
commit 27c6abb459
27 changed files with 49 additions and 86 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
apps/media/bazarr/ingress.yaml
View File

@@ -4,6 +4,7 @@ metadata:
name: bazarr
namespace: media
annotations:
cert-manager.io/cluster-issuer: "letsencrypt-prod"
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.tls: "true"
# traefik.ingress.kubernetes.io/router.middlewares: authentik-bazarr@kubernetescrd
@@ -22,4 +23,4 @@ spec:
tls:
- hosts:
- bazarr.michaelthomson.dev
secretName: letsencrypt-wildcard-cert-michaelthomson.dev
secretName: bazarr-tls

3
apps/media/jellyfin/ingress.yaml
View File

@@ -4,6 +4,7 @@ metadata:
name: jellyfin
namespace: media
annotations:
cert-manager.io/cluster-issuer: "letsencrypt-prod"
external-dns.alpha.kubernetes.io/target: michaelthomson.ddns.net
external-dns.alpha.kubernetes.io/cloudflare-proxied: "true"
traefik.ingress.kubernetes.io/router.entrypoints: websecure
@@ -23,4 +24,4 @@ spec:
tls:
- hosts:
- jellyfin.michaelthomson.dev
secretName: letsencrypt-wildcard-cert-michaelthomson.dev
secretName: jellyfin-tls

3
apps/media/jellyseerr/ingress.yaml
View File

@@ -4,6 +4,7 @@ metadata:
name: jellyseerr
namespace: media
annotations:
cert-manager.io/cluster-issuer: "letsencrypt-prod"
external-dns.alpha.kubernetes.io/target: michaelthomson.ddns.net
external-dns.alpha.kubernetes.io/cloudflare-proxied: "true"
traefik.ingress.kubernetes.io/router.entrypoints: websecure
@@ -23,4 +24,4 @@ spec:
tls:
- hosts:
- jellyseerr.michaelthomson.dev
secretName: letsencrypt-wildcard-cert-michaelthomson.dev
secretName: jellyseerr-tls

3
apps/media/prowlarr/ingress.yaml
View File

@@ -4,6 +4,7 @@ metadata:
name: prowlarr
namespace: media
annotations:
cert-manager.io/cluster-issuer: "letsencrypt-prod"
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.tls: "true"
# traefik.ingress.kubernetes.io/router.middlewares: authentik-prowlarr@kubernetescrd
@@ -22,4 +23,4 @@ spec:
tls:
- hosts:
- prowlarr.michaelthomson.dev
secretName: letsencrypt-wildcard-cert-michaelthomson.dev
secretName: prowlarr-tls

3
apps/media/radarr/ingress.yaml
View File

@@ -4,6 +4,7 @@ metadata:
name: radarr
namespace: media
annotations:
cert-manager.io/cluster-issuer: "letsencrypt-prod"
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.tls: "true"
# traefik.ingress.kubernetes.io/router.middlewares: authentik-radarr@kubernetescrd
@@ -22,4 +23,4 @@ spec:
tls:
- hosts:
- radarr.michaelthomson.dev
secretName: letsencrypt-wildcard-cert-michaelthomson.dev
secretName: radarr-tls

3
apps/media/sabnzbd/ingress.yaml
View File

@@ -4,6 +4,7 @@ metadata:
name: sabnzbd
namespace: media
annotations:
cert-manager.io/cluster-issuer: "letsencrypt-prod"
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.tls: "true"
spec:
@@ -21,4 +22,4 @@ spec:
tls:
- hosts:
- sabnzbd.michaelthomson.dev
secretName: letsencrypt-wildcard-cert-michaelthomson.dev
secretName: sabnzbd-tls

3
apps/media/sonarr/ingress.yaml
View File

@@ -4,6 +4,7 @@ metadata:
name: sonarr
namespace: media
annotations:
cert-manager.io/cluster-issuer: "letsencrypt-prod"
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.tls: "true"
# traefik.ingress.kubernetes.io/router.middlewares: authentik-sonarr@kubernetescrd
@@ -22,4 +23,4 @@ spec:
tls:
- hosts:
- sonarr.michaelthomson.dev
secretName: letsencrypt-wildcard-cert-michaelthomson.dev
secretName: sonarr-tls