|
|
@@ -10,17 +10,15 @@ spec:
|
|
10
|
10
|
name: "staging-issuer-account-key"
|
|
11
|
11
|
server: "https://acme-staging-v02.api.letsencrypt.org/directory"
|
|
12
|
12
|
solvers:
|
|
13
|
|
- - http01:
|
|
14
|
|
- ingress:
|
|
15
|
|
- class: "traefik"
|
|
16
|
|
- ingressTemplate:
|
|
17
|
|
- metadata:
|
|
18
|
|
- annotations:
|
|
19
|
|
- kubernetes.io/ingress.class: "traefik"
|
|
20
|
|
- traefik.ingress.kubernetes.io/router.tls: "true"
|
|
21
|
|
- traefik.ingress.kubernetes.io/frontend-entry-points: "https"
|
|
22
|
|
- traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
|
|
23
|
|
- #traefik.ingress.kubernetes.io/redirect-entry-point: "https"
|
|
|
13
|
+ - dns01:
|
|
|
14
|
+ webhook:
|
|
|
15
|
+ # This group needs to be configured when installing the helm package, otherwise the webhook won't have permission to create an ACME challenge for this API group.
|
|
|
16
|
+ groupName: acme.yourdomain.tld
|
|
|
17
|
+ solverName: hetzner
|
|
|
18
|
+ config:
|
|
|
19
|
+ secretName: hetzner-secret
|
|
|
20
|
+ zoneName: kaisers.info # (Optional): When not provided the Zone will searched in Hetzner API by recursion on full domain name
|
|
|
21
|
+ apiUrl: https://dns.hetzner.com/api/v1
|
|
24
|
22
|
---
|
|
25
|
23
|
apiVersion: cert-manager.io/v1
|
|
26
|
24
|
kind: ClusterIssuer
|
Simon Kaiser
3 роки тому