| 123456789101112131415161718192021222324252627282930313233343536373839404142434445 |
- apiVersion: cert-manager.io/v1
- kind: ClusterIssuer
- metadata:
- name: letsencrypt-staging
- namespace: cert-manager
- spec:
- acme:
- email: "admin@kaisers.info" # replace this
- privateKeySecretRef:
- name: "staging-issuer-account-key"
- server: "https://acme-staging-v02.api.letsencrypt.org/directory"
- solvers:
- - dns01:
- webhook:
- # This group needs to be configured when installing the helm package, otherwise the webhook won't have permission to create an ACME challenge for this API group.
- groupName: acme.kaisers.info
- solverName: hetzner
- config:
- secretName: hetzner-secret
- zoneName: kaisers.info # (Optional): When not provided the Zone will searched in Hetzner API by recursion on full domain name
- apiUrl: https://dns.hetzner.com/api/v1
- ---
- apiVersion: cert-manager.io/v1
- kind: ClusterIssuer
- metadata:
- name: letsencrypt-prod
- namespace: cert-manager
- spec:
- acme:
- email: "admin@kaisers.info" # replace this
- privateKeySecretRef:
- name: "prod-issuer-account-key"
- server: "https://acme-v02.api.letsencrypt.org/directory"
- solvers:
- - http01:
- ingress:
- class: "traefik"
- ingressTemplate:
- metadata:
- annotations:
- kubernetes.io/ingress.class: "traefik"
- traefik.ingress.kubernetes.io/router.tls: "true"
- traefik.ingress.kubernetes.io/frontend-entry-points: "https"
- traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
- #traefik.ingress.kubernetes.io/redirect-entry-point: "https"
|
