From 1b01d35c8dbfd65a964a3ff7dccc46979e65412f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Wolfgang=20Hu=C3=9F?= Date: Sun, 13 Dec 2020 15:18:17 +0100 Subject: [PATCH] Refactor ingress.yaml(s) and issuer.yaml(S) --- deployment/digital-ocean/https/README.md | 2 +- .../digital-ocean/https/templates/ingress.template.yaml | 2 +- .../digital-ocean/https/templates/issuer.template.yaml | 8 ++++---- ...{letsencrypt-develop.yaml => letsencrypt-testing.yaml} | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) rename deployment/helm/ocelot.social/templates/cluster-issuers/{letsencrypt-develop.yaml => letsencrypt-testing.yaml} (90%) diff --git a/deployment/digital-ocean/https/README.md b/deployment/digital-ocean/https/README.md index 932ed52d0..73b68a548 100644 --- a/deployment/digital-ocean/https/README.md +++ b/deployment/digital-ocean/https/README.md @@ -74,7 +74,7 @@ $ kubectl describe -n ocelot-social certificate tls $ kubectl describe -n ocelot-social secret tls ``` -If everything looks good, update the issuer of your ingress. Change the annotation `certmanager.k8s.io/issuer` from `letsencrypt-develop` to `letsencrypt-production` in your ingress configuration in `ingress.yaml`. +If everything looks good, update the issuer of your ingress. Change the annotation `certmanager.k8s.io/issuer` from `letsencrypt-testing` (in the cert-manager docs named `letsencrypt-staging`) to `letsencrypt-production` in your ingress configuration in `ingress.yaml`. ```bash # in folder deployment/digital-ocean/https/ diff --git a/deployment/digital-ocean/https/templates/ingress.template.yaml b/deployment/digital-ocean/https/templates/ingress.template.yaml index 16721c0f9..a910b2b9a 100644 --- a/deployment/digital-ocean/https/templates/ingress.template.yaml +++ b/deployment/digital-ocean/https/templates/ingress.template.yaml @@ -5,7 +5,7 @@ metadata: namespace: ocelot-social annotations: kubernetes.io/ingress.class: "nginx" - certmanager.k8s.io/issuer: "letsencrypt-develop" + certmanager.k8s.io/issuer: "letsencrypt-testing" certmanager.k8s.io/acme-challenge-type: http01 nginx.ingress.kubernetes.io/proxy-body-size: 6m spec: diff --git a/deployment/digital-ocean/https/templates/issuer.template.yaml b/deployment/digital-ocean/https/templates/issuer.template.yaml index 785b083ff..cff332162 100644 --- a/deployment/digital-ocean/https/templates/issuer.template.yaml +++ b/deployment/digital-ocean/https/templates/issuer.template.yaml @@ -2,17 +2,17 @@ apiVersion: certmanager.k8s.io/v1alpha1 kind: Issuer metadata: - name: letsencrypt-develop + name: letsencrypt-testing namespace: ocelot-social spec: acme: # The ACME server URL server: https://acme-staging-v02.api.letsencrypt.org/directory # Email address used for ACME registration - email: user@example.com + email: devops@ocelot.social # Name of a secret used to store the ACME account private key privateKeySecretRef: - name: letsencrypt-develop + name: letsencrypt-testing # Enable the HTTP-01 challenge provider http01: {} --- @@ -26,7 +26,7 @@ # The ACME server URL server: https://acme-v02.api.letsencrypt.org/directory # Email address used for ACME registration - email: user@example.com + email: devops@ocelot.social # Name of a secret used to store the ACME account private key privateKeySecretRef: name: letsencrypt-production diff --git a/deployment/helm/ocelot.social/templates/cluster-issuers/letsencrypt-develop.yaml b/deployment/helm/ocelot.social/templates/cluster-issuers/letsencrypt-testing.yaml similarity index 90% rename from deployment/helm/ocelot.social/templates/cluster-issuers/letsencrypt-develop.yaml rename to deployment/helm/ocelot.social/templates/cluster-issuers/letsencrypt-testing.yaml index d469fee83..b5eef1f71 100644 --- a/deployment/helm/ocelot.social/templates/cluster-issuers/letsencrypt-develop.yaml +++ b/deployment/helm/ocelot.social/templates/cluster-issuers/letsencrypt-testing.yaml @@ -1,7 +1,7 @@ apiVersion: cert-manager.io/v1alpha2 kind: ClusterIssuer metadata: - name: letsencrypt-develop + name: letsencrypt-testing labels: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} @@ -13,7 +13,7 @@ spec: server: https://acme-staging-v02.api.letsencrypt.org/directory email: {{ .Values.supportEmail }} privateKeySecretRef: - name: letsencrypt-develop + name: letsencrypt-testing solvers: - http01: ingress: