mthomson/fleet-infra
1
0
Fork 0
mirror of https://github.com/michaelthomson0797/fleet-infra.git synced 2026-02-04 04:59:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

move issuer to configs

Browse Source
This commit is contained in:
Michael Thomson
2025-12-18 06:12:31 -05:00
parent 8f4c2dc1b3
commit f1d0cbeedd
5 changed files with 28 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
infrastructure/controllers/cert-manager/certificate-wildcard-cert-letsencrypt-prod.yaml → infrastructure/configs/cert-manager/certificate-wildcard-cert-letsencrypt-prod.yaml
View File

2
infrastructure/controllers/cert-manager/cluster-issuer-letsencrypt-prod.yaml → infrastructure/configs/cert-manager/cluster-issuer-letsencrypt-prod.yaml
View File

@@ -7,7 +7,7 @@ spec:
email: michael@michaelthomson.dev email: michael@michaelthomson.dev
server: https://acme-v02.api.letsencrypt.org/directory server: https://acme-v02.api.letsencrypt.org/directory
privateKeySecretRef: privateKeySecretRef:
name: letsencrypt-staging name: letsencrypt-prod
solvers: solvers:
- selector: - selector:
dnsZones: dnsZones:

25
infrastructure/configs/longhorn/ingress.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: longhorn
namespace: longhorn-system
annotations:
cert-manager.io/cluster-issuer: "letsencrypt-prod"
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.tls: "true"
spec:
rules:
- host: longhorn.michaelthomson.dev
http:
paths:
- backend:
service:
name: longhorn-frontend
port:
number: 80
path: /
pathType: ImplementationSpecific
tls:
- hosts:
- longhorn.michaelthomson.dev
secretName: longhorn-tls

10
infrastructure/controllers/longhorn/release.yaml
View File

@@ -32,12 +32,4 @@ spec:
restoreVolumeRecurringJobs: true restoreVolumeRecurringJobs: true
ingress: ingress:
enabled: true enabled: false
ingressClassName: traefik
host: longhorn.michaelthomson.dev
tls: true
secureBackends: true
tlsSecret: letsencrypt-wildcard-cert-michaelthomson.dev
annotations:
traefik.ingress.kubernetes.io/router.tls: "true"
traefik.ingress.kubernetes.io/router.entrypoints: websecure

8
infrastructure/controllers/traefik/release.yaml
View File

@@ -19,13 +19,7 @@ spec:
allowCrossNamespace: true allowCrossNamespace: true
ingressRoute: ingressRoute:
dashboard: dashboard:
enabled: true enabled: false
matchRule: Host(`server.michaelthomson.dev`)
entryPoints: ["websecure"]
tls:
secretName: letsencrypt-wildcard-cert-michaelthomson.dev
domains:
- main: server.michaelthomson.dev
ports: ports:
websecure: websecure:
transport: transport: